| CISC-RT-000120 - The Cisco router must be configured to protect against or limit the effects of denial-of-service (DoS) attacks by employing control plane protection. | DISA Cisco IOS Router RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000120 - The Cisco router must be configured to protect against or limit the effects of denial-of-service (DoS) attacks by employing control plane protection. | DISA Cisco IOS XE Router RTR STIG v3r5 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000120 - The Cisco switch must be configured to protect against or limit the effects of denial-of-service (DoS) attacks by employing control plane protection. | DISA Cisco IOS XE Switch RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000120 - The Cisco switch must be configured to protect against or limit the effects of denial-of-service (DoS) attacks by employing control plane protection. | DISA Cisco IOS Switch RTR STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000120 - The Cisco switch must be configured to protect against or limit the effects of denial-of-service (DoS) attacks by employing control plane protection. | DISA Cisco NX OS Switch RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000320 - The Cisco perimeter router must be configured to filter traffic destined to the enclave in accordance with the guidelines contained in DoD Instruction 8551.1. | DISA Cisco IOS XE Router RTR STIG v3r5 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000320 - The Cisco perimeter switch must be configured to filter traffic destined to the enclave in accordance with the guidelines contained in DoD Instruction 8551.1. | DISA Cisco IOS XE Switch RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000340 - The Cisco perimeter router must be configured to filter egress traffic at the internal interface on an inbound direction. | DISA Cisco IOS XE Router RTR STIG v3r5 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000340 - The Cisco perimeter switch must be configured to filter egress traffic at the internal interface on an inbound direction. | DISA Cisco NX OS Switch RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000390 - The Cisco perimeter router must be configured to block all outbound management traffic. | DISA Cisco IOS XE Router RTR STIG v3r5 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000390 - The Cisco perimeter switch must be configured to block all outbound management traffic. | DISA Cisco IOS XE Switch RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000400 - The Cisco out-of-band management (OOBM) gateway router must be configured to transport management traffic to the Network Operations Center (NOC) via dedicated circuit, MPLS/VPN service, or IPsec tunnel. | DISA Cisco IOS XR Router RTR STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000400 - The Cisco out-of-band management (OOBM) gateway router must be configured to transport management traffic to the Network Operations Center (NOC) via dedicated circuit, MPLS/VPN service, or IPsec tunnel. | DISA Cisco IOS XE Router RTR STIG v3r5 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000400 - The Cisco out-of-band management (OOBM) gateway router must be configured to transport management traffic to the Network Operations Center (NOC) via dedicated circuit, MPLS/VPN service, or IPsec tunnel. | DISA Cisco IOS Router RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000410 - The Cisco out-of-band management (OOBM) gateway router must be configured to forward only authorized management traffic to the Network Operations Center (NOC). | DISA Cisco IOS Router RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000440 - The Cisco out-of-band management (OOBM) gateway router must be configured to block any traffic destined to itself that is not sourced from the OOBM network or the Network Operations Center (NOC). | DISA Cisco IOS XR Router RTR STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000450 - The Cisco router must be configured to only permit management traffic that ingresses and egresses the out-of-band management (OOBM) interface. | DISA Cisco IOS Router RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000450 - The Cisco switch must be configured to only permit management traffic that ingresses and egresses the out-of-band management (OOBM) interface. | DISA Cisco IOS XE Switch RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000450 - The Cisco switch must be configured to only permit management traffic that ingresses and egresses the out-of-band management (OOBM) interface. | DISA Cisco IOS Switch RTR STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000460 - The Cisco router providing connectivity to the Network Operations Center (NOC) must be configured to forward all in-band management traffic via an IPsec tunnel. | DISA Cisco IOS XE Router RTR STIG v3r5 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000530 - The Cisco BGP router must be configured to reject outbound route advertisements for any prefixes belonging to the IP core. | DISA Cisco IOS XR Router RTR STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000530 - The Cisco BGP switch must be configured to reject outbound route advertisements for any prefixes belonging to the IP core. | DISA Cisco IOS XE Switch RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000730 - The Cisco PE switch must be configured to block any traffic that is destined to the IP core infrastructure. | DISA Cisco NX OS Switch RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000730 - The Cisco PE switch must be configured to block any traffic that is destined to the IP core infrastructure. | DISA Cisco IOS XE Switch RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000740 - The Cisco PE switch must be configured with Unicast Reverse Path Forwarding (uRPF) loose mode enabled on all CE-facing interfaces. | DISA Cisco IOS Switch RTR STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000340 - The Juniper perimeter router must be configured to filter egress traffic at the internal interface on an inbound direction. | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000390 - The Juniper out-of-band management (OOBM) gateway router must be configured to transport management traffic to the Network Operations Center (NOC) via dedicated circuit, MPLS/VPN service, or IPsec tunnel - IPsec | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000390 - The Juniper out-of-band management (OOBM) gateway router must be configured to transport management traffic to the Network Operations Center (NOC) via dedicated circuit, MPLS/VPN service, or IPsec tunnel - Mgmt | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000440 - The Juniper router must be configured to only permit management traffic that ingresses and egresses the OOBM interface - Inbound | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000450 - The Juniper router providing connectivity to the NOC must be configured to forward all in-band management traffic via an IPsec tunnel - IPsec | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000450 - The Juniper router providing connectivity to the NOC must be configured to forward all in-band management traffic via an IPsec tunnel - Mgmt | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
