Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1 Enable 'aaa new-model'CIS Cisco IOS XE 16.x v2.2.0 L1Cisco

ACCESS CONTROL

1.1.1 Ensure 'Logon Password' is setCIS Cisco Firewall v8.x L1 v4.2.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.1.2 Enable 'aaa authentication login'CIS Cisco IOS XE 16.x v2.2.0 L1Cisco

ACCESS CONTROL

1.1.2 Enable 'aaa authentication login'CIS Cisco IOS XE 17.x v2.2.1 L1Cisco

ACCESS CONTROL

1.2.5 Set 'access-class' for 'line vty'CIS Cisco IOS XE 16.x v2.2.0 L1Cisco

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

1.6.1 Configure at least 2 external NTP ServersCIS Cisco NX-OS v1.2.0 L1Cisco

AUDIT AND ACCOUNTABILITY

2.1.1.1.1 Set the 'hostname'CIS Cisco IOS 15 L1 v4.1.1Cisco

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.1.2 Set 'ntp authentication-key'CIS Cisco IOS 15 L2 v4.1.1Cisco

AUDIT AND ACCOUNTABILITY

3.1.2.1 Configure BGP to Log Neighbor ChangesCIS Cisco NX-OS v1.2.0 L1Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.1.3.3 ndpd-routerCIS IBM AIX 7.1 L2 v2.1.0Unix

CONFIGURATION MANAGEMENT

3.3.1.5 Set 'af-interface default'CIS Cisco IOS 15 L2 v4.1.1Cisco

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1.6 Set 'authentication key-chain'CIS Cisco IOS 15 L2 v4.1.1Cisco

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2 Configure CDPCIS Cisco NX-OS v1.2.0 L2Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.3 Ensure EBGP peers are set to use GTSMCIS Juniper OS Benchmark v2.1.0 L1Juniper

CONFIGURATION MANAGEMENT

4.2.2 Ensure IS-IS neighbor authentication is set to SHA1CIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

5.6 Enable 'PROFILE' Audit OptionCIS Oracle Server 11g R2 DB v2.2.0OracleDB

AUDIT AND ACCOUNTABILITY

5.017 - The user is allowed to launch Windows Messenger (MSN Messenger, .NET Messenger).DISA Windows Vista STIG v6r41Windows

CONFIGURATION MANAGEMENT

5.018 - Windows Messenger (MSN Messenger, .NET messenger) is run at system startup.DISA Windows Vista STIG v6r41Windows

CONFIGURATION MANAGEMENT

AIX7-00-003063 - The ndpd-router must be disabled on AIX.DISA STIG AIX 7.x v3r1Unix

CONFIGURATION MANAGEMENT

ARST-RT-000100 - The Arista BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer.DISA Arista MLS EOS 4.X Router STIG v2r2Arista

ACCESS CONTROL

ARST-RT-000100 - The Arista BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer.DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

ACCESS CONTROL

ARST-RT-000130 - The Arista multicast router must be configured to bind a Protocol Independent Multicast (PIM) neighbor filter to interfaces that have PIM enabled.DISA Arista MLS EOS 4.X Router STIG v2r2Arista

ACCESS CONTROL

ARST-RT-000130 - The Arista multicast router must be configured to bind a Protocol Independent Multicast (PIM) neighbor filter to interfaces that have PIM enabled.DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

ACCESS CONTROL

ARST-RT-000170 - The Arista perimeter router must be configured to not be a Border Gateway Protocol (BGP) peer to an alternate gateway service provider.DISA Arista MLS EOS 4.X Router STIG v2r2Arista

ACCESS CONTROL

ARST-RT-000170 - The Arista perimeter router must be configured to not be a Border Gateway Protocol (BGP) peer to an alternate gateway service provider.DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

ACCESS CONTROL

ARST-RT-000590 - The Arista multicast Designated Router (DR) must be configured to increase the shortest-path tree (SPT) threshold or set it to infinity to minimalize source-group (S, G) state within the multicast topology where Any Source Multicast (ASM) is deployed.DISA Arista MLS EOS 4.X Router STIG v2r2Arista

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-RT-000690 - The Arista BGP router must be configured to use its loopback address as the source address for iBGP peering sessions.DISA Arista MLS EOS 4.X Router STIG v2r2Arista

CONTINGENCY PLANNING

ARST-RT-000690 - The Arista BGP router must be configured to use its loopback address as the source address for iBGP peering sessions.DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

CONTINGENCY PLANNING

ARST-RT-000710 - The MPLS router must be configured to synchronize IGP and LDP to minimize packet loss when an IGP adjacency is established prior to LDP peers completing label exchange.DISA Arista MLS EOS 4.X Router STIG v2r2Arista

CONFIGURATION MANAGEMENT

ARST-RT-000740 - The PE router must be configured to have each Virtual Routing and Forwarding (VRF) instance with the appropriate Route Target (RT).DISA Arista MLS EOS 4.X Router STIG v2r2Arista

CONTINGENCY PLANNING

ARST-RT-000750 - The PE router must be configured to have each VRF with the appropriate Route Distinguisher (RD).DISA Arista MLS EOS 4.X Router STIG v2r2Arista

CONTINGENCY PLANNING

CISC-RT-000540 - The Cisco BGP switch must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute.DISA Cisco NX OS Switch RTR STIG v3r4Cisco

ACCESS CONTROL

ESXI-06-000065 - All port groups must not be configured to VLAN values reserved by upstream physical switches.DISA VMware vSphere ESXi 6.0 STIG v1r5VMware

CONFIGURATION MANAGEMENT

ESXI-70-000065 - All port groups on standard switches must not be configured to virtual local area network (VLAN) values reserved by upstream physical switches.DISA VMware vSphere 7.0 ESXi STIG v1r4 VMwareVMware

CONFIGURATION MANAGEMENT

Include Login in Session RecordsTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY

JUEX-L2-000160 - The Juniper EX switch must be configured to enable IGMP or MLD Snooping on all VLANs.DISA Juniper EX Series Layer 2 Switch v2r4Juniper

CONFIGURATION MANAGEMENT

OS10-RTR-000040 - The Dell OS10 BGP router must be configured to reject inbound route advertisements from a customer edge (CE) router for prefixes that are not allocated to that customer.DISA Dell OS10 Switch Router STIG v1r1Dell_OS10

ACCESS CONTROL

OS10-RTR-000100 - The Dell OS10 BGP router must be configured to reject route advertisements from CE routers with an originating autonomous system (AS) in the AS_PATH attribute that does not belong to that customer.DISA Dell OS10 Switch Router STIG v1r1Dell_OS10

ACCESS CONTROL

OS10-RTR-000430 - The Dell OS10 BGP router must be configured to reject outbound route advertisements for any prefixes belonging to the IP core.DISA Dell OS10 Switch Router STIG v1r1Dell_OS10

SYSTEM AND COMMUNICATIONS PROTECTION

OS10-RTR-000910 - The Dell OS10 BGP router must be configured to use its loopback address as the source address for iBGP peering sessions.DISA Dell OS10 Switch Router STIG v1r1Dell_OS10

CONFIGURATION MANAGEMENT

PHTN-40-000067 - The Photon operating system must restrict access to the kernel message buffer.DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

PHTN-40-000068 - The Photon operating system must be configured to use TCP syncookies.DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

PHTN-40-000105 - The Photon operating system must enable symlink access control protection in the kernel.DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1Unix

ACCESS CONTROL

PHTN-40-000223 - The Photon operating system must not forward IPv4 or IPv6 source-routed packets.DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1Unix

CONFIGURATION MANAGEMENT

PHTN-40-000224 - The Photon operating system must not respond to IPv4 Internet Control Message Protocol (ICMP) echoes sent to a broadcast address.DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1Unix

CONFIGURATION MANAGEMENT

PHTN-40-000225 - The Photon operating system must prevent IPv4 Internet Control Message Protocol (ICMP) redirect messages from being accepted.DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1Unix

CONFIGURATION MANAGEMENT

PHTN-40-000226 - The Photon operating system must prevent IPv4 Internet Control Message Protocol (ICMP) secure redirect messages from being accepted.DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1Unix

CONFIGURATION MANAGEMENT

PHTN-40-000227 - The Photon operating system must not send IPv4 Internet Control Message Protocol (ICMP) redirects.DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1Unix

CONFIGURATION MANAGEMENT

PHTN-40-000228 - The Photon operating system must log IPv4 packets with impossible addresses.DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1Unix

CONFIGURATION MANAGEMENT

PHTN-40-000229 - The Photon operating system must use a reverse-path filter for IPv4 network traffic.DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1Unix

CONFIGURATION MANAGEMENT