AIX7-00-002105 - AIX must config the SSH idle timeout interval. | DISA STIG AIX 7.x v2r9 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-U1-000460 - The Apache web server must invalidate session identifiers upon hosted application user logout or other session termination. | DISA STIG Apache Server 2.4 Unix Server v2r6 Middleware | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-U1-000460 - The Apache web server must invalidate session identifiers upon hosted application user logout or other session termination. | DISA STIG Apache Server 2.4 Unix Server v2r6 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-U1-000650 - The Apache web server must set an inactive timeout for sessions - reqtimeout_module | DISA STIG Apache Server 2.4 Unix Server v2r6 Middleware | Unix | ACCESS CONTROL |
AS24-U1-000650 - The Apache web server must set an inactive timeout for sessions - reqtimeout_module | DISA STIG Apache Server 2.4 Unix Server v2r6 | Unix | ACCESS CONTROL |
AS24-U1-000650 - The Apache web server must set an inactive timeout for sessions. | DISA STIG Apache Server 2.4 Unix Server v2r6 Middleware | Unix | ACCESS CONTROL |
AS24-U1-000650 - The Apache web server must set an inactive timeout for sessions. | DISA STIG Apache Server 2.4 Unix Server v2r6 | Unix | ACCESS CONTROL |
AS24-W1-000650 - The Apache web server must set an inactive timeout for completing the TLS handshake - mod_reqtimeout | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | ACCESS CONTROL |
AS24-W2-000650 - The Apache web server must set an inactive timeout for completing the TLS handshake - mod_reqtimeout | DISA STIG Apache Server 2.4 Windows Site v2r1 | Windows | ACCESS CONTROL |
AS24-W2-000650 - The Apache web server must set an inactive timeout for completing the TLS handshake - RequestReadTimeout | DISA STIG Apache Server 2.4 Windows Site v2r1 | Windows | ACCESS CONTROL |
DB2X-00-006400 - DB2 must automatically terminate a user session after organization-defined conditions or trigger events requiring session disconnect. | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | ACCESS CONTROL |
DKER-EE-002970 - The Docker Enterprise per user limit login session control must be set per the requirements in the System Security Plan (SSP). | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1 | Unix | ACCESS CONTROL |
EP11-00-006700 - The EDB Postgres Advanced Server must automatically terminate a user session after organization-defined conditions or trigger events requiring session disconnect. | EDB PostgreSQL Advanced Server v11 DB Audit v2r2 | PostgreSQLDB | ACCESS CONTROL |
EX13-MB-000275 - The Exchange Receive connector timeout must be limited. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r2 | Windows | ACCESS CONTROL |
EX16-MB-000550 - The Exchange Receive connector timeout must be limited. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | ACCESS CONTROL |
F5BI-AP-000147 - The BIG-IP APM module access policy profile must be configured to automatically terminate user sessions for users connected to virtual servers when organization-defined conditions or trigger events occur that require a session disconnect. | DISA F5 BIG-IP Access Policy Manager STIG v2r3 | F5 | ACCESS CONTROL |
F5BI-LT-000147 - The BIG-IP Core implementation must automatically terminate a user session for a user connected to virtual servers when organization-defined conditions or trigger events occur that require a session disconnect. | DISA F5 BIG-IP Local Traffic Manager STIG v2r3 | F5 | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
IIST-SI-000235 - The Idle Time-out monitor for each IIS 10.0 website must be enabled. | DISA IIS 10.0 Site v2r9 | Windows | ACCESS CONTROL |
IIST-SI-000236 - The IIS 10.0 websites connectionTimeout setting must be explicitly configured to disconnect an idle session. | DISA IIS 10.0 Site v2r9 | Windows | ACCESS CONTROL |
IISW-SI-000235 - The Idle Time-out monitor for each IIS 8.5 website must be enabled. | DISA IIS 8.5 Site v2r9 | Windows | ACCESS CONTROL |
IISW-SI-000236 - The IIS 8.5 websites connectionTimeout setting must be explicitly configured to disconnect an idle session. | DISA IIS 8.5 Site v2r9 | Windows | ACCESS CONTROL |
JUSX-DM-000096 - The Juniper SRX Services Gateway must be configured to use an authentication server to centrally apply authentication and logon settings for remote and nonlocal access for device management. | DISA Juniper SRX Services Gateway NDM v2r1 | Juniper | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
JUSX-VN-000002 - The Juniper SRX Services Gateway VPN must renegotiate the IPsec security association after 8 hours or less. | DISA Juniper SRX Services Gateway VPN v2r2 | Juniper | ACCESS CONTROL |
JUSX-VN-000003 - The Juniper SRX Services Gateway VPN must renegotiate the IKE security association after 24 hours or less. | DISA Juniper SRX Services Gateway VPN v2r2 | Juniper | ACCESS CONTROL |
O112-C2-016500 - The DBMS must terminate the network connection associated with a communications session at the end of the session or after 15 minutes of inactivity. | DISA STIG Oracle 11.2g v2r3 Database | OracleDB | ACCESS CONTROL |
O121-C2-016500 - The DBMS must terminate the network connection associated with a communications session at the end of the session or 15 minutes of inactivity. | DISA STIG Oracle 12c v2r8 Database | OracleDB | ACCESS CONTROL |
OL07-00-040320 - The Oracle Linux operating system must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
OL08-00-010200 - OL 8 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive. | DISA Oracle Linux 8 STIG v1r8 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
OL08-00-010201 - OL 8 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive. | DISA Oracle Linux 8 STIG v1r8 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
PGS9-00-011600 - PostgreSQL must automatically terminate a user session after organization-defined conditions or trigger events requiring session disconnect. | DISA STIG PostgreSQL 9.x on RHEL DB v2r3 | PostgreSQLDB | ACCESS CONTROL |
PHTN-30-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less. | DISA STIG VMware vSphere 7.0 Photon OS v1r2 | Unix | ACCESS CONTROL, MAINTENANCE |
PHTN-67-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less - duration | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL, MAINTENANCE |
PHTN-67-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less - export | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL, MAINTENANCE |
PHTN-67-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less - mesg | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL, MAINTENANCE |
PHTN-67-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less - readonly | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL, MAINTENANCE |
PPS9-00-006700 - The EDB Postgres Advanced Server must automatically terminate a user session after organization-defined conditions or trigger events requiring session disconnect. | EDB PostgreSQL Advanced Server DB Audit v2r2 | PostgreSQLDB | ACCESS CONTROL |
RHEL-06-000071 - The system must be configured so that all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-07-040160 - The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements. | DISA Red Hat Enterprise Linux 7 STIG v3r14 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-07-040320 - The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive. | DISA Red Hat Enterprise Linux 7 STIG v3r14 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-07-040340 - The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive. | DISA Red Hat Enterprise Linux 7 STIG v3r14 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
SLES-15-010280 - The SUSE operating system SSH daemon must be configured with a timeout interval. | DISA SLES 15 STIG v1r12 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
SLES-15-010320 - The SUSE operating system for all network connections associated with SSH traffic must immediately terminate at the end of the session or after 10 minutes of inactivity. | DISA SLES 15 STIG v1r12 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
SPLK-CL-000190 - Splunk Enterprise idle session timeout must be set to not exceed 15 minutes. | DISA STIG Splunk Enterprise 7.x for Windows v2r4 REST API | Splunk | ACCESS CONTROL |
SQL4-00-031700 - SQL Server must automatically terminate a user session after organization-defined conditions or trigger events requiring session disconnect. | DISA STIG SQL Server 2014 Instance DB Audit v2r3 | MS_SQLDB | ACCESS CONTROL |
TCAT-AS-000970 - Idle timeout for management application must be set to 10 minutes. | DISA STIG Apache Tomcat Application Server 9 v2r6 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
TCAT-AS-000970 - Idle timeout for management application must be set to 10 minutes. | DISA STIG Apache Tomcat Application Server 9 v2r6 Middleware | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
UBTU-18-010416 - The Ubuntu operating system must automatically terminate all network connections associated with SSH traffic at the end of the session or after 10 minutes of inactivity. | DISA STIG Ubuntu 18.04 LTS v2r13 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
VCSA-70-000089 - The vCenter Server must terminate vSphere Client sessions after 10 minutes of inactivity. | DISA STIG VMware vSphere 7.0 vCenter v1r2 | VMware | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
WN12-SO-000031 - The amount of idle time required before suspending a session must be properly set. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
WN12-SO-000031 - The amount of idle time required before suspending a session must be properly set. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |