| AMLS-NM-000240 - The Arista Multilayer Switch must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements. | DISA STIG Arista MLS DCS-7000 Series NDM v1r4 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-13-000720 - The macOS system must be configured with the SSH daemon ClientAliveInterval option set to 900 or less. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-13-000721 - The macOS system must be configured with the SSH daemon ClientAliveCountMax option set to 0. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-13-000722 - The macOS system must be configured with the SSH daemon LoginGraceTime set to 30 or less. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-14-000052 - The macOS system must be configured with the SSH daemon ClientAliveCountMax option set to 0. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-14-000053 - The macOS system must be configured with the SSH daemon LoginGraceTime set to 30 or less. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-15-000051 - The macOS system must be configured with the SSH daemon ClientAliveInterval option set to 900 or less. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-15-000052 - The macOS system must be configured with the SSH daemon ClientAliveCountMax option set to 0. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-15-000053 - The macOS system must be configured with the SSH daemon LoginGraceTime set to 30 or less. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Limit SSHD to FIPS 140 Validated Ciphers | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Limit SSHD to FIPS 140 Validated Message Authentication Code Algorithms | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000720 - The Cisco router must be configured to terminate all network connections associated with device management after five minutes of inactivity. | DISA STIG Cisco IOS XE Router NDM v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000720 - The Cisco router must be configured to terminate all network connections associated with device management after five minutes of inactivity. | DISA STIG Cisco IOS-XR Router NDM v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000720 - The Cisco router must be configured to terminate all network connections associated with device management after five minutes of inactivity. | DISA STIG Cisco IOS Router NDM v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000720 - The Cisco switch must be configured to terminate all network connections associated with device management after five minutes of inactivity. | DISA STIG Cisco IOS Switch NDM v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000720 - The Cisco switch must be configured to terminate all network connections associated with device management after five minutes of inactivity. | DISA STIG Cisco IOS XE Switch NDM v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000720 - The Cisco switch must be configured to terminate all network connections associated with device management after five minutes of inactivity. | DISA STIG Cisco NX-OS Switch NDM v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-65-000041 - The ESXi host must set a timeout to automatically disable idle sessions after 10 minutes. | DISA STIG VMware vSphere ESXi 6.5 v2r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-65-000042 - The ESXi host must terminate shell services after 10 minutes. | DISA STIG VMware vSphere ESXi 6.5 v2r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-65-000043 - The ESXi host must logout of the console UI after 10 minutes. | DISA STIG VMware vSphere ESXi 6.5 v2r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-ND-000710 - The Juniper router must be configured to terminate all network connections associated with device management after five minutes of inactivity. | DISA STIG Juniper Router NDM v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-AG-000105 - The Juniper SRX Services Gateway Firewall must terminate all communications sessions associated with user traffic after 15 minutes or less of inactivity. | DISA Juniper SRX Services Gateway ALG v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-DM-000156 - The Juniper SRX Services Gateway must terminate a device management session after 10 minutes of inactivity, except to fulfill documented and validated mission requirements. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-DM-000157 - The Juniper SRX Services Gateway must terminate a device management session if the keep-alive count is exceeded. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-VN-000022 - The Juniper SRX Services Gateway VPN must terminate all network connections associated with a communications session at the end of the session. | DISA Juniper SRX Services Gateway VPN v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-040160 - The Oracle Linux operating system must be configured so that all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements. | DISA Oracle Linux 7 STIG v2r14 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-040320 - The Oracle Linux operating system must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-040340 - The Oracle Linux operating system must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive. | DISA Oracle Linux 7 STIG v2r14 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PANW-AG-000052 - The Palo Alto Networks security platform must terminate communications sessions after 15 minutes of inactivity. | DISA STIG Palo Alto ALG v3r1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| PANW-NM-000069 - The Palo Alto Networks security platform must terminate management sessions after 10 minutes of inactivity except to fulfill documented and validated mission requirements. | DISA STIG Palo Alto NDM v3r1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-06-000230 - The SSH daemon must set a timeout interval on idle sessions. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-040160 - The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-040320 - The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-040380 - The operating system must terminate the network connection associated with a communications session at the end of the session or after 10 minutes of inactivity. | DISA STIG Solaris 11 X86 v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-040380 - The operating system must terminate the network connection associated with a communications session at the end of the session or after 10 minutes of inactivity. | DISA STIG Solaris 11 SPARC v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-050460 - The operating system must terminate all sessions and network connections when nonlocal maintenance is completed. | DISA STIG Solaris 11 X86 v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-050460 - The operating system must terminate all sessions and network connections when nonlocal maintenance is completed. | DISA STIG Solaris 11 SPARC v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SRG-OS-000163-ESXI5 - The operating system must terminate the network connection associated with a communications session at the end of the session or after an organization-defined time period of inactivity. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCSA-70-000089 - The vCenter Server must terminate vSphere Client sessions after 10 minutes of inactivity. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCSA-80-000089 The vCenter Server must terminate vSphere Client sessions after 15 minutes of inactivity. | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCWN-65-000002 - The vCenter Server for Windows must not automatically refresh client sessions. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCWN-65-000004 - The vCenter Server for Windows must terminate management sessions after 10 minutes of inactivity. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000210 - Oracle WebLogic must terminate the network connection associated with a communications session at the end of the session or after a DoD-defined time period of inactivity. | Oracle WebLogic Server 12c Linux v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000210 - Oracle WebLogic must terminate the network connection associated with a communications session at the end of the session or after a DoD-defined time period of inactivity. | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000210 - Oracle WebLogic must terminate the network connection associated with a communications session at the end of the session or after a DoD-defined time period of inactivity. | Oracle WebLogic Server 12c Windows v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-AD-000014-DC - The directory service must be configured to terminate LDAP-based network connections to the directory server after five (5) minutes of inactivity. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000034 - Users must be forcibly disconnected when their logon hours expire. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000034 - Users must be forcibly disconnected when their logon hours expire. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000066 - The system must be configured to force users to log off when their allowed logon hours expire. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN16-DC-000160 - The directory service must be configured to terminate LDAP-based network connections to the directory server after 5 minutes of inactivity. | DISA Windows Server 2016 STIG v2r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
