| AIOS-02-080017 - Apple iOS must implement the management setting: Encrypt iTunes backups. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-02-090103 - Apple iOS device must have the latest available iOS operating system installed. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-13-999999 - All Apple iOS/iPadOS 13 installations must be removed. | AirWatch - DISA Apple iOS/iPadOS 13 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-14-999999 - All Apple iOS/iPadOS 14 installations must be removed. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-999999 - All Apple iOS/iPadOS 15 installations must be removed. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-010400 - Apple iOS/iPadOS 16 must require a valid password be successfully entered before the mobile device data is unencrypted. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-006950 - Apple iOS/iPadOS 17 must be configured to enforce a passcode reuse prohibition of at least two generations. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-006950 - Apple iOS/iPadOS 17 must be configured to enforce a passcode reuse prohibition of at least two generations. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-710400 - Apple iOS/iPadOS 17 must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-14-100001 - The macOS system must be a supported release. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | CONFIGURATION MANAGEMENT |
| APPL-12-002070 - The macOS system must use an approved antivirus program. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
| APPL-12-999999 - The macOS system must be a supported release. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-002070 - The macOS system must use an approved antivirus program. | DISA STIG Apple macOS 13 v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ARST-ND-000470 - The Arista network device must use FIPS 140-2 approved algorithms for authentication to a cryptographic module. | DISA STIG Arista MLS EOS 4.2x NDM v2r1 | Arista | IDENTIFICATION AND AUTHENTICATION |
| ARST-ND-000490 - The Arista network device must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements. | DISA STIG Arista MLS EOS 4.2x NDM v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000160 - The Arista perimeter router must be configured to protect an enclave connected to an alternate gateway by using an inbound filter that only permits packets with destination addresses within the sites address space. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000340 - The Arista router must be configured to restrict traffic destined to itself. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000730 - The PE router must be configured to have each Virtual Routing and Forwarding (VRF) instance bound to the appropriate physical or logical interfaces to maintain traffic separation between all MPLS L3VPNs. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | CONTINGENCY PLANNING |
| ESXI-65-000999 - The version of ESXi running on the system must be a supported version. | DISA STIG VMware vSphere ESXi 6.5 v2r4 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-67-000015 - The ESXi host SSH daemon must not allow authentication using an empty password. | DISA STIG VMware vSphere 6.7 ESXi OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-67-000072 - The ESXi host must have all security patches and updates installed. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-67-000074 - The ESXi host must exclusively enable TLS 1.2 for all endpoints. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000221 The ESXi host must have all security patches and updates installed. | DISA VMware vSphere 8.0 ESXi STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| GOOG-11-010800 - Google Android 11 devices must have the latest available Google Android 11 operating system installed. | MobileIron - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-011-999999 - All Google Android 11 installations must be removed. | MobileIron - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-010800 - Android 12 devices must have the latest available Google Android 12 operating system installed. | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-010800 - Android 12 devices must have the latest available Google Android 12 operating system installed. | MobileIron - DISA Google Android 12 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-999999 - All Google Android 12 installations must be removed. | AirWatch - DISA Google Android 12 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-010800 - Android 13 devices must have the latest available Google Android 13 operating system installed. | MobileIron - DISA Google Android 13 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| JRE8-UX-000180 - The version of Oracle JRE 8 running on the system must be the most current available. | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| MD3X-00-001200 - MongoDB products must be a version supported by the vendor. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 DB | MongoDB | SYSTEM AND SERVICES ACQUISITION |
| MD4X-00-003300 - MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| MOTO-09-010800 - Motorola Android Pie devices must have the latest available Motorola Android Pie operating system installed. | MobileIron - DISA Motorola Android Pie.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTO-09-010900 - Motorola Android Pie devices must have a NIAP-validated Motorola Android Pie operating system installed. | AirWatch - DISA Motorola Android Pie.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTO-09-010900 - Motorola Android Pie devices must have a NIAP-validated Motorola Android Pie operating system installed. | AirWatch - DISA Motorola Android Pie.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTS-11-010800 - Motorola Solutions Android 11 devices must have the latest available Motorola Solutions Android 11 operating system installed. | MobileIron - DISA Motorola Solutions Android 11 COBO v1r3 | MDM | CONFIGURATION MANAGEMENT |
| SYMP-AG-000060 - Symantec ProxySG must implement security policies that enforce approved authorizations for logical access to information and system resources by employing identity-based, role-based, and/or attribute-based security policies. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | ACCESS CONTROL |
| SYMP-AG-000070 - Symantec ProxySG must restrict or block harmful or suspicious communications traffic by controlling the flow of information between interconnected networks based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic - SSL | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | ACCESS CONTROL |
| SYMP-AG-000340 - Symantec ProxySG providing user authentication intermediary services must restrict user authentication traffic to specific authentication servers - Domain exists | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000030 - Symantec ProxySG must configure Web Management Console access restrictions to authorized IP address/ranges. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | ACCESS CONTROL |
| UBTU-18-999999 - The Ubuntu operating system must be a vendor supported release. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-20-010009 - Ubuntu operating systems when booted must require authentication upon booting into single-user and maintenance modes. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | ACCESS CONTROL |
| UBTU-20-010047 - The Ubuntu operating system must not allow unattended or automatic login via SSH. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCEM-67-000999 - The version of EAM running on the system must be a supported version. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCLD-67-000034 - VAMI must implement TLS1.2 exclusively - tlsv11 | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WDNS-CM-999999 - The Windows 2012 DNS Server must be a vendor supported release. | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
| ZEBR-10-010800 - Zebra Android 10 devices must have the latest available Zebra Android 10 operating system installed. | MobileIron - DISA Zebra Android 10 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-10-999999 - All Zebra Android 10 installations must be removed. | AirWatch - DISA Zebra Android 10 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-10-999999 - All Zebra Android 10 installations must be removed. | AirWatch - DISA Zebra Android 10 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-10-999999 - All Zebra Android 10 installations must be removed. | MobileIron - DISA Zebra Android 10 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
