800-53|AC-4(17)

Title

DOMAIN AUTHENTICATION

Description

The information system uniquely identifies and authenticates source and destination points by [Selection (one or more): organization, system, application, individual] for information transfer.

Supplemental

Attribution is a critical component of a security concept of operations. The ability to identify source and destination points for information flowing in information systems, allows the forensic reconstruction of events when required, and encourages policy compliance by attributing policy violations to specific organizations/individuals. Successful domain authentication requires that information system labels distinguish among systems, organizations, and individuals involved in preparing, sending, receiving, or disseminating information.

Reference Item Details

Related: IA-2,IA-3,IA-4,IA-5

Category: ACCESS CONTROL

Parent Title: INFORMATION FLOW ENFORCEMENT

Family: ACCESS CONTROL

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AMLS-L3-000220 - The Arista Multilayer Switch must enable neighbor router authentication for control plane protocols except RIP - BGPAristaDISA STIG Arista MLS DCS-7000 Series RTR v1r3
AMLS-L3-000220 - The Arista Multilayer Switch must enable neighbor router authentication for control plane protocols except RIP - IS-IS auth modeAristaDISA STIG Arista MLS DCS-7000 Series RTR v1r3
AMLS-L3-000220 - The Arista Multilayer Switch must enable neighbor router authentication for control plane protocols except RIP - IS-IS md5 keyAristaDISA STIG Arista MLS DCS-7000 Series RTR v1r3
AMLS-L3-000220 - The Arista Multilayer Switch must enable neighbor router authentication for control plane protocols except RIP - OSPF MD5 KeyAristaDISA STIG Arista MLS DCS-7000 Series RTR v1r3
AMLS-L3-000220 - The Arista Multilayer Switch must enable neighbor router authentication for control plane protocols except RIP - OSPF message-digestAristaDISA STIG Arista MLS DCS-7000 Series RTR v1r3
BGP: Authenticate peersAlcatelTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit
CISC-RT-000020 - The Cisco router must be configured to implement message authentication for all control plane protocols - BGPCiscoDISA STIG Cisco IOS-XR Router RTR v2r1
CISC-RT-000020 - The Cisco router must be configured to implement message authentication for all control plane protocols - BGPCiscoDISA STIG Cisco IOS Router RTR v2r1
CISC-RT-000020 - The Cisco router must be configured to implement message authentication for all control plane protocols - BGPCiscoDISA STIG Cisco IOS XE Router RTR v2r4
CISC-RT-000020 - The Cisco router must be configured to implement message authentication for all control plane protocols - EIGRPCiscoDISA STIG Cisco IOS-XR Router RTR v2r1
CISC-RT-000020 - The Cisco router must be configured to implement message authentication for all control plane protocols - EIGRPCiscoDISA STIG Cisco IOS XE Router RTR v2r4
CISC-RT-000020 - The Cisco router must be configured to implement message authentication for all control plane protocols - EIGRPCiscoDISA STIG Cisco IOS Router RTR v2r1
CISC-RT-000020 - The Cisco router must be configured to implement message authentication for all control plane protocols - IS-ISCiscoDISA STIG Cisco IOS-XR Router RTR v2r1
CISC-RT-000020 - The Cisco router must be configured to implement message authentication for all control plane protocols - IS-ISCiscoDISA STIG Cisco IOS Router RTR v2r1
CISC-RT-000020 - The Cisco router must be configured to implement message authentication for all control plane protocols - IS-ISCiscoDISA STIG Cisco IOS XE Router RTR v2r4
CISC-RT-000020 - The Cisco router must be configured to implement message authentication for all control plane protocols - OSPFCiscoDISA STIG Cisco IOS-XR Router RTR v2r1
CISC-RT-000020 - The Cisco router must be configured to implement message authentication for all control plane protocols - OSPFCiscoDISA STIG Cisco IOS XE Router RTR v2r4
CISC-RT-000020 - The Cisco router must be configured to implement message authentication for all control plane protocols - OSPFCiscoDISA STIG Cisco IOS Router RTR v2r1
CISC-RT-000020 - The Cisco router must be configured to implement message authentication for all control plane protocols - RIPCiscoDISA STIG Cisco IOS-XR Router RTR v2r1
CISC-RT-000020 - The Cisco switch must be configured to implement message authentication for all control plane protocols - bgpCiscoDISA STIG Cisco NX-OS Switch RTR v2r1
CISC-RT-000020 - The Cisco switch must be configured to implement message authentication for all control plane protocols - bgpCiscoDISA STIG Cisco IOS XE Switch RTR v2r1
CISC-RT-000020 - The Cisco switch must be configured to implement message authentication for all control plane protocols - bgpCiscoDISA STIG Cisco IOS Switch RTR v2r1
CISC-RT-000020 - The Cisco switch must be configured to implement message authentication for all control plane protocols - eigrpCiscoDISA STIG Cisco NX-OS Switch RTR v2r1
CISC-RT-000020 - The Cisco switch must be configured to implement message authentication for all control plane protocols - eigrpCiscoDISA STIG Cisco IOS Switch RTR v2r1
CISC-RT-000020 - The Cisco switch must be configured to implement message authentication for all control plane protocols - eigrpCiscoDISA STIG Cisco IOS XE Switch RTR v2r1
CISC-RT-000020 - The Cisco switch must be configured to implement message authentication for all control plane protocols - is-isCiscoDISA STIG Cisco IOS Switch RTR v2r1
CISC-RT-000020 - The Cisco switch must be configured to implement message authentication for all control plane protocols - is-isCiscoDISA STIG Cisco IOS XE Switch RTR v2r1
CISC-RT-000020 - The Cisco switch must be configured to implement message authentication for all control plane protocols - is-isCiscoDISA STIG Cisco NX-OS Switch RTR v2r1
CISC-RT-000020 - The Cisco switch must be configured to implement message authentication for all control plane protocols - ospfCiscoDISA STIG Cisco NX-OS Switch RTR v2r1
CISC-RT-000020 - The Cisco switch must be configured to implement message authentication for all control plane protocols - ospfCiscoDISA STIG Cisco IOS Switch RTR v2r1
CISC-RT-000020 - The Cisco switch must be configured to implement message authentication for all control plane protocols - ospfCiscoDISA STIG Cisco IOS XE Switch RTR v2r1
CISC-RT-000020 - The Cisco switch must be configured to implement message authentication for all control plane protocols - ripCiscoDISA STIG Cisco NX-OS Switch RTR v2r1
CISC-RT-000030 - The Cisco router must be configured to use keys with a duration not exceeding 180 days for authenticating routing protocol messages.CiscoDISA STIG Cisco IOS XE Router RTR v2r4
CISC-RT-000030 - The Cisco router must be configured to use keys with a duration not exceeding 180 days for authenticating routing protocol messages.CiscoDISA STIG Cisco IOS-XR Router RTR v2r1
CISC-RT-000030 - The Cisco router must be configured to use keys with a duration not exceeding 180 days for authenticating routing protocol messages.CiscoDISA STIG Cisco IOS Router RTR v2r1
CISC-RT-000030 - The Cisco switch must be configured to use keys with a duration not exceeding 180 days for authenticating routing protocol messages.CiscoDISA STIG Cisco NX-OS Switch RTR v2r1
CISC-RT-000030 - The Cisco switch must be configured to use keys with a duration not exceeding 180 days for authenticating routing protocol messages.CiscoDISA STIG Cisco IOS Switch RTR v2r1
CISC-RT-000030 - The Cisco switch must be configured to use keys with a duration not exceeding 180 days for authenticating routing protocol messages.CiscoDISA STIG Cisco IOS XE Switch RTR v2r1
CISC-RT-000480 - The Cisco BGP router must be configured to use a unique key for each autonomous system (AS) that it peers with.CiscoDISA STIG Cisco IOS-XR Router RTR v2r1
CISC-RT-000480 - The Cisco BGP router must be configured to use a unique key for each autonomous system (AS) that it peers with.CiscoDISA STIG Cisco IOS XE Router RTR v2r4
CISC-RT-000480 - The Cisco BGP router must be configured to use a unique key for each autonomous system (AS) that it peers with.CiscoDISA STIG Cisco IOS Router RTR v2r1
CISC-RT-000480 - The Cisco BGP switch must be configured to use a unique key for each autonomous system (AS) that it peers with.CiscoDISA STIG Cisco IOS XE Switch RTR v2r1
CISC-RT-000480 - The Cisco BGP switch must be configured to use a unique key for each autonomous system (AS) that it peers with.CiscoDISA STIG Cisco NX-OS Switch RTR v2r1
JUNI-RT-000020 - The Juniper router must be configured to implement message authentication for all control plane protocols - BGPJuniperDISA STIG Juniper Router RTR v2r3
JUNI-RT-000020 - The Juniper router must be configured to implement message authentication for all control plane protocols - IS-IS keyJuniperDISA STIG Juniper Router RTR v2r3
JUNI-RT-000020 - The Juniper router must be configured to implement message authentication for all control plane protocols - IS-IS typeJuniperDISA STIG Juniper Router RTR v2r3
JUNI-RT-000020 - The Juniper router must be configured to implement message authentication for all control plane protocols - LDPJuniperDISA STIG Juniper Router RTR v2r3
JUNI-RT-000020 - The Juniper router must be configured to implement message authentication for all control plane protocols - OSPFJuniperDISA STIG Juniper Router RTR v2r3
JUNI-RT-000020 - The Juniper router must be configured to implement message authentication for all control plane protocols - RIP keyJuniperDISA STIG Juniper Router RTR v2r3
JUNI-RT-000020 - The Juniper router must be configured to implement message authentication for all control plane protocols - RIP typeJuniperDISA STIG Juniper Router RTR v2r3