| 7 - SSL implementation - start.jar --module=deploy | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7 - SSL implementation - start.jar --module=http | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8 - Management IP - .htacess exists | TNS Best Practice Jetty 9 Linux | Unix | |
| 8 - Management IP - review $jetty_home/contexts xml file | TNS Best Practice Jetty 9 Linux | Unix | |
| 25 - Disable Unused Connectors | TNS Best Practice Jetty 9 Linux | Unix | |
| 26 - Setup Client-cert Authentication | TNS Best Practice Jetty 9 Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| 27 - Ensure SSLEnabled is set to True for Sensitive Connectors - SSLEngine | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 34 - Ensure Web content directory is on a separate partition from the system files | TNS Best Practice Jetty 9 Linux | Unix | |
| 35 - Do not allow custom header status messages | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 38 - Force SSL for all applications | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 39 - Increase the entropy in session identifiers | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 45 - Restrict runtime access to sensitive packages | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| Buffer overflow protection should be configured 'LimitRequestBody' | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Buffer overflow protection should be configured 'LimitRequestFields' | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Buffer overflow protection should be configured 'LimitRequestFieldsize' | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Buffer overflow protection should be configured 'LimitRequestline' | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND INFORMATION INTEGRITY |
| CGI-BIN directory should be disabled. 'Directory' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'LoadModule cgi_module' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'LoadModule env_module' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| Extreme : Configure max-failed-logins <= 3 | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | ACCESS CONTROL |
| Extreme : Enable SNMP Traps | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | AUDIT AND ACCOUNTABILITY |
| Extreme : Review all accounts | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | ACCESS CONTROL |
| File permissions in the root document should only be accessible by administrator | TNS IBM HTTP Server Best Practice | Unix | |
| HTTP TRACE method should be disabled. 'RewriteLog' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| HTTP TRACE method should be disabled. 'RewriteRule' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| Huawei: Disable SNMP write access | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: Enable AAA authentication | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| Huawei: Require SSH version 2 | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Non-Essential modules should be disabled. 'mod_dav' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| Non-Essential modules should be disabled. 'mod_include' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| WatchGuard : Authentication Settings - 'Authentication User Timeout' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | ACCESS CONTROL |
| WatchGuard : DNS Servers | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : DoS Prevention - Block Address Space Probes | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : DoS Prevention - Drop IKE Flood Attack | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : Gateway AntiVirus - 'Enabled' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND INFORMATION INTEGRITY |
| WatchGuard : ICMP Error Handling - 'host-unreachable' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : ICMP Error Handling - 'network-unreachable' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : ICMP Error Handling - 'port-unreachable' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : IPS - 'Enabled' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND INFORMATION INTEGRITY |
| WatchGuard : IPS Logging Threat Level Critical - Enabled | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
| WatchGuard : IPS Logging Threat Level HIGH - Enabled | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
| WatchGuard : IPS Threat Level Action Medium - DROP or BLOCK | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND INFORMATION INTEGRITY |
| WatchGuard : LDAP Server Port | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | IDENTIFICATION AND AUTHENTICATION |
| WatchGuard : Logging - IKE Packet Tracing | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
| WatchGuard : Logging - Syslog Timestamps | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
| WatchGuard : NTP Servers | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
| WatchGuard : SNMP Configuration - v3 user has password - priv protocol | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | ACCESS CONTROL |
| WatchGuard : SNMP Configuration - v3 uses DES | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| WatchGuard : SNMP Configuration - v3 uses SHA1 Auth Algorithm | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : SNMP Configuration - Version = '3' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
