| AOSX-14-000050 - The macOS system must limit the number of concurrent SSH sessions to 10 for all accounts and/or account types. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | ACCESS CONTROL |
| ARST-ND-000010 - The Arista network device must limit the number of concurrent sessions to an organization-defined number for each administrator account and/or administrator account type. | DISA STIG Arista MLS EOS 4.2x NDM v1r1 | Arista | ACCESS CONTROL |
| BIND-9X-001050 - The BIND 9.x secondary name server must limit the number of zones requested from a single master name server. | DISA BIND 9.x STIG v2r2 | Unix | ACCESS CONTROL |
| CASA-ND-000010 - The Cisco ASA must be configured to limit the number of concurrent management sessions to an organization-defined number. | DISA STIG Cisco ASA NDM v1r6 | Cisco | ACCESS CONTROL |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - Always accept important ICMP | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - Packet filter logging | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - Unhandled Packet Action | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring the BIG-IP system to enforce the use of strict passwords | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| DKER-EE-001000 - The Docker Enterprise Per User Limit Login Session Control in the Universal Control Plane (UCP) Admin Settings must be set to an organization-defined value for all accounts and/or account types. | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1 | Unix | ACCESS CONTROL |
| ESXI-06-000001 - The VMM must limit the number of concurrent sessions to ten for all accounts and/or account types by enabling lockdown mode. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | ACCESS CONTROL |
| ESXI-70-000001 - Access to the ESXi host must be limited by enabling lockdown mode. | DISA STIG VMware vSphere 7.0 ESXi v1r2 | VMware | ACCESS CONTROL |
| FGFW-ND-000300 - The FortiGate device must limit the number of logon and user sessions | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| GEN000450 - System must limit users to 10 simultaneous system logins or a site-defined number in accordance with operational requirements | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN000450 - The system must limit users to 10 simultaneous system logins in accordance with operational requirements. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN000450 - The system must limit users to 10 simultaneous system logins, or a site-defined number, in accordance with operational requirements. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN005533 - The SSH daemon must limit connections to a single session. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| IISW-SV-000200 - The IIS 8.5 MaxConnections setting must be configured to limit the number of allowed simultaneous session requests. | DISA IIS 8.5 Server v2r7 | Windows | ACCESS CONTROL |
| JUEX-NM-000010 - The Juniper EX switch must be configured to limit the number of concurrent management sessions to 10 or less. | DISA Juniper EX Series Network Device Management v1r5 | Juniper | ACCESS CONTROL |
| JUSX-VN-000001 - The Juniper SRX Services Gateway VPN must limit the number of concurrent sessions for user accounts to one (1) and administrative accounts to three (3), or set to an organization-defined number. | DISA Juniper SRX Services Gateway VPN v2r2 | Juniper | ACCESS CONTROL |
| MADB-10-000100 - MariaDB must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types. | DISA MariaDB Enterprise 10.x v1r3 DB | MySQLDB | ACCESS CONTROL |
| MD4X-00-001550 - MongoDB must limit the total number of concurrent connections to the database. | DISA STIG MongoDB Enterprise Advanced 4.x v1r3 OS | Unix | ACCESS CONTROL |
| MYS8-00-000200 - MySQL Database Server 8.0 must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types. | DISA Oracle MySQL 8.0 v1r5 DB | MySQLDB | ACCESS CONTROL |
| O112-C2-019100 - The DBMS must protect against or limit the effects of the organization-defined types of Denial of Service (DoS) attacks. | DISA STIG Oracle 11.2g v2r3 Linux | Unix | ACCESS CONTROL |
| OH12-1X-000001 - OHS must have the mpm property set to use the worker Multi-Processing Module (MPM) as the preferred means to limit the number of allowed simultaneous requests. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | ACCESS CONTROL |
| OH12-1X-000002 - OHS must have the mpm_prefork_module directive disabled so as not conflict with the worker directive used to limit the number of allowed simultaneous requests. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | ACCESS CONTROL |
| OL6-00-000319 - The system must limit users to 10 simultaneous system logins, or a site-defined number, in accordance with operational requirements. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| Overview of Appliance mode | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| PHTN-67-000004 - The Photon operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL |
| RHEL-06-000319 - The system must limit users to 10 simultaneous system logins, or a site-defined number, in accordance with operational requirements. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-08-020024 - RHEL 8 must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA Red Hat Enterprise Linux 8 STIG v1r14 | Unix | ACCESS CONTROL |
| SLES-15-020020 - The SUSE operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types. | DISA SLES 15 STIG v1r12 | Unix | ACCESS CONTROL |
| SQL4-00-000100 - The number of concurrent SQL Server sessions for each system account must be limited. | DISA STIG SQL Server 2014 Instance DB Audit v2r3 | MS_SQLDB | ACCESS CONTROL |
| Unable to limit Configuration utility access to clients using only TLSv1.1 or TLSv1.2 | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| VCEM-67-000004 - ESX Agent Manager must protect cookies from XSS. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCEM-70-000002 - ESX Agent Manager must limit the number of concurrent connections permitted. | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | ACCESS CONTROL |
| VCPF-67-000003 - Performance Charts must limit the maximum size of a POST request. | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | ACCESS CONTROL |
| VCPF-70-000002 - Performance Charts must limit the number of concurrent connections permitted. | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | ACCESS CONTROL |
| VCPG-67-000001 - VMware Postgres must limit the number of connections. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | ACCESS CONTROL |
| VCPG-70-000001 - VMware Postgres must limit the number of connections. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | ACCESS CONTROL |
| VCRP-67-000002 - The rhttpproxy must set a limit on established connections. | DISA STIG VMware vSphere 6.7 RhttpProxy v1r3 | Unix | ACCESS CONTROL |
| VCST-67-000003 - The Security Token Service must limit the maximum size of a POST request. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | ACCESS CONTROL |
| VCST-70-000002 - The Security Token Service must limit the number of concurrent connections permitted. | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | ACCESS CONTROL |
| VCUI-67-000001 - vSphere UI must limit the amount of time that each TCP connection is kept alive. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | ACCESS CONTROL |
| VCUI-67-000003 - vSphere UI must limit the maximum size of a POST request. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | ACCESS CONTROL |
| VCUI-67-000004 - vSphere UI must protect cookies from XSS. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCUI-70-000002 - vSphere UI must limit the number of concurrent connections permitted. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | ACCESS CONTROL |
| VCUI-70-000003 - vSphere UI must limit the maximum size of a POST request. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | ACCESS CONTROL |
| VCUI-70-000004 - vSphere UI must protect cookies from cross-site scripting (XSS). | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-000010 - The WebSphere Application Server maximum in-memory session count must be set according to application requirements. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL |
| WDNS-AC-000001 - The Windows 2012 DNS Server must restrict incoming dynamic update requests to known clients. | DISA Microsoft Windows 2012 Server DNS STIG v2r5 | Windows | ACCESS CONTROL |
