| CISC-RT-000240 - The Cisco perimeter router must be configured to deny network traffic by default and allow network traffic by exception. | DISA STIG Cisco IOS XE Router RTR v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000240 - The Cisco perimeter router must be configured to deny network traffic by default and allow network traffic by exception. | DISA STIG Cisco IOS-XR Router RTR v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| DISA_Apple_macOS_15_Sequoia_STIG_v1r3.audit from DISA Apple macOS 15 (Sequoia) STIG v1r3 | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | |
| DISA_Canonical_Ubuntu_24.04_LTS_STIG_v1r1.audit from DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | |
| DISA_IBM_WebSphere_Traditional_9_Windows_v1r1.audit for DISA IBM WebSphere Traditional 9 STIG v1r1 | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | |
| DISA_IIS_6.0_Web_Site_v6r16.audit from DISA Microsoft IIS 6.0 Site v6r16 STIG | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | |
| DISA_Microsoft_Windows_Server_2019_STIG_v3r4.audit from DISA Microsoft Windows Server 2019 STIG v3r4 | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | |
| DISA_Rancher_Government_Solutions_RKE2_STIG_v2r3.audit from DISA Rancher Government Solutions RKE2 STIG v2r3 | DISA Rancher Government Solutions RKE2 STIG v2r3 | Unix | |
| DISA_STIG_Apache_Server-2.2_Unix_v1r11.audit from DISA Apache 2.2 Unix STIG v1r11 | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | |
| DISA_STIG_Cisco_IOS_Switch_L2S_v3r1.audit from DISA Cisco IOS Switch L2S v3r1 STIG | DISA STIG Cisco IOS Switch L2S v3r1 | Cisco | |
| DISA_STIG_Cisco_IOS_Switch_RTR_v3r1.audit from DISA Cisco IOS Switch RTR v3r1 STIG | DISA STIG Cisco IOS Switch RTR v3r1 | Cisco | |
| DISA_STIG_IIS_10.0_Web_Server_v2r10.audit from DISA Microsoft IIS 10.0 Server v2r10 STIG | DISA IIS 10.0 Server v2r10 | Windows | |
| DISA_STIG_IIS_10.0_Web_Server_v3r3.audit from DISA Microsoft IIS 10.0 Server v3r3 STIG | DISA IIS 10.0 Server v3r3 | Windows | |
| DISA_STIG_IIS_10.0_Web_Site_v2r11.audit from DISA Microsoft IIS 10.0 Site v2r11 STIG | DISA IIS 10.0 Site v2r11 | Windows | |
| DISA_STIG_MariaDB_Enterprise_10.x_v2r3_OS_Linux.audit from DISA MariaDB Enterprise 10.x v2r3 STIG | DISA MariaDB Enterprise 10.x v2r3 OS Linux | Unix | |
| DISA_STIG_Microsoft_Internet_Explorer_9_v1r15.audit from DISA Microsoft Internet Explorer 9 v1r15 STIG | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | |
| DISA_STIG_Microsoft_Internet_Explorer_11_v2r5.audit from DISA Microsoft Internet Explorer 11 v2r5 STIG | DISA STIG IE 11 v2r5 | Windows | |
| DISA_STIG_Microsoft_Office_365_ProPlus_v3r3.audit from DISA Microsoft Office 365 ProPlus v3r3 STIG | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | |
| DISA_STIG_Microsoft_Office_System_2010_v1r13.audit from DISA Microsoft Office System 2010 v1r13 STIG | DISA STIG Office System 2010 v1r13 | Windows | |
| DISA_STIG_Microsoft_Office_System_2013_v2r2.audit from DISA Microsoft Office System 2013 v2r2 STIG | DISA STIG Microsoft Office System 2013 v2r2 | Windows | |
| DISA_STIG_Ubuntu_20.04_LTS_v2r1.audit from DISA Canonical Ubuntu 20.04 LTS v2r1 STIG | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | |
| DISA_STIG_VMware_vSphere_6.7_RhttpProxy_v1r3.audit from DISA VMware vSphere 6.7 RhttpProxy v1r3 STIG | DISA STIG VMware vSphere 6.7 RhttpProxy v1r3 | Unix | |
| DISA_STIG_VMware_vSphere_7.0_VAMI_v1r2.audit from DISA VMware vSphere 7.0 VAMI v1r2 STIG | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | |
| JUNI-RT-000300 - The Juniper perimeter router must be configured to not redistribute static routes to an alternate gateway service provider into BGP or an IGP peering with the NIPRNet or to other autonomous systems. | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUNI-RT-000360 - The Juniper perimeter router must be configured to have Link Layer Discovery Protocol (LLDP) disabled on all external interfaces - LLDP disabled on all external interfaces. | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000386 - The Juniper perimeter router must be configured to drop IPv6 packets containing the NSAP address option within Destination Option header. | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000387 - The Juniper perimeter router must be configured to drop IPv6 packets containing a Hop-by-Hop or Destination Option extension header with an undefined option type - dstops | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000400 - The Juniper out-of-band management (OOBM) gateway router must be configured to forward only authorized management traffic to the Network Operations Center (NOC). | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000410 - The Juniper out-of-band management (OOBM) gateway router must be configured to have separate IGP instances for the managed network and management network. | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUNI-RT-000460 - The Juniper BGP router must be configured to enable the Generalized TTL Security Mechanism (GTSM) - Interfaces | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000500 - The Juniper BGP router must be configured to reject inbound route advertisements from a customer edge (CE) Juniper router for prefixes that are not allocated to that customer - CE Juniper router. | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUNI-RT-000530 - The Juniper BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute. | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUNI-RT-000535 - The Juniper BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer - bgp import | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUNI-RT-000550 - The Juniper BGP router must be configured to limit the prefix size on any inbound route advertisement to /24 or the least significant prefixes issued to the customer - bgp import | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000560 - The Juniper BGP router must be configured to use its loopback address as the source address for iBGP peering sessions. | DISA STIG Juniper Router RTR v3r2 | Juniper | CONTINGENCY PLANNING |
| JUNI-RT-000580 - The Juniper MPLS router must be configured to synchronize IGP and LDP to minimize packet loss when an IGP adjacency is established prior to LDP peers completing label exchange - IS-IS | DISA STIG Juniper Router RTR v3r2 | Juniper | CONFIGURATION MANAGEMENT |
| JUNI-RT-000610 - The Juniper PE router must be configured to have each Virtual Routing and Forwarding (VRF) instance bound to the appropriate physical or logical interfaces to maintain traffic separation between all MPLS L3VPNs. | DISA STIG Juniper Router RTR v3r2 | Juniper | CONTINGENCY PLANNING |
| JUNI-RT-000620 - The Juniper PE router must be configured to have each Virtual Routing and Forwarding (VRF) instance with the appropriate Route Target (RT) - RT. | DISA STIG Juniper Router RTR v3r2 | Juniper | CONTINGENCY PLANNING |
| JUNI-RT-000640 - The Juniper PE router providing MPLS Layer 2 Virtual Private Network (L2VPN) services must be configured to authenticate targeted Label Distribution Protocol (LDP) sessions used to exchange virtual circuit (VC) information using a FIPS-approved message authentication code algorithm - key-chain | DISA STIG Juniper Router RTR v3r2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUNI-RT-000640 - The Juniper PE router providing MPLS Layer 2 Virtual Private Network (L2VPN) services must be configured to authenticate targeted Label Distribution Protocol (LDP) sessions used to exchange virtual circuit (VC) information using a FIPS-approved message authentication code algorithm - ldp | DISA STIG Juniper Router RTR v3r2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUNI-RT-000680 - The Juniper PE router providing Virtual Private LAN Services (VPLS) must be configured to have traffic storm control thresholds on CE-facing interfaces - policer | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000680 - The Juniper PE router providing Virtual Private LAN Services (VPLS) must be configured to have traffic storm control thresholds on CE-facing interfaces - routing | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000730 - The Juniper PE router must be configured to ignore or block all packets with any IP options. | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000790 - The Juniper multicast router must be configured to bind a Protocol Independent Multicast (PIM) neighbor filter to interfaces that have PIM enabled - protocols pim | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUNI-RT-000820 - The Juniper multicast Rendezvous Point (RP) router must be configured to filter Protocol Independent Multicast (PIM) Register messages received from the Designated Router (DR) for any undesirable multicast groups and sources - protocols pim | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUNI-RT-000830 - The Juniper multicast Rendezvous Point (RP) router must be configured to filter Protocol Independent Multicast (PIM) Join messages received from the Designated Juniper router (DR) for any undesirable multicast groups - policy-options | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUNI-RT-000870 - The Juniper multicast Designated Router (DR) must be configured to limit the number of mroute states resulting from Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Host Membership Reports - DR must be configured to limit the number of mroute states. | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000910 - The Juniper Multicast Source Discovery Protocol (MSDP) router must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources - policy-options | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUNI-RT-000910 - The Juniper Multicast Source Discovery Protocol (MSDP) router must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources - protocols msdp | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
| JUNI-RT-000920 - The Juniper Multicast Source Discovery Protocol (MSDP) router must be configured to filter source-active multicast advertisements to external MSDP peers to avoid global visibility of local-only multicast sources and groups - protocols msdp | DISA STIG Juniper Router RTR v3r2 | Juniper | ACCESS CONTROL |
