Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1 Ensure 'Logon Password' is setCIS Cisco Firewall v8.x L1 v4.2.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.1.3 Ensure 'Master Key Passphrase' is setCIS Cisco Firewall v8.x L1 v4.2.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.5 Ensure 'Password Policy' is enabled - lifetimeCIS Cisco Firewall v8.x L1 v4.2.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.1.5 Ensure 'Password Policy' is enabled - minimum-changesCIS Cisco Firewall v8.x L1 v4.2.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.1.5 Ensure 'Password Policy' is enabled - minimum-lengthCIS Cisco Firewall v8.x L1 v4.2.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.1.5 Ensure 'Password Policy' is enabled - minimum-uppercaseCIS Cisco Firewall v8.x L1 v4.2.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.2.2 Ensure 'Host Name' is setCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.2.3 Ensure 'Failover' is enabledCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.2.4 Ensure 'Unused Interfaces' is disableCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

1.2.5 Set 'access-class' for 'line vty'CIS Cisco IOS 12 L1 v4.0.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.3.2 Ensure 'Image Authenticity' is correctCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

SYSTEM AND INFORMATION INTEGRITY

1.4.1.3 Ensure known default accounts do not existCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctly - serverCIS Cisco Firewall v8.x L1 v4.2.0Cisco

ACCESS CONTROL

1.4.3.4 Ensure 'aaa authentication serial console' is configured correctlyCIS Cisco Firewall v8.x L1 v4.2.0Cisco

ACCESS CONTROL

1.4.3.5 Ensure 'aaa authentication ssh console' is configured correctlyCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

ACCESS CONTROL

1.4.4.2 Ensure 'aaa authorization exec' is configured correctlyCIS Cisco Firewall v8.x L1 v4.2.0Cisco

ACCESS CONTROL

1.4.5.3 Ensure 'aaa accounting for Serial console' is configured correctlyCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

1.5.1 Ensure 'ASDM banner' is setCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

AWARENESS AND TRAINING

1.5.2 Ensure 'EXEC banner' is setCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

AWARENESS AND TRAINING

1.5.4 Ensure 'MOTD banner' is setCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

AWARENESS AND TRAINING

1.6.1 Ensure 'SSH source restriction' is set to an authorized IP addressCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.6.2 Ensure 'SSH version 2' is enabledCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.6.2 Ensure 'SSH version 2' is enabledCIS Cisco Firewall v8.x L1 v4.2.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.6.4 Ensure 'SCP protocol' is set to Enable for files transfersCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.7.1 Ensure 'HTTP source restriction' is set to an authorized IP addressCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.7.2 Ensure 'TLS 1.0' is set for HTTPS accessCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.8.1 Ensure 'console session timeout' is less than or equal to '5' minutesCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

1.8.1 Ensure 'console session timeout' is less than or equal to '5' minutesCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.9.1.2 Ensure 'NTP authentication key' is configured correctlyCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.10.1 Ensure 'logging' is enabledCIS Cisco Firewall v8.x L1 v4.2.0Cisco

AUDIT AND ACCOUNTABILITY

1.10.2 Ensure 'logging to Serial console' is disabledCIS Cisco Firewall v8.x L1 v4.2.0Cisco

AUDIT AND ACCOUNTABILITY

1.10.8 Ensure 'syslog logging facility' is equal to '23'CIS Cisco Firewall v8.x L1 v4.2.0Cisco

AUDIT AND ACCOUNTABILITY

1.10.10 Ensure 'logging buffered severity level' is greater than or equal to '3'CIS Cisco Firewall v8.x L1 v4.2.0Cisco

AUDIT AND ACCOUNTABILITY

1.10.11 Ensure 'logging trap severity level' is greater than or equal to '5'CIS Cisco Firewall v8.x L1 v4.2.0Cisco

AUDIT AND ACCOUNTABILITY

1.11.3 Ensure 'snmp-server host' is set to 'version 3'CIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

1.11.4 Ensure 'SNMP traps' is enabled - coldstartCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.11.4 Ensure 'SNMP traps' is enabled - linkdownCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

1.11.4 Ensure 'SNMP traps' is enabled - linkupCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

1.11.5 Ensure 'SNMP community string' is not the default stringCIS Cisco Firewall v8.x L1 v4.2.0Cisco

IDENTIFICATION AND AUTHENTICATION

2.1.1.1.2 Set the 'ip domain-name'CIS Cisco IOS XE 16.x v2.1.0 L1Cisco

CONFIGURATION MANAGEMENT

2.1.3 Ensure 'EIGRP authentication' is enabledCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

2.2 Ensure 'noproxyarp' is enabled for untrusted interfacesCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

2.2.1 Set 'logging enable'CIS Cisco IOS XE 16.x v2.1.0 L1Cisco

AUDIT AND ACCOUNTABILITY

2.5 Ensure ICMP is restricted for untrusted interfacesCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

3.1 Ensure DNS services are configured correctly - name-serverCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

3.2 Ensure intrusion prevention is enabled for untrusted interfacesCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

3.7 Ensure 'ip verify' is set to 'reverse-path' for untrusted interfacesCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

3.8 Ensure 'security-level' is set to '0' for Internet-facing interfaceCIS Cisco Firewall v8.x L1 v4.2.0Cisco

ACCESS CONTROL

3.10 Ensure ActiveX filtering is enabledCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

3.11 Ensure Java applet filtering is enabledCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT