Item Search

NameAudit NamePluginCategory
1.2.5 Set 'access-class' for 'line vty'CIS Cisco IOS 12 L1 v4.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.4.1 Enable loggingCIS Cisco IOS XR 7.x v1.0.0 L1Cisco

AUDIT AND ACCOUNTABILITY

1.5.6 Do not Configure a Read Write SNMP Community StringCIS Cisco NX-OS L2 v1.1.0Cisco

CONFIGURATION MANAGEMENT, MAINTENANCE

2.1.1.1.2 Set the 'ip domain-name'CIS Cisco IOS XE 17.x v2.1.0 L1Cisco

CONFIGURATION MANAGEMENT

2.1.1.1.2 Set the 'ip domain-name'CIS Cisco IOS XE 16.x v2.1.0 L1Cisco

CONFIGURATION MANAGEMENT

2.2.1 Set 'logging enable'CIS Cisco IOS XE 17.x v2.1.0 L1Cisco

AUDIT AND ACCOUNTABILITY

2.2.1 Set 'logging enable'CIS Cisco IOS XE 16.x v2.1.0 L1Cisco

AUDIT AND ACCOUNTABILITY

3.2.1.1 Configure RA GuardCIS Cisco NX-OS L1 v1.1.0Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AMLS-L3-000100 - The Arista Multilayer Switch must enforce approved authorizations for controlling the flow of information between interconnected networks in accordance with applicable policy.DISA STIG Arista MLS DCS-7000 Series RTR v1r4Arista

ACCESS CONTROL

AMLS-L3-000150 - The Arista Multilayer Switch must protect an enclave connected to an Alternate Gateway by using an inbound filter that only permits packets with destination addresses within the sites address space.DISA STIG Arista MLS DCS-7000 Series RTR v1r4Arista

ACCESS CONTROL

AMLS-L3-000160 - If Border Gateway Protocol (BGP) is enabled on The Arista Multilayer Switch, The Arista Multilayer Switch must not be a BGP peer with a router from an Autonomous System belonging to any Alternate Gateway.DISA STIG Arista MLS DCS-7000 Series RTR v1r4Arista

ACCESS CONTROL

AMLS-L3-000250 - Check for ipv6 OSPF authentication ipsec spiDISA STIG Arista MLS DCS-7000 Series RTR v1r4Arista
AMLS-L3-000270 - The Arista Multilayer Switch must manage excess bandwidth to limit the effects of packet flooding types of denial of service (DoS) attacks - DoS attacks.DISA STIG Arista MLS DCS-7000 Series RTR v1r4Arista

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-L2-000050 - The Arista MLS switch must have Root Guard enabled on all switch ports connecting to access layer switches and hosts.DISA STIG Arista MLS EOS 4.2x L2S v2r1Arista

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-L2-000170 - The Arista MLS layer 2 switch must have all disabled switch ports assigned to an unused VLAN.DISA STIG Arista MLS EOS 4.2x L2S v2r1Arista

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-L2-000180 - The Arista MLS layer 2 switch must not have the default VLAN assigned to any host-facing switch ports.DISA STIG Arista MLS EOS 4.2x L2S v2r1Arista

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-L2-000210 - The Arista MLS layer 2 switch must have all user-facing or untrusted ports configured as access switch ports.DISA STIG Arista MLS EOS 4.2x L2S v2r1Arista

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-ND-000010 - The Arista network device must limit the number of concurrent sessions to an organization-defined number for each administrator account and/or administrator account type.DISA STIG Arista MLS EOS 4.2x NDM v2r1Arista

ACCESS CONTROL

ARST-ND-000340 - The Arista network device must be configured to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services.DISA STIG Arista MLS EOS 4.2x NDM v2r1Arista

CONFIGURATION MANAGEMENT

ARST-ND-000380 - The Arista network device must enforce a minimum 15-character password length.DISA STIG Arista MLS EOS 4.2x NDM v2r1Arista

IDENTIFICATION AND AUTHENTICATION

ARST-ND-000490 - The Arista network device must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.DISA STIG Arista MLS EOS 4.2x NDM v2r1Arista

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-ND-000600 - The Arista network device must be configured to synchronize internal system clocks using redundant authenticated time sources.DISA STIG Arista MLS EOS 4.2x NDM v2r1Arista

AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

ARST-RT-000160 - The Arista perimeter router must be configured to protect an enclave connected to an alternate gateway by using an inbound filter that only permits packets with destination addresses within the sites address space.DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

ACCESS CONTROL

CIS_Cisco_Firewall_v8.x_Level_1_v4.2.0.audit for Cisco ASA 8 from CIS Cisco Firewall v8.x Benchmark v4.2.0CIS Cisco Firewall v8.x L1 v4.2.0Cisco
CIS_Cisco_Firewall_v8.x_Level_1_v4.2.0.audit for Cisco Firewall v8.x from CIS Cisco Firewall v8.x Benchmark v4.2.0CIS Cisco Firewall v8.x L1 v4.2.0Cisco
CIS_Cisco_IOS_12_v4.0.0_Level_1.audit for Cisco IOS 12 from CIS Cisco IOS 12 Benchmark v4.0.0CIS Cisco IOS 12 L1 v4.0.0Cisco
CIS_Cisco_IOS_12_v4.0.0_Level_2.audit for Cisco IOS 12 from CIS Cisco IOS 12 Benchmark v4.0.0CIS Cisco IOS 12 L2 v4.0.0Cisco
CIS_Cisco_IOS_15_v4.1.1_Level_1.audit from CIS Cisco IOS 15 BenchmarkCIS Cisco IOS 15 L1 v4.1.1Cisco
CIS_Cisco_IOS_15_v4.1.1_Level_2.audit from CIS Cisco IOS 15 BenchmarkCIS Cisco IOS 15 L2 v4.1.1Cisco
CIS_v4.1.0_Cisco_Firewall_ASA_9_Level_1.audit for Cisco ASA 9 from CIS Cisco Firewall Benchmark v4.1.0CIS Cisco Firewall ASA 9 L1 v4.1.0Cisco
CISC-RT-000280 - The Cisco perimeter router must be configured to protect an enclave connected to an alternate gateway by using an inbound filter that only permits packets with destination addresses within the sites address space.DISA STIG Cisco IOS Router RTR v3r2Cisco

ACCESS CONTROL

CISC-RT-000370 - The Cisco perimeter router must be configured to have Cisco Discovery Protocol (CDP) disabled on all external interfaces.DISA STIG Cisco IOS Router RTR v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000370 - The Cisco perimeter router must be configured to have Cisco Discovery Protocol (CDP) disabled on all external interfaces.DISA STIG Cisco IOS-XR Router RTR v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000370 - The Cisco perimeter router must be configured to have Cisco Discovery Protocol (CDP) disabled on all external interfaces.DISA STIG Cisco IOS XE Router RTR v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000390 - The Cisco perimeter router must be configured to block all outbound management traffic.DISA STIG Cisco IOS Router RTR v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000392 - The Cisco perimeter router must be configured to drop IPv6 undetermined transport packets.DISA STIG Cisco IOS XE Router RTR v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

DG0152-ORACLE11 - DBMS network communications should comply with PPS usage restrictions - 'Connection Manager is running on approved ports'DISA STIG Oracle 11 Installation v9r1 LinuxUnix

CONFIGURATION MANAGEMENT

DG0152-ORACLE11 - DBMS network communications should comply with PPS usage restrictions - 'Oracle listeners are running on approved ports'DISA STIG Oracle 11 Installation v9r1 LinuxUnix

CONFIGURATION MANAGEMENT

DG0152-ORACLE11 - DBMS network communications should comply with PPS usage restrictions - PORT = 1521, 1575, 1830, 2481, 2482, 2483 or 2484' - cman.oraDISA STIG Oracle 11 Installation v9r1 WindowsWindows

CONFIGURATION MANAGEMENT

DG0152-ORACLE11 - DBMS network communications should comply with PPS usage restrictions - PORT = 1521, 1575, 1830, 2481, 2482, 2483 or 2484' - listener.oraDISA STIG Oracle 11 Installation v9r1 WindowsWindows

CONFIGURATION MANAGEMENT

F5BI-AP-000231 - The F5 BIG-IP appliance must be configured to deny access when revocation data is unavailable using OCSP.DISA F5 BIG-IP Access Policy Manager STIG v2r3F5

IDENTIFICATION AND AUTHENTICATION

JUEX-RT-000170 - The Juniper perimeter router must be configured to protect an enclave connected to an alternate gateway by using an inbound filter that only permits packets with destination addresses within the site's address space.DISA Juniper EX Series Router v2r1Juniper

ACCESS CONTROL

JUNI-RT-000280 - The Juniper perimeter router must be configured to protect an enclave connected to an alternate gateway by using an inbound filter that only permits packets with destination addresses within the sites address space.DISA STIG Juniper Router RTR v3r1Juniper

ACCESS CONTROL

Management interfaceArubaOS CX 10.x Hardening Guide v1.0.0ArubaOS

SYSTEM AND COMMUNICATIONS PROTECTION

Time synchronization - ntp authenticationArubaOS Switch 16.x Hardening Guide v1.0.0ArubaOS

AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

Time synchronization - ntp authenticationArubaOS CX 10.x Hardening Guide v1.0.0ArubaOS

AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

Time synchronization - ntp authentication-keyArubaOS CX 10.x Hardening Guide v1.0.0ArubaOS

AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

Time synchronization - ntp serverArubaOS CX 10.x Hardening Guide v1.0.0ArubaOS

AUDIT AND ACCOUNTABILITY

Time synchronization - ntp vrfArubaOS CX 10.x Hardening Guide v1.0.0ArubaOS

AUDIT AND ACCOUNTABILITY

vNetwork : label-vswitchesVMWare vSphere 5.X Hardening GuideVMware