Detections
Analytics

DISA F5 BIG-IP Advanced Firewall Manager 11.x STIG v1r1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA F5 BIG-IP Advanced Firewall Manager 11.x STIG v1r1

Updated: 3/19/2024

Authority: DISA STIG

Plugin: F5

Revision: 1.14

Estimated Item Count: 8

File Details

Filename: DISA_F5_BIG-IP_AFM_11_V1R1.audit

Size: 19.8 kB

MD5: 0a5c4dbaba66025506b2c687800c3848
SHA256: f181d86b1a3f16206c5c0f082b04d4a11a1d99c85a60f283697738a0586c3948

Audit Items

DescriptionCategories
DISA_F5_BIG-IP_AFM_11_v1r1.audit from DISA F5 BIG-IP Advanced Firewall Manager 11.x v1r1 STIG
F5BI-AF-000005 - The BIG-IP AFM module must be configured to enforce approved authorizations for controlling the flow of information within the network based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic.

ACCESS CONTROL

F5BI-AF-000007 - The BIG-IP AFM module must be configured to restrict or block harmful or suspicious communications traffic by controlling the flow of information between interconnected networks based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic.

ACCESS CONTROL

F5BI-AF-000039 - The BIG-IP AFM module must be configured to produce audit records containing information to establish what type of events occurred.

AUDIT AND ACCOUNTABILITY

F5BI-AF-000223 - The BIG-IP AFM module must be configured to only allow incoming communications from authorized sources routed to authorized destinations - Active FW Rules

ACCESS CONTROL

F5BI-AF-000223 - The BIG-IP AFM module must be configured to only allow incoming communications from authorized sources routed to authorized destinations - Security Policies

SYSTEM AND COMMUNICATIONS PROTECTION

F5BI-AF-000223 - The BIG-IP AFM module must be configured to only allow incoming communications from authorized sources routed to authorized destinations - Virtual Servers

SYSTEM AND COMMUNICATIONS PROTECTION

F5BI-AF-000229 - The BIG-IP AFM module must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives.