| 5. OpenStack Compute - Policy.json - 'os_compute_api:os-migrate-server:migrate_live' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 34. OpenStack Compute - Policy.json - 'compute_extension:instance_usage_audit_log' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 40. OpenStack Compute - Policy.json - 'compute_extension:aggregates' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 55. OpenStack Compute - Policy.json - 'compute_extension:flavormanage' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 58. OpenStack Compute - Policy.json - 'compute_extension:fping:all_tenants' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 59. OpenStack Compute - Policy.json - 'compute_extension:os-assisted-volume-snapshots:delete' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 62. OpenStack Compute - Policy.json - 'os_compute_api:os-migrations:index' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 63. OpenStack Compute - Policy.json - 'os_compute_api:os-pause-server:unpause' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 70. OpenStack Compute - Policy.json - 'compute_extension:os-assisted-volume-snapshots:create' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 72. OpenStack Compute - Policy.json - 'os_compute_api:os-aggregates:remove_host' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 73. OpenStack Compute - Policy.json - 'compute_extension:admin_actions:unlock' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 74. OpenStack Compute - Policy.json - 'compute_extension:networks' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 104. OpenStack Compute - Policy.json - 'compute_extension:evacuate' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 110. OpenStack Compute - Policy.json - 'os_compute_api:os-aggregates:show' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 112. OpenStack Compute - Policy.json - 'os_compute_api:server-metadata:update' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 126. OpenStack Compute - Policy.json - 'os_compute_api:os-server-diagnostics' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 130. OpenStack Compute - Policy.json - 'compute_extension:os-server-external-events:create' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 133. OpenStack Compute - Policy.json - 'os_compute_api:os-flavor-access:remove_tenant_access' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 138. OpenStack Compute - Policy.json - 'compute_extension:cells:create' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 140. OpenStack Compute - Policy.json - 'compute_extension:extended_server_attributes' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 146. OpenStack Compute - Policy.json - 'compute:start' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 147. OpenStack Compute - Policy.json - 'compute_extension:flavor_access:addTenantAccess' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| ACLs: Filter for RFC 1918 addresses (10.0.0.0/8) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 1918 addresses (172.16.0.0/12) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 3330 addresses (0.0.0.0/8) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 3330 addresses (127.0.0.0/8) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 3330 addresses (169.254.0.0/16) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 3330 addresses (198.51.100.0/24) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| Authentication: enable remote authentication | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |
| BGP: Authenticate peers | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | ACCESS CONTROL |
| CPM Filtering: Filter for IGMP | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for L2TP | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for PIM | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for VRRP | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| DNS: A trusted primary DNS server is configured | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| DNS: A trusted secondary DNS server is configured | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| Fortigate - AAA - LDAP server is trusted | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| ICMP: Do not return unreachable messages | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| Login: Accounts are locked after 3 failed password attempts | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | ACCESS CONTROL |
| Login: Configure Pre-login Banner | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | ACCESS CONTROL |
| Login: Exponential Backoff is set | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | ACCESS CONTROL |
| Login: Idle connections time out after 5 minutes or less | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | CONFIGURATION MANAGEMENT |
| Login: ssh - v1 is disabled | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | CONFIGURATION MANAGEMENT |
| Login: Telnet is disabled (IPv4) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | CONFIGURATION MANAGEMENT |
| Login: Telnet is disabled (IPv6) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | CONFIGURATION MANAGEMENT |
| Password Complexity: Require at least one number | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |
| Spanning Tree: enable edge-port | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| Spanning Tree: enable root-guard | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| Time: Disable Daylight Savings Time adjustment | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | AUDIT AND ACCOUNTABILITY |
| Time: Set system clock to UTC | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | AUDIT AND ACCOUNTABILITY |
