| 6.11.1 Ensure Auxiliary Port is Set to Disabled | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| ARST-RT-000330 - The Arista perimeter router must be configured to deny network traffic by default and allow network traffic by exception. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000240 - The Cisco perimeter router must be configured to deny network traffic by default and allow network traffic by exception. | DISA STIG Cisco IOS Router RTR v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| DISA_Apple_macOS_15_Sequoia_STIG_v1r3.audit from DISA Apple macOS 15 (Sequoia) STIG v1r3 | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | |
| DISA_Canonical_Ubuntu_24.04_LTS_STIG_v1r1.audit from DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | |
| DISA_IBM_WebSphere_Traditional_9_Windows_v1r1.audit for DISA IBM WebSphere Traditional 9 STIG v1r1 | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | |
| DISA_IIS_6.0_Web_Site_v6r16.audit from DISA Microsoft IIS 6.0 Site v6r16 STIG | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | |
| DISA_Microsoft_Windows_Server_2019_STIG_v3r4.audit from DISA Microsoft Windows Server 2019 STIG v3r4 | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | |
| DISA_Rancher_Government_Solutions_RKE2_STIG_v2r3.audit from DISA Rancher Government Solutions RKE2 STIG v2r3 | DISA Rancher Government Solutions RKE2 STIG v2r3 | Unix | |
| DISA_STIG_Apache_Server-2.2_Unix_v1r11.audit from DISA Apache 2.2 Unix STIG v1r11 | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | |
| DISA_STIG_Cisco_IOS_Switch_L2S_v3r1.audit from DISA Cisco IOS Switch L2S v3r1 STIG | DISA STIG Cisco IOS Switch L2S v3r1 | Cisco | |
| DISA_STIG_Cisco_IOS_Switch_RTR_v3r1.audit from DISA Cisco IOS Switch RTR v3r1 STIG | DISA STIG Cisco IOS Switch RTR v3r1 | Cisco | |
| DISA_STIG_IIS_10.0_Web_Server_v2r10.audit from DISA Microsoft IIS 10.0 Server v2r10 STIG | DISA IIS 10.0 Server v2r10 | Windows | |
| DISA_STIG_IIS_10.0_Web_Server_v3r3.audit from DISA Microsoft IIS 10.0 Server v3r3 STIG | DISA IIS 10.0 Server v3r3 | Windows | |
| DISA_STIG_IIS_10.0_Web_Site_v2r11.audit from DISA Microsoft IIS 10.0 Site v2r11 STIG | DISA IIS 10.0 Site v2r11 | Windows | |
| DISA_STIG_MariaDB_Enterprise_10.x_v2r3_OS_Linux.audit from DISA MariaDB Enterprise 10.x v2r3 STIG | DISA MariaDB Enterprise 10.x v2r3 OS Linux | Unix | |
| DISA_STIG_Microsoft_Internet_Explorer_9_v1r15.audit from DISA Microsoft Internet Explorer 9 v1r15 STIG | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | |
| DISA_STIG_Microsoft_Internet_Explorer_11_v2r5.audit from DISA Microsoft Internet Explorer 11 v2r5 STIG | DISA STIG IE 11 v2r5 | Windows | |
| DISA_STIG_Microsoft_Office_365_ProPlus_v3r3.audit from DISA Microsoft Office 365 ProPlus v3r3 STIG | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | |
| DISA_STIG_Microsoft_Office_System_2010_v1r13.audit from DISA Microsoft Office System 2010 v1r13 STIG | DISA STIG Office System 2010 v1r13 | Windows | |
| DISA_STIG_Microsoft_Office_System_2013_v2r2.audit from DISA Microsoft Office System 2013 v2r2 STIG | DISA STIG Microsoft Office System 2013 v2r2 | Windows | |
| DISA_STIG_Ubuntu_20.04_LTS_v2r1.audit from DISA Canonical Ubuntu 20.04 LTS v2r1 STIG | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | |
| DISA_STIG_VMware_vSphere_6.7_RhttpProxy_v1r3.audit from DISA VMware vSphere 6.7 RhttpProxy v1r3 STIG | DISA STIG VMware vSphere 6.7 RhttpProxy v1r3 | Unix | |
| DISA_STIG_VMware_vSphere_7.0_VAMI_v1r2.audit from DISA VMware vSphere 7.0 VAMI v1r2 STIG | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | |
| JUEX-RT-000270 - The Juniper router must be configured to have all nonessential capabilities disabled. | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUNI-ND-000160 - The Juniper router must be configured to display the Standard Mandatory DoD Notice and Consent Banner before granting access to the device. | DISA STIG Juniper Router NDM v3r2 | Juniper | ACCESS CONTROL |
| JUNI-ND-000250 - The Juniper router must be configured to generate audit records when successful/unsuccessful attempts to logon with access privileges occur. | DISA STIG Juniper Router NDM v3r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUNI-ND-000470 - The Juniper router must be configured to prohibit the use of all unnecessary and nonsecure functions and services. | DISA STIG Juniper Router NDM v3r2 | Juniper | CONFIGURATION MANAGEMENT |
| JUNI-ND-000570 - The Juniper router must be configured to enforce password complexity by requiring that at least one uppercase character be used. | DISA STIG Juniper Router NDM v3r2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUNI-ND-000600 - The Juniper router must be configured to enforce password complexity by requiring that at least one special character be used. | DISA STIG Juniper Router NDM v3r2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUNI-ND-001030 - The Juniper router must be configured to record time stamps for log records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). | DISA STIG Juniper Router NDM v3r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUNI-ND-001250 - The Juniper router must be configured to generate audit records when successful/unsuccessful logon attempts occur. | DISA STIG Juniper Router NDM v3r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUNI-RT-000070 - The Juniper router must be configured to have all non-essential capabilities disabled - ftp | DISA STIG Juniper Router RTR v3r2 | Juniper | CONFIGURATION MANAGEMENT |
| JUNI-RT-000070 - The Juniper router must be configured to have all non-essential capabilities disabled - http | DISA STIG Juniper Router RTR v3r2 | Juniper | CONFIGURATION MANAGEMENT |
| JUNI-RT-000270 - The Juniper perimeter router must be configured to block inbound packets with source Bogon IP address prefixes - filter | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000390 - The Juniper out-of-band management (OOBM) gateway router must be configured to transport management traffic to the Network Operations Center (NOC) via dedicated circuit, MPLS/VPN service, or IPsec tunnel - IPsec | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000390 - The Juniper out-of-band management (OOBM) gateway router must be configured to transport management traffic to the Network Operations Center (NOC) via dedicated circuit, MPLS/VPN service, or IPsec tunnel - Mgmt | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000420 - The Juniper out-of-band management (OOBM) gateway router must be configured to not redistribute routes between the management network routing domain and the managed network routing domain. | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUNI-RT-000440 - The Juniper router must be configured to only permit management traffic that ingresses and egresses the OOBM interface - Outbound | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000460 - The Juniper BGP router must be configured to enable the Generalized TTL Security Mechanism (GTSM) - GTSM_FILTER | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000480 - The Juniper BGP router must be configured to reject inbound route advertisements for any Bogon prefixes - prefix-list | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUNI-RT-000480 - The Juniper BGP router must be configured to reject inbound route advertisements for any Bogon prefixes - prefix-statement | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUNI-RT-000520 - The Juniper BGP router must be configured to reject outbound route advertisements for any prefixes belonging to the IP core. | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000680 - The Juniper PE router providing Virtual Private LAN Services (VPLS) must be configured to have traffic storm control thresholds on CE-facing interfaces - traffic | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000710 - The Juniper PE router must be configured to block any traffic that is destined to IP core infrastructure. | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000770 - The Juniper PE router must be configured to enforce a Quality-of-Service (QoS) policy to limit the effects of packet flooding denial-of-service (DoS) attacks - DoS attacks. | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000800 - The Juniper multicast edge router must be configured to establish boundaries for administratively scoped multicast traffic. | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUNI-RT-000810 - The Juniper multicast Rendezvous Point (RP) router must be configured to limit the multicast forwarding cache so that its resources are not saturated by managing an overwhelming number of Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP) source-active entries - suppress | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000890 - The Juniper Multicast Source Discovery Protocol (MSDP) router must be configured to only accept MSDP packets from known MSDP peers - filters | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000920 - The Juniper Multicast Source Discovery Protocol (MSDP) router must be configured to filter source-active multicast advertisements to external MSDP peers to avoid global visibility of local-only multicast sources and groups - policy-options | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
