| 6.11.1 Ensure Auxiliary Port is Set to Disabled | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| DISA_Apple_macOS_15_Sequoia_STIG_v1r3.audit from DISA Apple macOS 15 (Sequoia) STIG v1r3 | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | |
| DISA_Canonical_Ubuntu_24.04_LTS_STIG_v1r1.audit from DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | |
| DISA_IBM_WebSphere_Traditional_9_Windows_v1r1.audit for DISA IBM WebSphere Traditional 9 STIG v1r1 | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | |
| DISA_IIS_6.0_Web_Site_v6r16.audit from DISA Microsoft IIS 6.0 Site v6r16 STIG | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | |
| DISA_Microsoft_Windows_Server_2019_STIG_v3r3.audit from DISA Microsoft Windows Server 2019 STIG v3r3 | DISA Microsoft Windows Server 2019 STIG v3r3 | Windows | |
| DISA_STIG_Apache_Server-2.2_Unix_v1r11.audit from DISA Apache 2.2 Unix STIG v1r11 | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | |
| DISA_STIG_Cisco_IOS_Switch_L2S_v3r1.audit from DISA Cisco IOS Switch L2S v3r1 STIG | DISA STIG Cisco IOS Switch L2S v3r1 | Cisco | |
| DISA_STIG_Cisco_IOS_Switch_RTR_v3r1.audit from DISA Cisco IOS Switch RTR v3r1 STIG | DISA STIG Cisco IOS Switch RTR v3r1 | Cisco | |
| DISA_STIG_IIS_10.0_Web_Server_v2r10.audit from DISA Microsoft IIS 10.0 Server v2r10 STIG | DISA IIS 10.0 Server v2r10 | Windows | |
| DISA_STIG_IIS_10.0_Web_Site_v2r10.audit from DISA Microsoft IIS 10.0 Site v2r10 STIG | DISA IIS 10.0 Site v2r10 | Windows | |
| DISA_STIG_Microsoft_Internet_Explorer_9_v1r15.audit from DISA Microsoft Internet Explorer 9 v1r15 STIG | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | |
| DISA_STIG_Microsoft_Internet_Explorer_11_v2r5.audit from DISA Microsoft Internet Explorer 11 v2r5 STIG | DISA STIG IE 11 v2r5 | Windows | |
| DISA_STIG_Microsoft_Office_System_2010_v1r13.audit from DISA Microsoft Office System 2010 v1r13 STIG | DISA STIG Office System 2010 v1r13 | Windows | |
| DISA_STIG_Microsoft_Office_System_2013_v2r2.audit from DISA Microsoft Office System 2013 v2r2 STIG | DISA STIG Microsoft Office System 2013 v2r2 | Windows | |
| DISA_STIG_Ubuntu_20.04_LTS_v2r1.audit from DISA Canonical Ubuntu 20.04 LTS v2r1 STIG | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | |
| DISA_STIG_VMware_vSphere_6.7_RhttpProxy_v1r3.audit from DISA VMware vSphere 6.7 RhttpProxy v1r3 STIG | DISA STIG VMware vSphere 6.7 RhttpProxy v1r3 | Unix | |
| DISA_STIG_VMware_vSphere_7.0_ESXi_Bare_Metal_Host_v1r3.audit from DISA VMware vSphere 7.0 ESXi v1r3 STIG | DISA STIG VMware vSphere 7.0 ESXi OS v1r3 | Unix | |
| DISA_STIG_VMware_vSphere_7.0_VAMI_v1r2.audit from DISA VMware vSphere 7.0 VAMI v1r2 STIG | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | |
| DISA_VMware_vSphere_8.0_ESXi_STIG_v2r2.audit from DISA VMware vSphere 8.0 ESXi STIG v2r2 | DISA VMware vSphere 8.0 ESXi STIG v2r2 | Unix | |
| JUNI-ND-000100 - The Juniper router must be configured to automatically audit account modification. | DISA STIG Juniper Router NDM v3r1 | Juniper | ACCESS CONTROL |
| JUNI-ND-000250 - The Juniper router must be configured to generate audit records when successful/unsuccessful attempts to logon with access privileges occur. | DISA STIG Juniper Router NDM v3r1 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUNI-ND-000550 - The Juniper router must be configured to enforce a minimum 15-character password length. | DISA STIG Juniper Router NDM v3r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUNI-ND-000600 - The Juniper router must be configured to enforce password complexity by requiring that at least one special character be used. | DISA STIG Juniper Router NDM v3r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUNI-ND-000930 - The Juniper router must be configured to audit the execution of privileged functions. | DISA STIG Juniper Router NDM v3r1 | Juniper | ACCESS CONTROL |
| JUNI-ND-001020 - The Juniper router must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources. | DISA STIG Juniper Router NDM v3r1 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUNI-ND-001260 - The Juniper router must be configured to generate log records for privileged activities. | DISA STIG Juniper Router NDM v3r1 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUNI-ND-001300 - The Juniper router must be configured to off-load log records onto a different system than the system being audited. | DISA STIG Juniper Router NDM v3r1 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUNI-ND-001400 - The Juniper router must be configured to support organizational requirements to conduct backups of the configuration when changes occur. | DISA STIG Juniper Router NDM v3r1 | Juniper | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING |
| JUNI-ND-001460 - The Juniper router must be configured with a master password that is used to generate encrypted keys for shared secrets. | DISA STIG Juniper Router NDM v3r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUNI-RT-000010 - The Juniper router must be configured to enforce approved authorizations for controlling the flow of information within the network based on organization-defined information flow control policies. | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL |
| JUNI-RT-000020 - The Juniper router must be configured to implement message authentication for all control plane protocols - LDP | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| JUNI-RT-000020 - The Juniper router must be configured to implement message authentication for all control plane protocols - RIP key | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| JUNI-RT-000030 - The Juniper router must be configured to use keys with a duration not exceeding 180 days for authenticating routing protocol messages. | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| JUNI-RT-000070 - The Juniper router must be configured to have all non-essential capabilities disabled - finger | DISA STIG Juniper Router RTR v3r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUNI-RT-000070 - The Juniper router must be configured to have all non-essential capabilities disabled - telnet | DISA STIG Juniper Router RTR v3r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUNI-RT-000180 - The Juniper router must be configured to have Internet Control Message Protocol (ICMP) mask reply messages disabled on all external interfaces. | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000200 - The Juniper router must be configured to log all packets that have been dropped - syslog | DISA STIG Juniper Router RTR v3r1 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUNI-RT-000450 - The Juniper router providing connectivity to the NOC must be configured to forward all in-band management traffic via an IPsec tunnel - Mgmt | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000460 - The Juniper BGP router must be configured to enable the Generalized TTL Security Mechanism (GTSM) - Interfaces | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000510 - The Juniper BGP router must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS) - policy-statement | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL |
| JUNI-RT-000535 - The Juniper BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer - as-path | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL |
| JUNI-RT-000550 - The Juniper BGP router must be configured to limit the prefix size on any inbound route advertisement to /24 or the least significant prefixes issued to the customer - prefix-length-range | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000570 - The Juniper MPLS router must be configured to use its loopback address as the source address for LDP peering sessions. | DISA STIG Juniper Router RTR v3r1 | Juniper | CONTINGENCY PLANNING |
| JUNI-RT-000630 - The Juniper PE router must be configured to have each VRF with the appropriate Route Distinguisher (RD). | DISA STIG Juniper Router RTR v3r1 | Juniper | CONTINGENCY PLANNING |
| JUNI-RT-000690 - The Juniper PE router must be configured to implement Protocol Independent Multicast (PIM) snooping for each Virtual Private LAN Services (VPLS) bridge domain. | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000750 - The Juniper P router must be configured to enforce a Quality-of-Service (QoS) policy in accordance with the QoS GIG Technical Profile - QoS policy in accordance with the QoS DODIN Technical Profile. | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000780 - The Juniper multicast router must be configured to disable Protocol Independent Multicast (PIM) on all interfaces that are not required to support multicast routing. | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL |
| JUNI-RT-000810 - The Juniper multicast Rendezvous Point (RP) router must be configured to limit the multicast forwarding cache so that its resources are not saturated by managing an overwhelming number of Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP) source-active entries - suppress | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000930 - The Juniper Multicast Source Discovery Protocol (MSDP) router must be configured to limit the amount of source-active messages it accepts on per-peer basis. | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL |
