| 4.028 - The amount of idle time required before suspending a session must be properly set. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.19 Ensure SSH Idle Timeout Interval is configured - ClientAliveCountMax | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.19 Ensure SSH Idle Timeout Interval is configured - ClientAliveInterval | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.5.4 Ensure default user shell timeout is configured | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.046 - Terminal Services is not configured to set a time limit for disconnected sessions. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.047 - Terminal Services idle session time limit does not meet the requirement. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-14-000051 - The macOS system must be configured with the SSH daemon ClientAliveInterval option set to 900 or less. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-14-000052 - The macOS system must be configured with the SSH daemon ClientAliveCountMax option set to 0. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-000051 - The macOS system must be configured with the SSH daemon ClientAliveInterval option set to 900 or less. | DISA STIG Apple macOS 11 v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-12-000051 - The macOS system must be configured with the SSH daemon ClientAliveInterval option set to 900 or less. | DISA STIG Apple macOS 12 v1r9 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-14-000130 The macOS system must configure SSHD unused connection timeout to 900. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-14-000140 The macOS system must set SSH Active Server Alive Maximum to 0. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-000051 - The macOS system must configure SSHD ClientAliveInterval to 900. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-000052 - The macOS system must configure SSHD ClientAliveCountMax to 1. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-000053 - The macOS system must set login grace time to 30. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-000110 - The macOS system must configure the SSH ServerAliveInterval to 900. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-000120 - The macOS system must configure SSHD channel timeout to 900. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-000140 - The macOS system must set SSH Active Server Alive Maximum to 0. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-ND-000690 - The Cisco ASA must be configured to terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements. | DISA STIG Cisco ASA NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000720 - The Cisco switch must be configured to terminate all network connections associated with device management after five minutes of inactivity. | DISA STIG Cisco IOS Switch NDM v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-001300 - Kubernetes Kubelet must not disable timeouts. | DISA STIG Kubernetes v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-R2-000890 - Rancher RKE2 must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after five minutes of inactivity. | DISA Rancher Government Solutions RKE2 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-06-000041 - The system must set a timeout to automatically disable idle sessions after a predetermined period. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-06-000042 - The system must terminate shell services after a predetermined period. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-06-000043 - The system must logout of the console UI after a predetermined period. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-67-000043 - The ESXi host must log out of the console UI after two minutes. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-70-000041 - The ESXi host must set a timeout to automatically disable idle shell sessions after two minutes. | DISA STIG VMware vSphere 7.0 ESXi v1r3 | VMware | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-70-000042 - The ESXi host must terminate shell services after 10 minutes. | DISA STIG VMware vSphere 7.0 ESXi v1r3 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-80-000195 - The ESXi host must automatically stop shell services after 10 minutes. | DISA VMware vSphere 8.0 ESXi STIG v2r2 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-ND-000710 - The Juniper router must be configured to terminate all network connections associated with device management after five minutes of inactivity. | DISA STIG Juniper Router NDM v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-DM-000156 - The Juniper SRX Services Gateway must terminate a device management session after 10 minutes of inactivity, except to fulfill documented and validated mission requirements. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-VN-000022 - The Juniper SRX Services Gateway VPN must terminate all network connections associated with a communications session at the end of the session. | DISA Juniper SRX Services Gateway VPN v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL6-00-000230 - The SSH daemon must set a timeout interval on idle sessions. | DISA STIG Oracle Linux 6 v2r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-30-000038 - The Photon operating system must configure sshd to disconnect idle Secure Shell (SSH) sessions. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-40-000203 The Photon operating system must terminate idle Secure Shell (SSH) sessions. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010200 - RHEL 8 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-412035 - RHEL 9 must automatically exit interactive command shell user sessions after 10 minutes of inactivity. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| SLES-15-010320 - The SUSE operating system for all network connections associated with SSH traffic must immediately terminate at the end of the session or after 10 minutes of inactivity. | DISA SLES 15 STIG v2r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-040380 - The operating system must terminate the network connection associated with a communications session at the end of the session or after 10 minutes of inactivity. | DISA STIG Solaris 11 SPARC v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SYMP-NM-000310 - Symantec ProxySG must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements - cli timeout | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
| SYMP-NM-000310 - Symantec ProxySG must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements - web timeout | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-24-600000 - Ubuntu 24.04 LTS must immediately terminate all network connections associated with SSH traffic after a period of inactivity. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-24-600010 - Ubuntu 24.04 LTS must immediately terminate all network connections associated with SSH traffic at the end of the session or after 10 minutes of inactivity. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCWN-06-000002 - The system must not automatically refresh client sessions. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCWN-06-000004 - The system must terminate management sessions after 10 minutes of inactivity. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCWN-65-000002 - The vCenter Server for Windows must not automatically refresh client sessions. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-SO-000070 - The machine inactivity limit must be set to 15 minutes, locking the system with the screensaver. | DISA Microsoft Windows 11 STIG v2r3 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000034 - Users must be forcibly disconnected when their logon hours expire. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN16-DC-000160 - The directory service must be configured to terminate LDAP-based network connections to the directory server after 5 minutes of inactivity. | DISA Windows Server 2016 STIG v2r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-DC-000160 - Windows Server 2022 directory service must be configured to terminate LDAP-based network connections to the directory server after five minutes of inactivity. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
