NET-IPV6-064 - Not filtering undefined option type - Inbound ACL | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-IPV6-066 - 6-to-4 router not filtering invalid source address - 'ipv6 traffic-filter IPV6_EGRESS_ACL in' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-MCAST-009 - No administrative scoped multicast boundary - ip access-list standard - 'permit 224' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-MCAST-010 - No Admin-local or Site-local boundary - ip access-list standard - 'deny 239' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-TUNL-001 - Drop IPv4 and IPv6 packets with outdated protocols - 'deny tcp any any eq 1723' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-TUNL-001 - Drop IPv4 and IPv6 packets with outdated protocols - 'IPv4 deny 94 any any' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-TUNL-001 - Drop IPv4 and IPv6 packets with outdated protocols - 'IPv4 deny udp any any eq 1723' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-TUNL-002 - Tunneled packets are not filtered | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
NET-TUNL-004 - Tunnel end-points are not verified by filters | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
NET-TUNL-019 - Ingress filter does not filter protocol 41 - 'access-list IPV4_UPLINK_INGRESS_ACL deny 41)' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-TUNL-034 - L2TPv3 sessions are not authenticated - authentication check | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | CONFIGURATION MANAGEMENT |
NET0240 - Devices exist with standard default passwords | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
NET0400 - Interior routing protocols are not authenticated - 'EIGRP (Interface Check - authentication mode)' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0400 - Interior routing protocols are not authenticated - 'IS-IS (Router Check - authentication mode)' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0400 - Interior routing protocols are not authenticated - 'OSPFv2 (Interface Check)' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0400 - Interior routing protocols are not authenticated - 'OSPFv2 (Router Check)' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0400 - Interior routing protocols are not authenticated - 'RIP Check' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
NET0408 - BGP must authenticate all peers | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0410 - BGP sessions are not restricted. 'Interface Access-Group Applied' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0412 - Unique keys are not used for eBGP authentication | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
NET0422 - Keys expiration exceeds 180 days. | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0425 - An Infinite Lifetime key has not been implemented - 'Ensure rotating keys are not set to send-lifetime infinite' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0440 - More than one local account is defined | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
NET0441 - Emergency account privilege level is not set | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0460 - Group accounts are defined | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
NET0465 - Authorized accounts must be assigned the least privilege level necessary to perform assigned duties. | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
NET0720 - TCP and UDP small server services are not disabled - 'service tcp-small-servers' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | CONFIGURATION MANAGEMENT |
NET0724 - TCP Keep-Alives must be enabled | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0726 - Identification support is enabled. | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | CONFIGURATION MANAGEMENT |
NET0728 - DHCP service is not disabled on premise | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | CONFIGURATION MANAGEMENT |
NET0760 - Configuration auto-loading must be disabled - 'book network' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
NET0760 - Configuration auto-loading must be disabled - 'service config' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
NET0790 - IP directed broadcast is not disabled. | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0812 - Two NTP servers are not used to synchronize time - 'First NTP Server' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | AUDIT AND ACCOUNTABILITY |
NET0812 - Two NTP servers are not used to synchronize time - 'ntp multicast client MULTICAST_IP_1' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | CONFIGURATION MANAGEMENT |
NET0890 - Network devices must only allow SNMPv2 access from addresses belonging to the management network. | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0890 - Network devices must restrict SNMPv2 access to the management network. | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0890 - Network devices must restrict SNMPv3 access to the management network. | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0892 - SNMP is blocked at all external interfaces - 'deny udp 161' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0894 - Network element must only allow SNMP read access - 'community RW | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | ACCESS CONTROL |
NET0901 - Netflow traffic is not using loopback | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0911 - Inbound ICMP messages are not blocked - 'deny icmp any any log' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0911 - Inbound ICMP messages are not blocked - 'permit icmp any any packet-too-big' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0912 - Outbound ICMP messages are not blocked - 'permit icmp any any packet-too-big' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0920 - Bind ingress filters to correct interface | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0965 - Devices not configured to filter and drop half-open connections | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0991 - The OOBM interface not configured correctly | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0992 - The management interface does not have an ACL - 'Step 1 (Ingress ACL)' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1000 - Management traffic is not blocked by egress ACL - 'access-list MGMT_EGRESS_ACL deny LOCAL_MANAGEMENT_NETWORK' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1004 - No ingress ACL on management VLAN interface | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |