Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Ensure Minimum Password Length is set to 14 or higherCIS Check Point Firewall L1 v1.1.0CheckPoint

IDENTIFICATION AND AUTHENTICATION

1.1.1.2 RADIUSCIS Cisco IOS XR 7.x v1.0.1 L2Cisco

ACCESS CONTROL

1.2 Ensure Disallow Palindromes is selectedCIS Check Point Firewall L1 v1.1.0CheckPoint

IDENTIFICATION AND AUTHENTICATION

1.7 Ensure Lockout users after password expiration is set to 1CIS Check Point Firewall L1 v1.1.0CheckPoint

ACCESS CONTROL

1.8 Ensure Deny access to unused accounts is selectedCIS Check Point Firewall L1 v1.1.0CheckPoint

ACCESS CONTROL

1.12 Ensure Maximum number of failed attempts allowed is set to 5 or fewerCIS Check Point Firewall L1 v1.1.0CheckPoint

ACCESS CONTROL

2.1.7 Ensure IPv6 is disabled if not usedCIS Check Point Firewall L1 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT

2.2.1 Ensure SNMP agent is disabledCIS Check Point Firewall L1 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT

2.2.2 Ensure SNMP version is set to v3-OnlyCIS Check Point Firewall L1 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT

2.2.3 Ensure SNMP traps is enabled - configurationSaveCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

2.3.2 Ensure timezone is properly configuredCIS Check Point Firewall L1 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT

2.5.3 Ensure Client Authentication is secured.CIS Check Point Firewall L1 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT

2.6.1 Ensure mgmtauditlogs is set to onCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

2.6.2 Ensure auditlog is set to permanentCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

2.6.5 Review Application Firewall RulesCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.4 Ensure nftables established connections are configuredCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.4 Ensure nftables established connections are configuredCIS Rocky Linux 8 Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.2.4 Ensure iptables default deny firewall policyCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.3.2 Ensure ip6tables loopback traffic is configuredCIS Debian 10 Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.3.4 Ensure ip6tables default deny firewall policyCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.2.2 Ensure iptables outbound and established connections are configuredCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.2.2 Ensure iptables outbound and established connections are configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.2.2 Ensure iptables outbound and established connections are configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.2.2 Ensure iptables outbound and established connections are configuredCIS Oracle Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.3.2 Ensure ip6tables outbound and established connections are configuredCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.3.2 Ensure ip6tables outbound and established connections are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.2 Ensure loopback traffic is configured - outputCIS Debian 8 Server L1 v2.0.2Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.2 Ensure IPv6 loopback traffic is configuredCIS Debian 9 Server L1 v1.0.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.3 Ensure outbound and established connections are configuredCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.4 Ensure ip6tables default deny firewall policyCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.4 Ensure ip6tables default deny firewall policyCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3 Ensure loopback traffic is configured - inputCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3 Ensure loopback traffic is configured - outputCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.3 Ensure IPv6 outbound and established connections are configuredCIS CentOS 6 Server L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.3 Ensure IPv6 outbound and established connections are configuredCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.4.2.2 Ensure IPv6 loopback traffic is configuredCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.13 Ensure Disk Space Alert is setCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

3.14 Ensure Accept RIP is not enabledCIS Check Point Firewall L2 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

3.15 Ensure Accept Domain Name over TCP (Zone Transfer) is not enabledCIS Check Point Firewall L2 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT

4.4.2.2 Ensure iptables loopback traffic is configuredCIS Ubuntu Linux 20.04 LTS v3.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.2 Ensure ip6tables loopback traffic is configuredCIS Ubuntu Linux 20.04 LTS v3.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.5 Firewall ConsiderationCIS Apple macOS 10.12 L2 v1.2.0Unix

CONFIGURATION MANAGEMENT

7.5 Firewall ConsiderationCIS Apple OSX 10.9 L2 v1.3.0Unix
9.2.6 Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

SYSTEM AND COMMUNICATIONS PROTECTION

9.2.6 Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.8 Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-L2-000160 - The Arista MLS layer 2 switch must have all trunk links enabled statically.DISA STIG Arista MLS EOS 4.x L2S v2r2Arista

CONFIGURATION MANAGEMENT

Big Sur - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall PolicyNIST macOS Big Sur v1.4.0 - 800-53r4 ModerateUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall PolicyNIST macOS Big Sur v1.4.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

ESXI-70-000057 - The ESXi host must configure the firewall to block network traffic by default - incomingDISA STIG VMware vSphere 7.0 ESXi v1r4VMware

CONFIGURATION MANAGEMENT