| 6.11.1 Ensure Auxiliary Port is Set to Disabled | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| DISA_Apple_macOS_15_Sequoia_STIG_v1r3.audit from DISA Apple macOS 15 (Sequoia) STIG v1r3 | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | |
| DISA_Canonical_Ubuntu_24.04_LTS_STIG_v1r1.audit from DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | |
| DISA_CloudLinux_AlmaLinux_OS_9_STIG_v1r1.audit from DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | |
| DISA_IBM_WebSphere_Traditional_9_v1r1.audit for DISA IBM WebSphere Traditional 9 STIG v1r1 | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | |
| DISA_IIS_6.0_Web_Server_v6r16.audit from DISA Microsoft IIS 6.0 Server v6r16 STIG | DISA STIG IIS 6.0 Server v6r16 | Windows | |
| DISA_Microsoft_Windows_Server_2019_STIG_v3r3.audit from DISA Microsoft Windows Server 2019 STIG v3r3 | DISA Microsoft Windows Server 2019 STIG v3r3 | Windows | |
| DISA_STIG_Apache_Server-2.2_Unix_v1r11.audit from DISA Apache 2.2 Unix STIG v1r11 | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | |
| DISA_STIG_Apple_macOS_14_Sonoma_v2r2.audit from DISA Apple macOS 14 (Sonoma) v2r2 STIG | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | |
| DISA_STIG_Cisco_IOS_Switch_NDM_v3r2.audit from DISA Cisco IOS Switch NDM v3r2 STIG | DISA STIG Cisco IOS Switch NDM v3r2 | Cisco | |
| DISA_STIG_EnterpriseDB_Postgres_Advanced_Server_v2r1_OS_Linux.audit from DISA EnterpriseDB Postgres Advanced Server (EPAS) v2r1 STIG | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | |
| DISA_STIG_Google_Chrome_Windows_v2r9.audit from DISA Google Chrome Current Windows v2r9 STIG | DISA STIG Google Chrome v2r9 | Windows | |
| DISA_STIG_IIS_10.0_Web_Server_v3r2.audit from DISA Microsoft IIS 10.0 Server v3r2 STIG | DISA IIS 10.0 Server v3r2 | Windows | |
| DISA_STIG_MariaDB_Enterprise_10.x_v2r2_OS_Linux.audit from DISA MariaDB Enterprise 10.x v2r2 STIG | DISA MariaDB Enterprise 10.x v2r2 OS Linux | Unix | |
| DISA_STIG_Microsoft_Internet_Explorer_9_v1r15.audit from DISA Microsoft Internet Explorer 9 v1r15 STIG | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | |
| DISA_STIG_Microsoft_Internet_Explorer_11_v2r5.audit from DISA Microsoft Internet Explorer 11 v2r5 STIG | DISA STIG IE 11 v2r5 | Windows | |
| DISA_STIG_Microsoft_Office_System_2010_v1r13.audit from DISA Microsoft Office System 2010 v1r13 STIG | DISA STIG Office System 2010 v1r13 | Windows | |
| DISA_STIG_Microsoft_Office_System_2013_v2r2.audit from DISA Microsoft Office System 2013 v2r2 STIG | DISA STIG Microsoft Office System 2013 v2r2 | Windows | |
| DISA_STIG_Microsoft_Windows_Server_2016_v2r9.audit from DISA Microsoft Windows Server 2016 v2r9 STIG | DISA Windows Server 2016 STIG v2r9 | Windows | |
| DISA_STIG_VMware_vSphere_6.7_RhttpProxy_v1r3.audit from DISA VMware vSphere 6.7 RhttpProxy v1r3 STIG | DISA STIG VMware vSphere 6.7 RhttpProxy v1r3 | Unix | |
| DISA_STIG_VMware_vSphere_7.0_ESXi_Bare_Metal_Host_v1r3.audit from DISA VMware vSphere 7.0 ESXi v1r3 STIG | DISA STIG VMware vSphere 7.0 ESXi OS v1r3 | Unix | |
| DISA_STIG_VMware_vSphere_7.0_VAMI_v1r2.audit from DISA VMware vSphere 7.0 VAMI v1r2 STIG | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | |
| JUNI-RT-000030 - The Juniper router must be configured to use keys with a duration not exceeding 180 days for authenticating routing protocol messages. | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| JUNI-RT-000070 - The Juniper router must be configured to have all non-essential capabilities disabled - finger | DISA STIG Juniper Router RTR v3r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUNI-RT-000070 - The Juniper router must be configured to have all non-essential capabilities disabled - telnet | DISA STIG Juniper Router RTR v3r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUNI-RT-000180 - The Juniper router must be configured to have Internet Control Message Protocol (ICMP) mask reply messages disabled on all external interfaces. | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000200 - The Juniper router must be configured to log all packets that have been dropped - syslog | DISA STIG Juniper Router RTR v3r1 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUNI-RT-000240 - The Juniper perimeter router must be configured to deny network traffic by default and allow network traffic by exception. | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000310 - The Juniper perimeter router must be configured to restrict it from accepting outbound IP packets that contain an illegitimate address in the source address field via egress filter or by enabling Unicast Reverse Path Forwarding (uRPF). | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000330 - The Juniper perimeter router must be configured to filter ingress traffic at the external interface on an inbound direction. | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000360 - The Juniper perimeter router must be configured to have Link Layer Discovery Protocol (LLDP) disabled on all external interfaces - LLDP disabled on all external interfaces. | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000381 - The Juniper perimeter router must be configured to suppress Router Advertisements on all external IPv6-enabled interfaces. | DISA STIG Juniper Router RTR v3r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUNI-RT-000383 - The Juniper perimeter router must be configured to drop IPv6 packets containing a Hop-by-Hop header with invalid option type values. | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000400 - The Juniper out-of-band management (OOBM) gateway router must be configured to forward only authorized management traffic to the Network Operations Center (NOC). | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000420 - The Juniper out-of-band management (OOBM) gateway router must be configured to not redistribute routes between the management network routing domain and the managed network routing domain. | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL |
| JUNI-RT-000450 - The Juniper router providing connectivity to the NOC must be configured to forward all in-band management traffic via an IPsec tunnel - IPsec | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000460 - The Juniper BGP router must be configured to enable the Generalized TTL Security Mechanism (GTSM) - GTSM_FILTER | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000480 - The Juniper BGP router must be configured to reject inbound route advertisements for any Bogon prefixes - prefix-statement | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL |
| JUNI-RT-000490 - The Juniper BGP router must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS). | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL |
| JUNI-RT-000510 - The Juniper BGP router must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS) - bgp export | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL |
| JUNI-RT-000520 - The Juniper BGP router must be configured to reject outbound route advertisements for any prefixes belonging to the IP core. | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000530 - The Juniper BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute. | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL |
| JUNI-RT-000580 - The Juniper MPLS router must be configured to synchronize IGP and LDP to minimize packet loss when an IGP adjacency is established prior to LDP peers completing label exchange - OSPF | DISA STIG Juniper Router RTR v3r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUNI-RT-000740 - The Juniper PE router must be configured to enforce a Quality-of-Service (QoS) policy in accordance with the QoS GIG Technical Profile - class-of-service | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000770 - The Juniper PE router must be configured to enforce a Quality-of-Service (QoS) policy to limit the effects of packet flooding denial-of-service (DoS) attacks - DoS attacks. | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000790 - The Juniper multicast router must be configured to bind a Protocol Independent Multicast (PIM) neighbor filter to interfaces that have PIM enabled - policy-options prefix | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL |
| JUNI-RT-000790 - The Juniper multicast router must be configured to bind a Protocol Independent Multicast (PIM) neighbor filter to interfaces that have PIM enabled - policy-options statement | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL |
| JUNI-RT-000830 - The Juniper multicast Rendezvous Point (RP) router must be configured to filter Protocol Independent Multicast (PIM) Join messages received from the Designated Juniper router (DR) for any undesirable multicast groups - policy-options | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL |
| JUNI-RT-000850 - The Juniper multicast Designated Router (DR) must be configured to filter the Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Report messages to allow hosts to join only multicast groups that have been approved by the organization - policy-options | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000860 - The Juniper multicast Designated Router (DR) must be configured to filter the Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Report messages to allow hosts to join a multicast group only from sources that have been approved by the organization - protocols igmp | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
