| ARST-ND-000110 - The Arista network device must enforce approved authorizations for controlling the flow of management information within the network device based on information flow control policies. | DISA STIG Arista MLS EOS 4.2x NDM v1r1 | Arista | ACCESS CONTROL |
| ARST-RT-000010 - The Arista router must be configured to enforce approved authorizations for controlling the flow of information within the network based on organization-defined information flow control policies. | DISA STIG Arista MLS EOS 4.2x Router v1r1 | Arista | ACCESS CONTROL |
| ARST-RT-000020 - The Arista BGP router must be configured to reject inbound route advertisements for any Bogon prefixes. | DISA STIG Arista MLS EOS 4.2x Router v1r1 | Arista | ACCESS CONTROL |
| ARST-RT-000070 - The Arista Multicast Source Discovery Protocol (MSDP) router must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources. | DISA STIG Arista MLS EOS 4.2x Router v1r1 | Arista | ACCESS CONTROL |
| CISC-RT-000490 - The Cisco BGP router must be configured to reject inbound route advertisements for any Bogon prefixes - show ip prefix-list | DISA STIG Cisco IOS Router RTR v1r4 | Cisco | ACCESS CONTROL |
| CISC-RT-000490 - The Cisco BGP switch must be configured to reject inbound route advertisements for any Bogon prefixes. - 0.0.0.0 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000490 - The Cisco BGP switch must be configured to reject inbound route advertisements for any Bogon prefixes. - 10.0.0.0 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000490 - The Cisco BGP switch must be configured to reject inbound route advertisements for any Bogon prefixes. - 100.64.0.0 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000490 - The Cisco BGP switch must be configured to reject inbound route advertisements for any Bogon prefixes. - 169.254.0.0 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000490 - The Cisco BGP switch must be configured to reject inbound route advertisements for any Bogon prefixes. - 172.16.0.0 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000490 - The Cisco BGP switch must be configured to reject inbound route advertisements for any Bogon prefixes. - 192.0.2.0 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000490 - The Cisco BGP switch must be configured to reject inbound route advertisements for any Bogon prefixes. - 198.18.0.0 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000490 - The Cisco BGP switch must be configured to reject inbound route advertisements for any Bogon prefixes. - 198.51.100.0 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000490 - The Cisco BGP switch must be configured to reject inbound route advertisements for any Bogon prefixes. - 224.0.0.0 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000490 - The Cisco BGP switch must be configured to reject inbound route advertisements for any Bogon prefixes. - permit 0.0.0.0/0 ge 8 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000490 - The Cisco BGP switch must be configured to reject inbound route advertisements for any Bogon prefixes. - router bgp prefix list | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000500 - The Cisco BGP router must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS) - show ip prefix-list | DISA STIG Cisco IOS Router RTR v1r4 | Cisco | ACCESS CONTROL |
| CISC-RT-000500 - The Cisco BGP switch must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS). - prefix list | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000500 - The Cisco BGP switch must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS). - router bgp prefix list | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000510 - The Cisco BGP router must be configured to reject inbound route advertisements from a customer edge (CE) router for prefixes that are not allocated to that customer - show ip prefix-list | DISA STIG Cisco IOS Router RTR v1r4 | Cisco | ACCESS CONTROL |
| CISC-RT-000520 - The Cisco BGP router must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS) - ip prefix-list | DISA STIG Cisco IOS Router RTR v1r4 | Cisco | ACCESS CONTROL |
| CISC-RT-000520 - The Cisco BGP router must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS) - neighbor | DISA STIG Cisco IOS Router RTR v1r4 | Cisco | ACCESS CONTROL |
| CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources. - deny 10.0.0.0/8 le 32 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources. - deny 127.0.0.0/8 le 32 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources. - deny 224.0.1.2/32 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources. - deny 224.0.1.3/32 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources. - deny 224.0.1.35/32 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources. - deny 224.0.1.40/32 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources. - deny 224.0.1.60/32 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources. - deny 232.0.0.0/8 le 32 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000930 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to filter source-active multicast advertisements to external MSDP peers to avoid global visibility of local-only multicast sources and groups. - deny 10.0.0.0/8 le 32 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000930 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to filter source-active multicast advertisements to external MSDP peers to avoid global visibility of local-only multicast sources and groups. - permit 0.0.0.0/0 ge 8 | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | ACCESS CONTROL |
| EX13-EG-000015 - Exchange must have accepted domains configured. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r4 | Windows | CONFIGURATION MANAGEMENT |
| EX13-EG-000015 - Exchange must have accepted domains configured. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r5 | Windows | ACCESS CONTROL |
| EX13-EG-000025 - Exchange external Receive connectors must be domain secure-enabled. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r5 | Windows | ACCESS CONTROL |
| EX13-MB-000015 - Exchange auto-forwarding email to remote domains must be disabled or restricted. | DISA Microsoft Exchange 2013 Mailbox Server STIG v1r6 | Windows | CONFIGURATION MANAGEMENT |
| F5BI-AF-000005 - The BIG-IP AFM module must be configured to enforce approved authorizations for controlling the flow of information within the network based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic. | DISA F5 BIG-IP Advanced Firewall Manager 11.x STIG v1r1 | F5 | ACCESS CONTROL |
| JUEX-RT-000030 - The Juniper BGP router must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS). | DISA Juniper EX Series Router v1r3 | Juniper | ACCESS CONTROL |
| JUEX-RT-000040 - The Juniper BGP router must be configured to reject inbound route advertisements from a customer edge (CE) router for prefixes that are not allocated to that customer. | DISA Juniper EX Series Router v1r3 | Juniper | ACCESS CONTROL |
| JUNI-ND-000140 - The Juniper router must be configured to enforce approved authorizations for controlling the flow of management information within the device based on control policies - loopback | DISA STIG Juniper Router NDM v1r4 | Juniper | ACCESS CONTROL |
| JUNI-RT-000480 - The Juniper BGP router must be configured to reject inbound route advertisements for any Bogon prefixes - prefix-statement | DISA STIG Juniper Router RTR v1r4 | Juniper | ACCESS CONTROL |
| JUNI-RT-000500 - The Juniper BGP router must be configured to reject inbound route advertisements from a customer edge (CE) Juniper router for prefixes that are not allocated to that customer - CE Juniper router. | DISA STIG Juniper Router RTR v1r4 | Juniper | ACCESS CONTROL |
| JUNI-RT-000510 - The Juniper BGP router must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS) - bgp export | DISA STIG Juniper Router RTR v1r4 | Juniper | ACCESS CONTROL |
| JUNI-RT-000510 - The Juniper BGP router must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS) - policy-statement | DISA STIG Juniper Router RTR v1r4 | Juniper | ACCESS CONTROL |
| JUNI-RT-000910 - The Juniper Multicast Source Discovery Protocol (MSDP) router must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources - policy-options | DISA STIG Juniper Router RTR v1r4 | Juniper | ACCESS CONTROL |
| JUNI-RT-000910 - The Juniper Multicast Source Discovery Protocol (MSDP) router must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources - protocols msdp | DISA STIG Juniper Router RTR v1r4 | Juniper | ACCESS CONTROL |
| JUNI-RT-000920 - The Juniper Multicast Source Discovery Protocol (MSDP) router must be configured to filter source-active multicast advertisements to external MSDP peers to avoid global visibility of local-only multicast sources and groups - policy-options | DISA STIG Juniper Router RTR v1r4 | Juniper | ACCESS CONTROL |
| JUNI-RT-000920 - The Juniper Multicast Source Discovery Protocol (MSDP) router must be configured to filter source-active multicast advertisements to external MSDP peers to avoid global visibility of local-only multicast sources and groups - protocols msdp | DISA STIG Juniper Router RTR v1r4 | Juniper | ACCESS CONTROL |
| SYMP-AG-000080 - Symantec ProxySG must enforce approved authorizations for controlling the flow of information within the network based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | ACCESS CONTROL |
| SYMP-NM-000040 - Symantec ProxySG must be configured to enforce assigned privilege levels for approved administrators when accessing the management console, SSH, and the command line interface (CLI). | DISA Symantec ProxySG Benchmark NDM v1r1 | BlueCoat | CONFIGURATION MANAGEMENT |
