| 1.2.1 Ensure 'Permitted IP Addresses' is set to those necessary for device management | CIS Palo Alto Firewall 10 v1.0.0 L1 | Palo_Alto | |
| 1.2.1 Ensure 'Permitted IP Addresses' is set to those necessary for device management | CIS Palo Alto Firewall 9 v1.0.1 L1 | Palo_Alto | |
| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - HTTPS | CIS Palo Alto Firewall 10 v1.0.0 L1 | Palo_Alto | |
| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - HTTPS | CIS Palo Alto Firewall 9 v1.0.1 L1 | Palo_Alto | |
| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SNMP | CIS Palo Alto Firewall 9 v1.0.1 L1 | Palo_Alto | |
| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SNMP | CIS Palo Alto Firewall 10 v1.0.0 L1 | Palo_Alto | |
| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SSH | CIS Palo Alto Firewall 10 v1.0.0 L1 | Palo_Alto | |
| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SSH | CIS Palo Alto Firewall 9 v1.0.1 L1 | Palo_Alto | |
| 1.2.4 Create 'access-list' for use with 'line vty' - 'ACL deny is configured' | CIS Cisco IOS 17 L1 v1.0.0 | Cisco | |
| 1.2.4 Create 'access-list' for use with 'line vty' - 'ACL deny is configured' | CIS Cisco IOS 16 L1 v1.1.2 | Cisco | |
| 1.2.4 Create 'access-list' for use with 'line vty' - 'ACL deny is configured' | CIS Cisco IOS 15 L1 v4.1.0 | Cisco | |
| 1.2.4 Create 'access-list' for use with 'line vty' - 'ACL deny is configured' | CIS Cisco IOS 16 L1 v1.1.1 | Cisco | |
| 1.2.4 Create 'access-list' for use with 'line vty' - 'ACL permit tcp is configured' | CIS Cisco IOS 17 L1 v1.0.0 | Cisco | |
| 1.2.4 Create 'access-list' for use with 'line vty' - 'ACL permit tcp is configured' | CIS Cisco IOS 16 L1 v1.1.2 | Cisco | |
| 1.2.4 Create 'access-list' for use with 'line vty' - 'ACL permit tcp is configured' | CIS Cisco IOS 15 L1 v4.1.0 | Cisco | |
| 1.2.4 Create 'access-list' for use with 'line vty' - 'ACL permit tcp is configured' | CIS Cisco IOS 16 L1 v1.1.1 | Cisco | |
| 1.2.5 Set 'access-class' for 'line vty' | CIS Cisco IOS 16 L1 v1.1.2 | Cisco | |
| 1.2.5 Set 'access-class' for 'line vty' | CIS Cisco IOS 17 L1 v1.0.0 | Cisco | |
| 1.2.5 Set 'access-class' for 'line vty' | CIS Cisco IOS 15 L1 v4.1.0 | Cisco | |
| 1.2.5 Set 'access-class' for 'line vty' | CIS Cisco IOS 16 L1 v1.1.1 | Cisco | |
| 1.5.5 Set the ACL for each 'snmp-server community' | CIS Cisco IOS 16 L1 v1.1.2 | Cisco | |
| 1.5.5 Set the ACL for each 'snmp-server community' | CIS Cisco IOS 17 L1 v1.0.0 | Cisco | |
| 1.5.5 Set the ACL for each 'snmp-server community' | CIS Cisco IOS 15 L1 v4.1.0 | Cisco | |
| 1.5.5 Set the ACL for each 'snmp-server community' | CIS Cisco IOS 16 L1 v1.1.1 | Cisco | |
| 1.5.5 Set the ACL for each 'snmp-server community' | CIS Cisco IOS 16 L1 v1.1.0 | Cisco | |
| 1.5.6 Create an 'access-list' for use with SNMP - 'SNMP deny secured by ACL' | CIS Cisco IOS 17 L1 v1.0.0 | Cisco | |
| 1.5.6 Create an 'access-list' for use with SNMP - 'SNMP deny secured by ACL' | CIS Cisco IOS 16 L1 v1.1.2 | Cisco | |
| 1.5.6 Create an 'access-list' for use with SNMP - 'SNMP deny secured by ACL' | CIS Cisco IOS 15 L1 v4.1.0 | Cisco | |
| 1.5.6 Create an 'access-list' for use with SNMP - 'SNMP deny secured by ACL' | CIS Cisco IOS 16 L1 v1.1.1 | Cisco | |
| 1.5.6 Create an 'access-list' for use with SNMP - 'SNMP permit secured by ACL' | CIS Cisco IOS 16 L1 v1.1.2 | Cisco | |
| 1.5.6 Create an 'access-list' for use with SNMP - 'SNMP permit secured by ACL' | CIS Cisco IOS 17 L1 v1.0.0 | Cisco | |
| 1.5.6 Create an 'access-list' for use with SNMP - 'SNMP permit secured by ACL' | CIS Cisco IOS 15 L1 v4.1.0 | Cisco | |
| 1.5.6 Create an 'access-list' for use with SNMP - 'SNMP permit secured by ACL' | CIS Cisco IOS 16 L1 v1.1.1 | Cisco | |
| 1.5.7 Set 'snmp-server host' when using SNMP | CIS Cisco IOS 16 L1 v1.1.2 | Cisco | |
| 1.5.7 Set 'snmp-server host' when using SNMP | CIS Cisco IOS 17 L1 v1.0.0 | Cisco | |
| 1.5.7 Set 'snmp-server host' when using SNMP | CIS Cisco IOS 16 L1 v1.1.0 | Cisco | |
| 1.5.7 Set 'snmp-server host' when using SNMP | CIS Cisco IOS 15 L1 v4.1.0 | Cisco | |
| 1.5.7 Set 'snmp-server host' when using SNMP | CIS Cisco IOS 16 L1 v1.1.1 | Cisco | |
| 1.5.8 Set 'snmp-server enable traps snmp' | CIS Cisco IOS 17 L1 v1.0.0 | Cisco | |
| 1.5.8 Set 'snmp-server enable traps snmp' | CIS Cisco IOS 16 L1 v1.1.2 | Cisco | |
| 1.5.8 Set 'snmp-server enable traps snmp' | CIS Cisco IOS 16 L1 v1.1.0 | Cisco | |
| 1.5.8 Set 'snmp-server enable traps snmp' | CIS Cisco IOS 15 L1 v4.1.0 | Cisco | |
| 1.5.8 Set 'snmp-server enable traps snmp' | CIS Cisco IOS 16 L1 v1.1.1 | Cisco | |
| 2.4.2 Ensure all the login accounts having specific trusted hosts enabled | CIS Fortigate Level 1 v1.0.0 | FortiGate | |
| 3.1 Enable the Firewall Stealth Rule | CIS Check Point Firewall L2 v1.1.0 | CheckPoint | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.1 Ensure Caller ID is set | CIS Juniper OS Benchmark v2.0.0 L1 | Juniper | CONFIGURATION MANAGEMENT |
| 3.1.1 Ensure Caller ID is set | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.2 Ensure access profile is set to use CHAP | CIS Juniper OS Benchmark v2.0.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 5.1 Ensure Common SNMP Community Strings are NOT used | CIS Juniper OS Benchmark v2.0.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 6.10.2.7 Ensure Web-Management Interface Restriction is set to OOB Management | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
