| 2.4.3 (L2) Ensure Microsoft Defender for Cloud Apps is enabled and configured | CIS Microsoft 365 Foundations v5.0.0 L2 E5 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| Administrative actions are logged | TNS Citrix Hypervisor | Unix | AUDIT AND ACCOUNTABILITY |
| Enable only necessary and secure services, protocols, daemons - 'snapwatchd' | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| Enable only necessary and secure services, protocols, daemons - 'sshd' | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| Enable port locking by default on the VM guest network | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable remote syslog | TNS Citrix Hypervisor | Unix | AUDIT AND ACCOUNTABILITY |
| HP ProCurve - 'Disable IP Stack Management' | TNS HP ProCurve | HPProCurve | CONFIGURATION MANAGEMENT |
| HP ProCurve - 'RADIUS or TACACS Authentication is configured' | TNS HP ProCurve | HPProCurve | |
| Install a trusted CA certificate on the pool | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Install a trusted certificate in place of the default self-signed SSL certificate | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Passwords stored in 'secrets' are not visible | TNS Citrix Hypervisor | Unix | IDENTIFICATION AND AUTHENTICATION |
| Restrict allowed IPv4 addresses used by each VM guest | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Ensure default 'admin' username is not used | TNS SonicWALL v5.9 | SonicWALL | IDENTIFICATION AND AUTHENTICATION |
| SonicWALL - Anti-Spyware - WLAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - AutoDownload Firmware - Enabled | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Client AV Enforcement On - DMZ | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Client AV Enforcement On - LAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Client AV Enforcement On - WLAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Flood Protection - Layer 3 - Attack Threshold | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Flood Protection - TCP - Handshake enforcement | TNS SonicWALL v5.9 | SonicWALL | |
| SonicWALL - Flood Protection - TCP - Timeout <= 5 minutes | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - IDP ON - DMZ | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - IDP ON - WAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Logging Level - Information | TNS SonicWALL v5.9 | SonicWALL | AUDIT AND ACCOUNTABILITY |
| SonicWALL - Password Policy - Complexity Level | TNS SonicWALL v5.9 | SonicWALL | IDENTIFICATION AND AUTHENTICATION |
| SonicWALL - PW Policy - Lockout Duration - >= 5 minutes | TNS SonicWALL v5.9 | SonicWALL | ACCESS CONTROL |
| SonicWALL - Review the NTP server configuration | TNS SonicWALL v5.9 | SonicWALL | AUDIT AND ACCOUNTABILITY |
| SonicWALL - Security Services - Gateway AV - FTP Inbound | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Security Services - Gateway AV - HTTP Inbound | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Security Services - Gateway AV - HTTP Outbound | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Security Services - Gateway AV - POP3 | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Security Services - Gateway AV - Signature Timestamp | TNS SonicWALL v5.9 | SonicWALL | AUDIT AND ACCOUNTABILITY |
| SonicWALL - Security Services - Gateway AV - SMTP Outbound | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Security Services - Gateway AV - TCP Stream Outbound | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Security Services - IDP - Signature Timestamp | TNS SonicWALL v5.9 | SonicWALL | AUDIT AND ACCOUNTABILITY |
| SonicWALL - SSL Control - Block the conn. and log the event | TNS SonicWALL v5.9 | SonicWALL | AUDIT AND ACCOUNTABILITY |
| SonicWALL - SSL Control - Detect Expired Certificates | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - SSL Control - Enable Whitelist | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| Use a static IP on the storage network interface | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| XenServer - All network interfaces are operating in full-duplex mode | TNS Citrix XenServer | Unix | |
| XenServer - Auto-start is not enabled | TNS Citrix XenServer | Unix | |
| XenServer - Enable only necessary and secure services, protocols, daemons - 'lwsmd' | TNS Citrix XenServer | Unix | CONFIGURATION MANAGEMENT |
| XenServer - Enable QoS on all VM guests | TNS Citrix XenServer | Unix | |
| XenServer - External authentication is disabled | TNS Citrix XenServer | Unix | |
| XenServer - Host is enabled | TNS Citrix XenServer | Unix | |
| XenServer - Passwords stored in 'secrets' are not visible | TNS Citrix XenServer | Unix | |
| XenServer - Restrict allowed IPv4 addresses used by each VM guest | TNS Citrix XenServer | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| XenServer - Restrict allowed IPv6 addresses used by each VM guest | TNS Citrix XenServer | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| XenServer - Snapshots are not present | TNS Citrix XenServer | Unix | |
| XenServer - Use a static IP on the management network interface | TNS Citrix XenServer | Unix | |
