Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2 Ensure 'Enable Password' is setCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.3 Ensure 'Master Key Passphrase' is setCIS Cisco Firewall v8.x L1 v4.2.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.4 Ensure 'Password Recovery' is disabledCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

1.1.4 Set 'login authentication for 'line con 0'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL

1.1.5 Ensure 'Password Policy' is enabled - lifetimeCIS Cisco Firewall v8.x L1 v4.2.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.1.5 Ensure 'Password Policy' is enabled - minimum-lowercaseCIS Cisco Firewall v8.x L1 v4.2.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.1.5 Ensure 'Password Policy' is enabled - minimum-numericCIS Cisco Firewall v8.x L1 v4.2.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.1.5 Ensure 'Password Policy' is enabled - minimum-uppercaseCIS Cisco Firewall v8.x L1 v4.2.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.2.3 Ensure 'Failover' is enabledCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.2.4 Ensure 'Unused Interfaces' is disableCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.2.4 Ensure 'Unused Interfaces' is disableCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

1.3.2 Ensure 'Image Authenticity' is correctCIS Cisco Firewall v8.x L1 v4.2.0Cisco

SYSTEM AND INFORMATION INTEGRITY

1.4.1.1 Ensure 'aaa local authentication max failed attempts' is set to less than or equal to '3'CIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

1.4.1.2 Ensure 'local username and password' is setCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctly - protocolCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctly - serverCIS Cisco Firewall v8.x L1 v4.2.0Cisco

ACCESS CONTROL

1.4.3.1 Ensure 'aaa authentication enable console' is configured correctlyCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

ACCESS CONTROL

1.4.3.2 Ensure 'aaa authentication http console' is configured correctlyCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

ACCESS CONTROL

1.4.4.2 Ensure 'aaa authorization exec' is configured correctlyCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

ACCESS CONTROL

1.4.5.1 Ensure 'aaa command accounting' is configured correctlyCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.4.5.2 Ensure 'aaa accounting for SSH' is configured correctlyCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

1.4.5.3 Ensure 'aaa accounting for Serial console' is configured correctlyCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.4.5.4 Ensure 'aaa accounting for EXEC mode' is configured correctlyCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.5.1 Ensure 'ASDM banner' is setCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

AWARENESS AND TRAINING

1.6.2 Ensure 'SSH version 2' is enabledCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

1.6.4 Ensure 'SCP protocol' is set to Enable for files transfersCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.8.1 Ensure 'console session timeout' is less than or equal to '5' minutesCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

1.8.2 Ensure 'SSH session timeout' is less than or equal to '5' minutesCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.8.3 Ensure 'HTTP session timeout' is less than or equal to '5' minutesCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.9.1.1 Ensure 'NTP authentication' is enabledCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

AUDIT AND ACCOUNTABILITY

1.9.1.2 Ensure 'NTP authentication key' is configured correctlyCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.9.2 Ensure 'local timezone' is properly configuredCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

1.9.2 Ensure 'local timezone' is properly configuredCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.10.2 Ensure 'logging to Serial console' is disabledCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.10.3 Ensure 'logging to monitor' is disabledCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.10.4 Ensure 'syslog hosts' is configured correctlyCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.10.5 Ensure 'logging with the device ID' is configured correctlyCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

AUDIT AND ACCOUNTABILITY

1.10.8 Ensure 'syslog logging facility' is equal to '23'CIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

AUDIT AND ACCOUNTABILITY

1.10.9 Ensure 'logging buffer size' is greater than or equal to '524288' bytes (512kb)CIS Cisco Firewall v8.x L1 v4.2.0Cisco

AUDIT AND ACCOUNTABILITY

1.10.10 Ensure 'logging buffered severity level' is greater than or equal to '3'CIS Cisco Firewall v8.x L1 v4.2.0Cisco

AUDIT AND ACCOUNTABILITY

1.11.3 Ensure 'snmp-server host' is set to 'version 3'CIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.11.4 Ensure 'SNMP traps' is enabled - coldstartCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

1.11.4 Ensure 'SNMP traps' is enabled - linkdownCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

3.1 Ensure DNS services are configured correctly - domain-lookupCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

3.2 Ensure intrusion prevention is enabled for untrusted interfacesCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

3.3 Ensure packet fragments are restricted for untrusted interfacesCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

3.4 Ensure non-default application inspection is configured correctlyCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

3.6 Ensure 'threat-detection statistics' is set to 'tcp-intercept'CIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

3.9 Ensure Botnet protection is enabled for untrusted interfacesCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.10 Ensure ActiveX filtering is enabledCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT