| 2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.websocket.LEVEL=DEBUG | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 6 - Encryption | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7 - SSL implementation - start.ini --module=deploy | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8 - Management IP - .htacess exists | TNS Best Practice Jetty 9 Linux | Unix | |
| 8 - Management IP - review $jetty_home/contexts xml file | TNS Best Practice Jetty 9 Linux | Unix | |
| 13 - Restrict access to temp directory - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 14 - Restrict access to binaries directory - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 15 - Restrict access to web application directory - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 17 - Restrict access to JETTY.properties - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 24 - Remove extraneous files and directories - $JETTY_BASE/webapps/balancer | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 24 - Remove extraneous files and directories - $JETTY_BASE/webapps/webdav | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 29 - Ensure secure is set to true only for SSL-enabled Connectors | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 31 - Starting with Security Manager | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 32 - Disabling auto deployment of applications | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 33 - Disable deploy on startup of applications | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 40 - Do not allow symbolic linking | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 42 - Do not allow cross context requests | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 43 - Do not resolve hosts on logging valves - SERVER_XML | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 44 - Use Lockout Realms | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| Buffer overflow protection should be configured 'LimitRequestFields' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Buffer overflow protection should be configured 'LimitRequestFieldsize' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Extreme : Review all accounts | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | ACCESS CONTROL |
| Extreme : SNMP community name != public | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - Close port TCP 113 on external interface | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONFIGURATION MANAGEMENT |
| Fortigate - Enable logs of failed connection attempts | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - Ensure default admin usernames are not used | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | ACCESS CONTROL |
| Fortigate - External Logging - 'syslog3' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - Inactivity timeout - 'global' <= 5 | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | ACCESS CONTROL |
| Fortigate - IPS database - extended | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| Fortigate - Password Complexity - 1 lowercase letter | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - Password Complexity - 4 char difference | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - Require that passwords expire | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - reset-sessionless-tcp disabled | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| Fortigate - SNMP community string - 'private' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - VPN SSL cipher suite > than 128 bits | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | ACCESS CONTROL |
| WatchGuard : Authentication Settings - 'Authentication User Timeout' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | ACCESS CONTROL |
| WatchGuard : DoS Prevention - Drop IKE Flood Attack | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : DoS Prevention - Drop IP Source Route | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : DoS Prevention - Drop UDP Flood Attack | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : Gateway AntiVirus - 'Enabled' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND INFORMATION INTEGRITY |
| WatchGuard : ICMP Error Handling - 'host-unreachable' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : ICMP Error Handling - 'port-unreachable' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : ICMP Error Handling - 'time-exceeded' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : IPS - 'Enabled' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND INFORMATION INTEGRITY |
| WatchGuard : IPS Logging Threat Level Medium - Enabled | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
| WatchGuard : IPS Threat Level Action High - DROP or BLOCK | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND INFORMATION INTEGRITY |
| WatchGuard : Logging - Syslog Timestamps | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
| WatchGuard : Single Sign-On - 'Enabled' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | IDENTIFICATION AND AUTHENTICATION |
| WatchGuard : SNMP Configuration - v3 user has password - priv protocol | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | ACCESS CONTROL |
| WatchGuard : WINS Servers | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | CONFIGURATION MANAGEMENT |
