| 2.1.1.1.2 Set the 'ip domain-name' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.1.1 Set 'ntp authenticate' | CIS Cisco IOS 15 L2 v4.1.1 | Cisco | AUDIT AND ACCOUNTABILITY |
| 17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| CIS_Cisco_IOS_15_v4.1.1_Level_1.audit from CIS Cisco IOS 15 Benchmark | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | |
| CISC-RT-000235 - The Cisco switch must be configured to have Cisco Express Forwarding enabled. | DISA STIG Cisco IOS Switch RTR v3r1 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-RT-000235 - The Cisco switch must be configured to have Cisco Express Forwarding enabled. | DISA STIG Cisco IOS XE Switch RTR v3r1 | Cisco | CONFIGURATION MANAGEMENT |
| Configure Allowed Authentication Types | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | SYSTEM AND COMMUNICATIONS PROTECTION |
| FGFW-ND-000005 - The FortiGate device must automatically audit account creation | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| FGFW-ND-000010 - The FortiGate device must automatically audit account modification | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| FGFW-ND-000020 - The FortiGate device must automatically audit account removal actions | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| FGFW-ND-000035 - The FortiGate device must allow full access to only those individuals or roles designated by the ISSM. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| FGFW-ND-000040 - The FortiGate device must audit the execution of privileged functions | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| FGFW-ND-000045 - The FortiGate device must enforce the limit of three consecutive invalid logon attempts, after which time it must lock out the user account from accessing the device for 15 minutes | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| FGFW-ND-000050 - The FortiGate device must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the device. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| FGFW-ND-000060 - The FortiGate device must log all user activity. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000065 - The FortiGate device must generate audit records when successful/unsuccessful attempts to modify administrator privileges occur | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000070 - The FortiGate device must generate audit records when successful/unsuccessful attempts to delete administrator privileges occur | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000075 - The FortiGate device must generate audit records when successful/unsuccessful logon attempts occur | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000080 - The FortiGate device must generate audit records for privileged activities or other system-level access | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000090 - The FortiGate device must generate audit records when concurrent logons from different workstations occur | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000095 - The FortiGate device must generate audit records containing information that establishes the identity of any individual or process associated with the event. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000100 - The FortiGate device must generate audit records containing the full-text recording of privileged commands. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000105 - The FortiGate device must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000110 - The FortiGate device must off-load audit records on to a different system or media than the system being audited. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000115 - The FortiGate device must generate an immediate real-time alert of all audit failure events requiring real-time alerts. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000120 - The FortiGate device must synchronize internal information system clocks using redundant authoritative time sources | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| FGFW-ND-000135 - The FortiGate device must protect audit tools from unauthorized access. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000145 - The FortiGate device must prohibit installation of software without explicit privileged status. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
| FGFW-ND-000150 - The FortiGate device must enforce access restrictions associated with changes to device configuration. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
| FGFW-ND-000155 - The FortiGate device must limit privileges to change the software resident within software libraries. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
| FGFW-ND-000160 - The FortiGate device must enforce access restrictions associated with changes to the system components. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
| FGFW-ND-000165 - The FortiGate device must use LDAP for authentication. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
| FGFW-ND-000170 - The FortiGate device must be running an operating system release that is currently supported by the vendor. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
| FGFW-ND-000175 - The FortiGate device must generate log records for a locally developed list of auditable events | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| FGFW-ND-000180 - The FortiGate device must conduct backups of system-level information contained in the information system when changes occur. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING |
| FGFW-ND-000185 - The FortiGate device must support organizational requirements to conduct backups of information system documentation, including security-related documentation, when changes occur or weekly, whichever is sooner. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING |
| FGFW-ND-000200 - The FortiGate device must prohibit the use of all unnecessary and/or non-secure functions, ports, protocols, and/or services. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
| FGFW-ND-000205 - The FortiGate device must implement replay-resistant authentication mechanisms for network access to privileged accounts | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000220 - The FortiGate device must enforce a minimum 15-character password length. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000225 - The FortiGate device must enforce password complexity by requiring that at least one uppercase character be used. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000235 - The FortiGate device must enforce password complexity by requiring at least one numeric character be used. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000245 - The FortiGate device must use LDAPS for the LDAP connection. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000255 - The FortiGate device must use FIPS 140-2 approved algorithms for authentication to a cryptographic module. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000265 - The FortiGate device must implement cryptographic mechanisms using a FIPS 140-2 approved algorithm to protect the confidentiality of remote maintenance sessions. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | MAINTENANCE |
| FGFW-ND-000270 - The FortiGate device must terminate idle sessions after 10 minutes of inactivity. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | MAINTENANCE |
| FGFW-ND-000275 - The FortiGate device must terminate idle sessions after 10 minutes of inactivity. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| FGFW-ND-000285 - The FortiGate device must only allow authorized administrators to view or change the device configuration, system files, and other files stored either in the device or on removable media (such as a flash drive). | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| FGFW-ND-000295 - The FortiGate device must be configured to send log data to a central log server for the purpose of forwarding alerts to the administrators and the ISSO. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| FGFW-ND-000305 - The FortiGate device must only install patches or updates that are validated by the vendor via digital signature or hash. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
| FGFW-ND-000311 - The FortiGate device must require that when a password is changed, the characters are changed in at least eight of the positions within the password. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
