| AIOS-12-011200 - Apple iOS must implement the management setting: Disable Allow MailDrop. | MobileIron - DISA Apple iOS 12 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-12-011200 - Apple iOS must implement the management setting: Disable Allow MailDrop. | AirWatch - DISA Apple iOS 12 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-13-011200 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop. | MobileIron - DISA Apple iOS/iPadOS 13 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-13-011200 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop. | AirWatch - DISA Apple iOS/iPadOS 13 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-14-009400 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-14-009400 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIX7-00-001137 - AIX must be able to control the ability of remote login for users. | DISA STIG AIX 7.x v2r9 | Unix | ACCESS CONTROL |
| ESXI-06-200035 - The VMM must provide the capability to immediately disconnect or disable remote access to the information system by disabling SSH. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | ACCESS CONTROL |
| ESXI-67-000035 - The ESXi host must be configured to disable nonessential capabilities by disabling SSH. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| ESXI-70-000035 - The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH). | DISA STIG VMware vSphere 7.0 ESXi v1r2 | VMware | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| F5BI-AP-000153 - The BIG-IP APM module access policy profile must control remote access methods to virtual servers. | DISA F5 BIG-IP Access Policy Manager STIG v2r3 | F5 | ACCESS CONTROL |
| F5BI-LT-000153 - The BIG-IP Core implementation providing intermediary services for remote access communications traffic must control remote access methods to virtual servers. | DISA F5 BIG-IP Local Traffic Manager STIG v2r3 | F5 | ACCESS CONTROL |
| GEN008520 - The system must employ a local firewall. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN008540 - The systems local firewall must implement a deny-all, allow-by-exception policy. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| IIST-SV-000142 - The IIS 10.0 web server must restrict inbound connections from non-secure zones. | DISA IIS 10.0 Server v2r10 | Windows | ACCESS CONTROL |
| OL07-00-040100 - The Oracle Linux operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the Ports, Protocols, and Services Management Component Local Service Assessment (PPSM CLSA) and vulnerability assessments - PPSM CLSA and vulnerability assessments. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| RHEL-07-040100 - The Red Hat Enterprise Linux operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the Ports, Protocols, and Services Management Component Local Service Assessment (PPSM CLSA) and vulnerability assessments. | DISA Red Hat Enterprise Linux 7 STIG v3r14 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| RHEL-09-251010 - RHEL 9 must have the firewalld package installed. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| RHEL-09-251015 - The firewalld service on RHEL 9 must be active. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| SLES-12-030030 - The SUSE operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments. | DISA SLES 12 STIG v2r13 | Unix | ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT |
| UBTU-16-030030 - An application firewall must be installed. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL |
| UBTU-16-030050 - An application firewall must employ a deny-all, allow-by-exception policy for allowing connections to other systems. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT |
| UBTU-18-010507 - The Ubuntu operating system must enable and run the uncomplicated firewall(ufw). | DISA STIG Ubuntu 18.04 LTS v2r13 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| VCFL-67-000006 - vSphere Client must be configured to enable SSL/TLS. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCLD-67-000003 - VAMI must use cryptography to protect the integrity of remote sessions. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCLD-70-000003 - VAMI must use cryptography to protect the integrity of remote sessions. | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-000150 - The WebSphere Application Server users in a local user registry group must be authorized for that group. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000150 - The WebSphere Application Server users in a local user registry group must be authorized for that group. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000150 - The WebSphere Application Server users in a local user registry group must be authorized for that group. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| WN10-UR-000090 - The Deny log on through Remote Desktop Services user right on Windows 10 workstations must at a minimum be configured to prevent access from highly privileged domain accounts and local accounts on domain systems and unauthenticated access on all systems. | DISA Windows 10 STIG v2r8 | Windows | ACCESS CONTROL |
| WN12-CC-000132 - Users must be prevented from mapping local COM ports and redirecting data from the Remote Desktop Session Host to local COM ports. (Remote Desktop Services Role). | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-CC-000134 - The system must be configured to ensure smart card devices can be redirected to the Remote Desktop session. (Remote Desktop Services Role). | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-CC-000134 - The system must be configured to ensure smart card devices can be redirected to the Remote Desktop session. (Remote Desktop Services Role). | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-CC-000135 - Users must be prevented from redirecting Plug and Play devices to the Remote Desktop Session Host. (Remote Desktop Services Role). | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN16-DC-000410 - The Deny log on through Remote Desktop Services user right on domain controllers must be configured to prevent unauthenticated access. | DISA Windows Server 2016 STIG v2r7 | Windows | ACCESS CONTROL |
| WN16-MS-000410 - The 'Deny log on through Remote Desktop Services' user right on member servers must be configured to prevent access from highly privileged domain accounts and all local accounts on domain systems and from unauthenticated access on all systems - Deny log on through Remote Desktop Services user right on member servers must be configured to prevent access from highly privileged domain accounts and all local accounts on domain systems and from unauthenticated access on all systems. | DISA Windows Server 2016 STIG v2r7 | Windows | ACCESS CONTROL |
| WN19-MS-000120 - Windows Server 2019 'Deny log on through Remote Desktop Services' user right on domain-joined member servers must be configured to prevent access from highly privileged domain accounts and all local accounts and from unauthenticated access on all systems - Deny log on through Remote Desktop Services user right on domain-joined member servers must be configured to prevent access from highly privileged domain accounts and all local accounts and from unauthenticated access on all systems. | DISA Windows Server 2019 STIG v2r8 | Windows | ACCESS CONTROL |
