| 3.1.2 Set 'no ip proxy-arp' | CIS Cisco IOS XE 16.x v2.2.0 L2 | Cisco | CONFIGURATION MANAGEMENT |
| 4.1.3 Ensure EBGP peers are set to use GTSM | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure RPKI is set for Origin Validation of EBGP peers | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.10.31.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 6.4.1 Ensure Authentication is configured for Diagnostic Ports | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 6.7.3 Ensure NTP Boot-Server is set | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | AUDIT AND ACCOUNTABILITY |
| 6.7.4 Ensure NTP uses version 4 | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | AUDIT AND ACCOUNTABILITY |
| 6.8.5 Ensure Source-Address is set for External AAA Servers | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 6.10.1.2 Ensure SSH is Restricted to Version 2 | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-002057 - AIX audit logs must be rotated daily. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| ARST-RT-000090 - The Arista MSDP router must be configured to limit the amount of source-active messages it accepts on per-peer basis. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000090 - The Arista MSDP router must be configured to limit the amount of source-active messages it accepts on per-peer basis. | DISA Arista MLS EOS 4.X Router STIG v2r2 | Arista | ACCESS CONTROL |
| ARST-RT-000280 - The Arista router must be configured to authenticate all routing protocol messages using NIST-validated FIPS 198-1 message authentication code algorithm. | DISA Arista MLS EOS 4.X Router STIG v2r2 | Arista | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| ARST-RT-000280 - The Arista router must be configured to authenticate all routing protocol messages using NIST-validated FIPS 198-1 message authentication code algorithm. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| ARST-RT-000650 - The Arista perimeter router must be configured to block all outbound management traffic. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000650 - The Arista perimeter router must be configured to block all outbound management traffic. | DISA Arista MLS EOS 4.X Router STIG v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000770 - The Arista Multicast Source Discovery Protocol (MSDP) router must be configured to use its loopback address as the source address when originating MSDP traffic. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | CONTINGENCY PLANNING |
| CISC-RT-000390 - The Cisco perimeter router must be configured to block all outbound management traffic. | DISA Cisco IOS Router RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000390 - The Cisco perimeter router must be configured to block all outbound management traffic. | DISA Cisco IOS XE Router RTR STIG v3r5 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000390 - The Cisco perimeter router must be configured to block all outbound management traffic. | DISA Cisco IOS XR Router RTR STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000392 - The Cisco perimeter router must be configured to drop IPv6 undetermined transport packets. | DISA Cisco IOS Router RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000392 - The Cisco perimeter router must be configured to drop IPv6 undetermined transport packets. | DISA Cisco IOS XR Router RTR STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000392 - The Cisco perimeter router must be configured to drop IPv6 undetermined transport packets. | DISA Cisco IOS XE Router RTR STIG v3r5 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| DG0152-ORACLE11 - DBMS network communications should comply with PPS usage restrictions - 'Connection Manager is running on approved ports' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0152-ORACLE11 - DBMS network communications should comply with PPS usage restrictions - 'Oracle listeners are running on approved ports' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0152-ORACLE11 - DBMS network communications should comply with PPS usage restrictions - PORT = 1521, 1575, 1830, 2481, 2482, 2483 or 2484' - cman.ora | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0152-ORACLE11 - DBMS network communications should comply with PPS usage restrictions - PORT = 1521, 1575, 1830, 2481, 2482, 2483 or 2484' - listener.ora | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DISA STIG VMware vSphere ESXi 6 Security Technical Implementation Guide Version 1 Release 5 | DISA VMware vSphere ESXi 6.0 STIG v1r5 Unix | Unix | |
| DISA_STIG_JRE_8_Windows_v2r1.audit for DISA Oracle Java Runtime Environment (JRE) Version 8 for Windows v2r1 STIG | DISA STIG Oracle JRE 8 Windows v2r1 | Windows | |
| DISA_STIG_McAfee_VirusScan_8.8_Managed_Client_v6r1.audit from DISA McAfee VirusScan 8.8 Managed Client Security Technical implementation Guide v6r1 STIG | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | |
| DISA_STIG_McAfee_VSEL_1.9.x_2.0.x_Local_Client_v1r6.audit from DISA McAfee VSEL 1.9/2.0 Local Client v1r6 STIG | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | |
| DISA_STIG_McAfee_VSEL_1.9.x_2.0.x_Managed_Client_v1r5.audit from DISA McAfee VSEL 1.9/2.0 Managed Client v1r5 STIG | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | |
| DISA_STIG_Microsoft_Project_2016_v1r1.audit for Microsoft Project 2016, from DISA STIG Microsoft Project 2016 v1r1 | DISA STIG Microsoft Project 2016 v1r1 | Windows | |
| DISA_STIG_Server_2012_and_2012_R2_DC_v3r7.audit from DISA Microsoft Windows Server 2012/2012 R2 Domain Controller v3r7 STIG | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | |
| DISA_STIG_Server_2012_and_2012_R2_MS_v3r7.audit from DISA Microsoft Windows Server 2012/2012 R2 Member Server v3r7 STIG | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | |
| DISA_STIG_Splunk_Enterprise_7.x_for_Windows_OS_v3r2.audit from DISA Splunk Enterprise 7.x for Windows v3r2 STIG | DISA STIG Splunk Enterprise 7.x for Windows v3r2 OS | Windows | |
| DISA_STIG_Splunk_Enterprise_7.x_for_Windows_REST_API_v3r2.audit from DISA Splunk Enterprise 7.x for Windows v3r2 STIG | DISA STIG Splunk Enterprise 7.x for Windows v3r2 REST API | Splunk | |
| DISA_STIG_Splunk_Enterprise_8.x_for_Linux_OS_v2r3.audit from DISA Splunk Enterprise 8.x for Linux v2r3 STIG | DISA STIG Splunk Enterprise 8.x for Linux v2r3 STIG OS | Unix | |
| DISA_STIG_Splunk_Enterprise_8.x_for_Linux_REST_API_v2r3.audit from DISA Splunk Enterprise 8.x for Linux v2r3 STIG | DISA STIG Splunk Enterprise 8.x for Linux v2r3 STIG REST API | Splunk | |
| DISA_STIG_VMware_vSphere_7.0_Photon_OS_v1r4.audit from DISA VMware vSphere 7.0 vCenter Appliance Photon OS v1r4 STIG | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | |
| DISA_STIG_VMware_vSphere_8.0_vCenter_Appliance_Photon_OS_4.0_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | |
| DISA_VMware_vSphere_8.0_vCenter_Appliance_Management_Interface_(VAMI)_STIG_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1 | DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1 | Unix | |
| JUSX-AG-000083 - The Juniper SRX Services Gateway Firewall must disable or remove unnecessary network services and functions that are not used as part of its role in the architecture. | DISA Juniper SRX Services Gateway ALG v3r3 | Juniper | CONFIGURATION MANAGEMENT |
| JUSX-AG-000087 - The Juniper SRX Services Gateway Firewall must be configured to prohibit or restrict the use of unauthorized functions, ports, protocols, and/or services, as defined in the PPSM CAL, vulnerability assessments. | DISA Juniper SRX Services Gateway ALG v3r3 | Juniper | CONFIGURATION MANAGEMENT |
| JUSX-AG-000120 - The Juniper SRX Services Gateway Firewall providing content filtering must protect against known and unknown types of denial-of-service (DoS) attacks by implementing statistics-based screens - DoS attacks by implementing statistics-based screens. | DISA Juniper SRX Services Gateway ALG v3r3 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-AG-000122 - The Juniper SRX Services Gateway Firewall must protect against known types of denial-of-service (DoS) attacks by implementing signature-based screens - DoS attacks by implementing signature-based screens. | DISA Juniper SRX Services Gateway ALG v3r3 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-DM-000162 - The Juniper SRX Services Gateway must configure the control plane to protect against or limit the effects of common types of Denial of Service (DoS) attacks on the device itself by configuring applicable system options and internet-options. | DISA Juniper SRX Services Gateway NDM v3r3 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-IP-000010 - The Juniper Networks SRX Series Gateway IDPS must install updates for predefined signature objects, applications signatures, IDPS policy templates, and device software when new releases are available in accordance with organizational configuration management policy and procedures. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| JUSX-VN-000015 - The Juniper SRX Services Gateway must disable or remove unnecessary network services and functions that are not used as part of its role in the architecture. | DISA Juniper SRX Services Gateway VPN v3r2 | Juniper | CONFIGURATION MANAGEMENT |
| JUSX-VN-000017 - The Juniper SRX Services Gateway VPN must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | DISA Juniper SRX Services Gateway VPN v3r2 | Juniper | CONFIGURATION MANAGEMENT |
