Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.3 Account Anti-riot AttackTenable ZTE ROSNGZTE_ROSNG

ACCESS CONTROL

1.7.1 Ensure 'HTTP source restriction' is set to an authorized IP addressTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

1.10.11 Ensure 'logging trap severity ' is greater than or equal to '5'Tenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

Ensure 'aaa local authentication max failed attempts' is set to less than or equal to '3'Tenable Cisco Firepower Best Practices AuditCisco

ACCESS CONTROL

Ensure 'console session timeout' is less than or equal to '5' minutesTenable Cisco Firepower Best Practices AuditCisco

ACCESS CONTROL

Ensure 'EIGRP authentication' is enabledTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'Failover' is enabledTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'Host Name' is setTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'HTTP session timeout' is less than or equal to '5' minutesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'Image Authenticity' is correctTenable Cisco Firepower Best Practices AuditCisco

SYSTEM AND INFORMATION INTEGRITY

Ensure 'Image Integrity' is correctTenable Cisco Firepower Best Practices AuditCisco

SYSTEM AND INFORMATION INTEGRITY

Ensure 'ip verify' is set to 'reverse-path' for untrusted interfacesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'logging buffer size' is greater than or equal to '524288' bytes (512kb)Tenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

Ensure 'logging buffered severity ' is greater than or equal to '3'Tenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

Ensure 'logging to monitor' is disabledTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'logging to Serial console' is disabledTenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

Ensure 'logging with timestamps' is enabledTenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

Ensure 'logging' is enabledTenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

Ensure 'noproxyarp' is enabled for untrusted interfacesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'OSPF authentication' is enabledTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'Password Policy' is enabled - minimum-lengthTenable Cisco Firepower Best Practices AuditCisco

IDENTIFICATION AND AUTHENTICATION

Ensure 'RIP authentication' is enabledTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'SNMP community string' is not the default stringTenable Cisco Firepower Best Practices AuditCisco

IDENTIFICATION AND AUTHENTICATION

Ensure 'SNMP traps' is enabled - authenticationTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'SNMP traps' is enabled - coldstartTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'SNMP traps' is enabled - linkdownTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'SNMP traps' is enabled - linkupTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'snmp-server group' is set to 'v3 priv'Tenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'snmp-server host' is set to 'version 3'Tenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'SSH source restriction' is set to an authorized IP addressTenable Cisco Firepower Best Practices AuditCisco

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure 'syslog hosts' is configured correctlyTenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

Ensure 'TACACS+/RADIUS' is configured correctly - protocolTenable Cisco Firepower Best Practices AuditCisco

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

Ensure 'threat-detection statistics' is set to 'tcp-intercept'Tenable Cisco Firepower Best Practices AuditCisco

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure 'TLS 1.0' is set for HTTPS accessTenable Cisco Firepower Best Practices AuditCisco

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure 'Unused Interfaces' is disableTenable Cisco Firepower Best Practices AuditCisco

ACCESS CONTROL

Ensure DHCP services are disabled for untrusted interfaces - dhcpdTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure DHCP services are disabled for untrusted interfaces - dhcprelayTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure DNS services are configured correctly - domain-lookupTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure DNS services are configured correctly - name-serverTenable Cisco Firepower Best Practices AuditCisco

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure email logging is configured for critical to emergencyTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure ICMP is restricted for untrusted interfacesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure intrusion prevention is enabled for untrusted interfacesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure known default accounts do not existTenable Cisco Firepower Best Practices AuditCisco

IDENTIFICATION AND AUTHENTICATION

Ensure non-default application inspection is configured correctlyTenable Cisco Firepower Best Practices AuditCisco

SYSTEM AND INFORMATION INTEGRITY

Ensure packet fragments are restricted for untrusted interfacesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure timezone is properly configuredTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Huawei: Set appropriate 'shell' headerTNS Huawei VRP Best Practice AuditHuawei

ACCESS CONTROL

Huawei: SNMP is ConfiguredTNS Huawei VRP Best Practice AuditHuawei

CONFIGURATION MANAGEMENT

Huawei: User Interfaces Idle Timeout Less Than 5 MinutesTNS Huawei VRP Best Practice AuditHuawei

ACCESS CONTROL

JUSX-DM-000163 - The Juniper SRX Services Gateway must limit the number of sessions per minute to an organization-defined number for SSH to protect remote access management from unauthorized access.DISA Juniper SRX Services Gateway NDM v3r3Juniper

SYSTEM AND COMMUNICATIONS PROTECTION