| 1.1.5.2.7 Set 'Inbound Connections' to 'Enabled:Block (default)' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.5.3.11 Set 'Inbound Connections' to 'Enabled:Block (default)' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.39 (L1) Ensure 'Network Prediction' is set to 'Disabled' | CIS Mozilla Firefox ESR GPO v1.0.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.1 (L1) Ensure 'Configure the list of domains on which Safe Browsing will not trigger warnings' is set to 'Disabled' | CIS Google Chrome L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.2 (L1) Ensure 'Safe Browsing Protection Level' is set to 'Enabled: Safe Browsing is active in the standard mode.' or higher | CIS Google Chrome L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.3.2 (L1) Ensure 'Control use of insecure content exceptions' is set to 'Enabled: Do not allow any site to load mixed content' | CIS Microsoft Edge v3.0.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4.2 Verify that the scheduler API service is protected by RBAC | CIS Red Hat OpenShift Container Platform v1.7.0 L1 | OpenShift | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8 (L2) Ensure 'Control SafeSites adult content filtering' is set to 'Enabled: Filter top level sites (but not embedded iframes) for adult content' | CIS Google Chrome L2 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.25 (L1) Ensure 'List of names that will bypass the HSTS policy check' is set to 'Disabled' | CIS Google Chrome L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.5 Ensure unused interfaces are disabled | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.1 (L1) Ensure 'Control use of insecure content exceptions' is set to 'Enabled: Do not allow any site to load mixed content' | CIS Google Chrome L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.12 (L2) Ensure 'Allow proceeding from the SSL warning page' is set to 'Disabled' | CIS Google Chrome L2 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.13 (L1) Ensure 'Disable proceeding from the Safe Browsing warning page' is set to 'Enabled' | CIS Google Chrome L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4.22 Ensure virtual hosts are defined to isolate applications | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4 (L1) Host must filter Bridge Protocol Data Unit (BPDU) packets | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.9 Ensure that URL Filtering uses the action of 'block' or 'override' on the URL categories | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.12 Ensure secure URL filtering is enabled for all security policies allowing traffic to the Internet | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.23 Ensure that 'Cloud Inline Categorization' on URL Filtering profiles are enabled if 'Advanced Threat Prevention' is available | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.29 Ensure EC2 instances within Data Tier have no Elastic / Public IP addresses associated | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.2 (L1) Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.2 Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.2 Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.3 (L1) Ensure 'Windows Firewall: Domain: Settings: Display a notification' is set to 'No' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.3 Ensure 'Windows Firewall: Domain: Outbound connections' is set to 'Allow (default)' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.3 Ensure 'Windows Firewall: Domain: Settings: Display a notification' is set to 'No' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.4 Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.2 Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.2 Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.2 Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.3 Ensure 'Windows Firewall: Private: Outbound connections' is set to 'Allow (default)' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.3 Ensure 'Windows Firewall: Private: Outbound connections' is set to 'Allow (default)' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.3 Ensure 'Windows Firewall: Private: Settings: Display a notification' is set to 'No' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.4 Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.4 Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.5 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater' | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.2 Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.2 Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.2 Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.3 Ensure 'Windows Firewall: Public: Outbound connections' is set to 'Allow (default)' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.3 Ensure 'Windows Firewall: Public: Settings: Display a notification' is set to 'No' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.4 (L1) Ensure 'Windows Firewall: Public: Settings: Apply local firewall rules' is set to 'No' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.4 Ensure 'Windows Firewall: Public: Settings: Apply local firewall rules' is set to 'No' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.5 (L1) Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No' | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.7 (L1) Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.7 (L1) Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater' | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.7 Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.12 (L1) Ensure 'Unnecessary websites are blocked' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Adtran : Enable Firewall | TNS Adtran AOS Best Practice Audit | Adtran | SYSTEM AND COMMUNICATIONS PROTECTION |
| Adtran : Enable stateful inspection on firewall | TNS Adtran AOS Best Practice Audit | Adtran | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : ICMP Error Handling - 'network-unreachable' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
