| 1.2.2 Ensure 'Host Name' is set | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.2.4 Ensure 'Unused Interfaces' is disable | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.4.1.1 Ensure 'aaa local authentication max failed attempts' is set to less than or equal to '3' | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.6.3 Ensure 'RSA key pair' is greater than or equal to 2048 bits | CIS Cisco ASA 9.x Firewall L2 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.6.4 Ensure 'SCP protocol' is set to Enable for files transfers | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.6.5 Ensure 'Telnet' is disabled | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.6.5 Ensure 'Telnet' is disabled | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.7.1 Ensure 'HTTP source restriction' is set to an authorized IP address | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.7.1 Ensure 'HTTP source restriction' is set to an authorized IP address | CIS Cisco ASA 9.x Firewall L2 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.8.1 Ensure 'console session timeout' is less than or equal to '5' minutes | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.8.2 Ensure 'SSH session timeout' is less than or equal to '5' minutes | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.9.1.3 Ensure 'trusted NTP server' exists | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.10.2 Ensure 'logging to Serial console' is disabled | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.10.2 Ensure 'logging to Serial console' is disabled | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.10.3 Ensure 'logging to monitor' is disabled | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.10.4 Ensure 'syslog hosts' is configured correctly | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.10.4 Ensure 'syslog hosts' is configured correctly | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.10.11 Ensure email logging is configured for critical to emergency | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.11.1 Ensure 'snmp-server group' is set to 'v3 priv' | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.11.3 Ensure 'snmp-server host' is set to 'version 3' | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.11.4 Ensure 'SNMP traps' is enabled | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.11.4 Ensure 'SNMP traps' is enabled - authentication | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 2.1.1 Ensure 'RIP authentication' is enabled | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 2.1.2 Ensure 'OSPF authentication' is enabled | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 2.1.2 Ensure 'OSPF authentication' is enabled | CIS Cisco ASA 9.x Firewall L2 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 2.1.3 Ensure 'EIGRP authentication' is enabled | CIS Cisco ASA 9.x Firewall L2 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 2.1.4 Ensure 'BGP authentication' is enabled | CIS Cisco ASA 9.x Firewall L2 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 2.3 Ensure 'DNS Guard' is enabled | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 2.4 Ensure DHCP services are disabled for untrusted interfaces - dhcprelay | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 2.4 Ensure DHCP services are disabled for untrusted interfaces - dhcprelay | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 2.5 Ensure ICMP is restricted for untrusted interfaces | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.1 Ensure DNS services are configured correctly - domain-lookup | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.1.1.1 Configure EIGRP Authentication on all EIGRP Routing Devices | CIS Cisco NX-OS L2 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.1.2.2 If Possible, Limit the BGP Routes Accepted from Peers | CIS Cisco NX-OS L2 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.2.2 Disable ICMP Redirects on all Layer 3 Interfaces | CIS Cisco NX-OS L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.3 Ensure packet fragments are restricted for untrusted interfaces | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.3 Ensure packet fragments are restricted for untrusted interfaces | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.3 Use Checkpoint Sections and Titles | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | CONFIGURATION MANAGEMENT |
| 3.5 Ensure DOS protection is enabled for untrusted interfaces | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.5 Ensure no Allow Rule with Any in Destination filed present in the Firewall Rules | CIS Check Point Firewall L2 v1.1.0 | CheckPoint | CONFIGURATION MANAGEMENT |
| 3.6 Ensure 'threat-detection statistics' is set to 'tcp-intercept' | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.6 Ensure 'threat-detection statistics' is set to 'tcp-intercept' | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.7 Ensure 'ip verify' is set to 'reverse-path' for untrusted interfaces | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.8 Ensure 'security-level' is set to '0' for Internet-facing interface | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.9 Ensure Botnet protection is enabled for untrusted interfaces | CIS Cisco ASA 9.x Firewall L2 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.10 Ensure ActiveX filtering is enabled | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.10 Ensure ActiveX filtering is enabled | CIS Cisco ASA 9.x Firewall L2 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.11 Ensure Java applet filtering is enabled | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.12 Ensure explicit deny in access lists is configured correctly | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.12 Ensure explicit deny in access lists is configured correctly | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
