NET-IPV6-011 - Outbound ICMPv6 traffic is not blocked - 'permit icmp IPV6 Network 2000::/3 echo-request' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-IPV6-011 - Outbound ICMPv6 traffic is not blocked - 'permit icmp IPV6 Network 2000::/3 time-exceeded' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-IPV6-016 - ICMPv6 unreachable notifications and redirects must be disabled - 'no ipv6 redirects' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-IPV6-017 - IPv6 Routing Header is not blocked - 'permit type 2' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-IPV6-024 - IPv6 6-to-4 addresses are not filtered - 'Egress deny ipv6 2002::/16 any log' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-IPV6-028 - IPv6 Unspecified ADDR is not blocked - 'deny ipv6 ::/128 any log' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-IPV6-032 - IPv6 Unique Local Unicast ADDR are not blocked - 'deny ipv6 any FC00::7 log' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-IPV6-034 - IPv6 Egress Outbound Spoofing Filter - 'deny ipv6 any any log' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-IPV6-047 - IPv4 Interfaces in NAT-PT receive IPv6 | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
NET-IPV6-060 - Packet with invalid Hop-by-Hop header - Inbound ACL | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-IPV6-061 - Packet with invalid Destination Option header - Outbound ACL | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-IPV6-062 - Endpoint Identification option not filtered - Outbound ACL | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-IPV6-065 - The 6-to-4 router is not filtering protocol 41 - 'ip access-group IPV4_EGRESS_FILTER' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-MCAST-001 - PIM enabled on wrong interfaces -'ip multicast-routing' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | CONFIGURATION MANAGEMENT |
NET-MCAST-002 - PIM neighbor filter is not configured - 'ip pim neighbor-filter IP_PIM_NEIGHBORS_ACL' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-MCAST-009 - No administrative scoped multicast boundary - ip access-list standard - 'deny 239' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-MCAST-010 - No Admin-local or Site-local boundary - 'ipv6 multicast boundary scope 5' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-TUNL-001 - Drop IPv4 and IPv6 packets with outdated protocols - 'deny 42 any any' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-TUNL-001 - Drop IPv4 and IPv6 packets with outdated protocols - 'deny 94 any any' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-TUNL-001 - Drop IPv4 and IPv6 packets with outdated protocols - 'deny udp any any eq 1723' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-TUNL-001 - Drop IPv4 and IPv6 packets with outdated protocols - 'IPv4 deny 42 any any' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-VLAN-008 - A dedicated VLAN is required for all trunk ports. | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
NET0162 - AG ingress ACL is not configured to secure enclave - 'Explicit Deny ACL' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0166 - AG Network IP addresses are advertised in enclave - 'EIGRP distribute lists prefix lists' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0166 - AG Network IP addresses are advertised in enclave - 'OSPF distribute lists prefix lists' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0166 - AG Network IP addresses are advertised in enclave - 'RIP distribute lists prefix lists' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0167 - AG must adhere to PPS boundary 13 and 14 policies | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
NET0400 - Interior routing protocols are not authenticated - 'IS-IS (Key-Chain Check)' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0400 - Interior routing protocols are not authenticated - 'IS-IS Check' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
NET0400 - Interior routing protocols are not authenticated - 'RIPv2 (Interface Check - authentication key-chain)' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0425 - An Infinite Lifetime key has not been implemented - 'Third key set to accept-lifetime infinite' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0433 - The device is not authenticated using a AAA server - 'aaa new-model' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
NET0700 - Operating system is not at a current release level | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | CONFIGURATION MANAGEMENT |
NET0750 - The Bootp service is not disabled | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | CONFIGURATION MANAGEMENT |
NET0800 - Filter ICMP on external interface. - 'no ip redirects' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0813 - The network element must authenticate all NTP messages received from NTP servers and peers. | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | CONFIGURATION MANAGEMENT |
NET0992 - The management interface does not have an ACL - 'Step 3 (ip local policy route-map LOCAL_POLICY)' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0993 - The management interface is not IGP passive | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
NET1005 - No inbound ACL for mgmt network sub-interface - 'Sub-Interface Ingress ACL Permit/Deny' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
NET1006 - IPSec traffic is not restricted - 'crypto map IN_BAND_MGMT_VPN - match address IN_BAND_MGMT_VPN_ACL' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1008 - Management traffic doesn't get preferred treatment | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
NET1021 - The network element must log all messages except debugging | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | AUDIT AND ACCOUNTABILITY |
NET1637 - Management connections are not restricted - 'VTY port (access-list VTY_ACL permit VTY_AUTH_IP)' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | AUDIT AND ACCOUNTABILITY |
NET1638 - Management connections must be secured by FIPS 140-2 -'ip http secure-server' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1638 - Management connections must be secured by FIPS 140-2 -'ssh algorithm mac' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1647 - The network element must not allow SSH Version 1 | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | CONFIGURATION MANAGEMENT |
NET1807 - Management traffic is not restricted - 'access list OOBM_VPN_ACL permit' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1808 - Remote VPN end-point not a mirror of local gateway | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
SNMPv2 CONFIG IF STATEMENT | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
SNMPv2 with ACL is configured Check for ACL Configuration | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |