| 2.6.3 Enable Firewall | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Protocol Access Controls - 'interface.blocked.cifs has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Protocol Access Controls - 'interface.blocked.ftpd is not blank' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Protocol Access Controls - 'interface.blocked.iscsi is not blank' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Protocol Access Controls - 'interface.blocked.ndmp is not blank' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Protocol Access Controls - 'interface.blocked.nfs has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Protocol Access Controls - 'rsh.access has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.11 Configure TCP Wrappers - inetadm tcp_wrapers = true | CIS Solaris 11.2 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.2 Disable Source Packet Forwarding - Check ip6_forward_src_routed value. Expected value: 0. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.4 Disable Response to ICMP Timestamp Requests - Check ip_respond_to_timestamp value. Expected value: 0. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.11 Ignore ICMP Redirect Messages - Check ip6_ignore_redirect value. Expected value: 1. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.16 Set Maximum Number of Half-open TCP Connections - Check tcp_conn_req_max_q0 value. Expected value: 4096. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.4 Disable Source Packet Forwarding - current ipv4 = 0 | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.4 Disable Source Packet Forwarding - current ipv4 = 0 | CIS Solaris 11.2 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.4 Disable Source Packet Forwarding - current ipv6 = 0 | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.4 Enable Strong TCP Sequence Number Generation - Enforce Strong TCP Sequence Number Generation setting (TCP_STRONG_ISS = 2). | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5 Disable Directed Broadcast Packet Forwarding - current ip = 0 | CIS Solaris 11.2 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5 Disable Directed Broadcast Packet Forwarding - persistent ip = 0 | CIS Solaris 11.2 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.6 Disable Response to ICMP Timestamp Requests - current ip = 0 | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.7 Disable Response to ICMP Broadcast Timestamp Requests - current ip = 0 | CIS Solaris 11.2 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.8 Disable Response to ICMP Broadcast Netmask Requests - current ip = 0 | CIS Solaris 11 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.10 Disable Response to Multicast Echo Request - current ipv4 = 0 | CIS Solaris 11.2 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.10 Disable Response to Multicast Echo Request - persistent ipv4 = 0 | CIS Solaris 11.2 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.10 Disable Response to Multicast Echo Request - current ipv4 = 0 | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.10 Disable Response to Multicast Echo Request - current ipv6 = 0 | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.11 Ignore ICMP Redirect Messages - current ipv4 = 1 | CIS Solaris 11 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.12 Set Strict Multihoming - current ipv4 = 0 | CIS Solaris 11 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.12 Set Strict Multihoming - persistent ipv4 = 0 | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.12 Set Strict Multihoming - persistent ipv6 = 0 | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.13 Disable ICMP Redirect Messages - current ipv6 = 0 | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.13 Disable ICMP Redirect Messages - persistent ipv4 = 0 | CIS Solaris 11 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.13 Disable ICMP Redirect Messages - persistent ipv6 = 0 | CIS Solaris 11 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.14 Disable TCP Reverse IP Source Routing - current tcp = 0 | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.15 Set Maximum Number of Half-open TCP Connections - current tcp = 4096 | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.15 Set Maximum Number of Half-open TCP Connections - persistent tcp = 4096 | CIS Solaris 11.2 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.16 Set Maximum Number of Incoming Connections - current tcp = 1024 | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.17 Disable Network Routing - ipv4-forwarding persistent = disabled | CIS Solaris 11.2 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.17 Disable Network Routing - ipv4-forwarding current = disabled | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.17 Disable Network Routing - ipv4-forwarding current = disabled | CIS Solaris 11 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.17 Disable Network Routing - ipv4-forwarding persistent = disabled | CIS Solaris 11 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1.1 Disable IP Forwarding | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1.2 Disable Send Packet Redirects - 'net.ipv4.conf.default.send_redirects = 0' | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2.3 Disable Secure ICMP Redirect Acceptance - 'net.ipv4.conf.default.secure_redirects=0' | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2.7 Enable RFC-recommended Source Route Validation - 'net.ipv4.conf.default.rp_filter = 1' | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Ensure that the vSwitch Promiscuous Mode policy is set to reject | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3.1 Ensure that the vSwitch Forged Transmits policy is set to reject | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3.2 Disable IPv6 Redirect Acceptance - 'net.ipv6.conf.all.accept_redirects = 0' | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.7 Ensure Firewall is active | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure /etc/hosts.allow is configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure TCP Wrappers is installed - dpkg | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
