3.154 - The use of DES encryption suites must not be allowed for Kerberos encryption. | DISA Windows Server 2008 R2 DC STIG v1r34 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
3.154 - The use of DES encryption suites must not be allowed for Kerberos encryption. | DISA Windows 7 STIG v1r32 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
3.154 - The use of DES encryption suites must not be allowed for Kerberos encryption. | DISA Windows Server 2008 R2 MS STIG v1r33 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
AMLS-L3-000250 - The Arista Multilayer Switch must encrypt all methods of configured authentication for the OSPF routing protocol - ipv6 OSPF checks | DISA STIG Arista MLS DCS-7000 Series RTR v1r3 | Arista | |
AMLS-L3-000320 - Arista MLS must not enable the RIP routing protocol. | DISA STIG Arista MLS DCS-7000 Series RTR V1R2 | Arista | CONFIGURATION MANAGEMENT |
AMLS-NM-200825 - Arista MLS must use FIPS-compliant mechanisms for authentication to a cryptographic module - entropy source | DISA STIG Arista MLS DCS-7000 Series NDM V1R2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
AMLS-NM-200825 - Arista MLS must use FIPS-compliant mechanisms for authentication to a cryptographic module - SSH FIPS | DISA STIG Arista MLS DCS-7000 Series NDM V1R2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
ARST-ND-000470 - The Arista network device must use FIPS 140-2 approved algorithms for authentication to a cryptographic module. | DISA STIG Arista MLS EOS 4.2x NDM v2r1 | Arista | IDENTIFICATION AND AUTHENTICATION |
CASA-VN-000230 - The Cisco ASA must be configured to use FIPS-validated SHA-2 at 384 bits or higher for Internet Key Exchange (IKE) Phase 1 - IKE Phase 1. | DISA STIG Cisco ASA VPN v2r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
CD12-00-012800 - The DBMS must be configured on a platform that has a NIST certified FIPS 140-2 or 140-3 installation of OpenSSL. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
CISC-L2-000030 - The Cisco switch must authenticate all VLAN Trunk Protocol (VTP) messages with a hash function using the most secured cryptographic algorithm available. | DISA STIG Cisco NX-OS Switch L2S v2r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
CISC-RT-000040 - The Cisco router must be configured to use encryption for routing protocol authentication - OSPF | DISA STIG Cisco IOS Router RTR v1r4 | Cisco | IDENTIFICATION AND AUTHENTICATION |
CISC-RT-000040 - The Cisco switch must be configured to use encryption for routing protocol authentication - bgp | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
CISC-RT-000040 - The Cisco switch must be configured to use encryption for routing protocol authentication - is-is | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
CISC-RT-000040 - The Cisco switch must be configured to use encryption for routing protocol authentication - ospf | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
CISC-RT-000050 - The Cisco switch must be configured to authenticate all routing protocol messages using NIST-validated FIPS 198-1 message authentication code algorithm. | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
CISC-RT-000050 - The Cisco switch must be configured to authenticate all routing protocol messages using NIST-validated FIPS 198-1 message authentication code algorithm. | DISA STIG Cisco IOS Switch RTR v1r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations - ALGORITHM | DISA STIG IBM DB2 v10.5 LUW v1r4 Database | IBM_DB2DB | SYSTEM AND COMMUNICATIONS PROTECTION |
DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations - DB2COMM | DISA STIG IBM DB2 v10.5 LUW v1r4 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations - DB2COMM | DISA STIG IBM DB2 v10.5 LUW v1r4 OS Windows | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations - SSL_CIPHERSPECS | DISA STIG IBM DB2 v10.5 LUW v1r4 Database | IBM_DB2DB | SYSTEM AND COMMUNICATIONS PROTECTION |
DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations - SSL_SVC_LABEL | DISA STIG IBM DB2 v10.5 LUW v1r4 Database | IBM_DB2DB | SYSTEM AND COMMUNICATIONS PROTECTION |
DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. - DB2COMM | DISA STIG IBM DB2 v10.5 LUW v1r3 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
FGFW-ND-000255 - The FortiGate device must use FIPS 140-2 approved algorithms for authentication to a cryptographic module. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
JUEX-L2-000030 - The Juniper layer 2 switch must be configured to disable all dynamic VLAN registration protocols. | DISA Juniper EX Series Layer 2 Switch v2r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
JUEX-NM-000340 - The Juniper EX switch must be configured to use FIPS 140-2 approved algorithms for authentication to a cryptographic module. | DISA Juniper EX Series Network Device Management v2r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
JUEX-RT-000300 - The Juniper router must be configured to authenticate all routing protocol messages using NIST-validated FIPS 198-1 message authentication code algorithm. | DISA Juniper EX Series Router v2r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
JUNI-RT-000040 - The Juniper router must be configured to use encryption for routing protocol authentication - IS-IS | DISA STIG Juniper Router RTR v1r4 | Juniper | IDENTIFICATION AND AUTHENTICATION |
MYS8-00-006200 - The MySQL Database Server 8.0 must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | DISA Oracle MySQL 8.0 v2r1 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
OL08-00-010159 - The OL 8 'pam_unix.so' module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. | DISA Oracle Linux 8 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
OL08-00-010160 - The OL 8 'pam_unix.so' module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. | DISA Oracle Linux 8 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
OL08-00-010161 - OL 8 must prevent system daemons from using Kerberos for authentication. | DISA Oracle Linux 8 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
OL08-00-010163 - The krb5-server package must not be installed on OL 8. | DISA Oracle Linux 8 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
PHTN-40-000059 The Photon operating system must use mechanisms meeting the requirements of applicable federal laws, Executive orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
PPS9-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations - openssl | EDB PostgreSQL Advanced Server OS Linux Audit v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
PPS9-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations - RHEL | EDB PostgreSQL Advanced Server OS Linux Audit v1r7 | Unix | CONFIGURATION MANAGEMENT |
PPS9-00-013200 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST certified FIPS 140-2 installation of OpenSSL. | EDB PostgreSQL Advanced Server OS Linux Audit v1r7 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-010159 - The RHEL 8 pam_unix.so module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. | DISA Red Hat Enterprise Linux 8 STIG v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
RHEL-08-010160 - The RHEL 8 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. | DISA Red Hat Enterprise Linux 8 STIG v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
RHEL-08-010162 - The krb5-workstation package must not be installed on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
SLES-15-010260 - The SUSE operating system must employ FIPS 140-2 approved cryptographic hashing algorithm for system authentication (login.defs). | DISA SLES 15 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
SP13-00-000085 - SharePoint must implement required cryptographic protections using cryptographic modules complying with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance. | DISA STIG SharePoint 2013 v1r8 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
SP13-00-000145 - SharePoint must use mechanisms for authentication to a cryptographic module that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication. | DISA STIG SharePoint 2013 v1r8 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
SPLK-CL-000430 - Splunk Enterprise must use TLS 1.2 and SHA-2 or higher cryptographic algorithms. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG OS | Unix | IDENTIFICATION AND AUTHENTICATION |
SYMP-NM-000280 - Symantec ProxySG must be configured to use only FIPS 140-2 approved algorithms for authentication to a cryptographic module with any application or protocol. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
UBTU-22-611070 - Ubuntu 22.04 LTS must encrypt all stored passwords with a FIPS 140-3-approved cryptographic hashing algorithm. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
VCLD-70-000056 - VAMI must enable FIPS mode. | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
WN11-CC-000052 - Windows 11 must be configured to prioritize ECC Curves with longer key lengths first. | DISA Windows 11 STIG v2r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
WN11-SO-000190 - Kerberos encryption types must be configured to prevent the use of DES and RC4 encryption suites. | DISA Windows 11 STIG v2r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
WN22-SO-000290 - Windows Server 2022 Kerberos encryption types must be configured to prevent the use of DES and RC4 encryption suites. | DISA Windows Server 2022 STIG v2r1 | Windows | IDENTIFICATION AND AUTHENTICATION |