800-53|MA-4e.

Title

NONLOCAL MAINTENANCE

Description

Terminates session and network connections when nonlocal maintenance is completed.

Reference Item Details

Category: MAINTENANCE

Family: MAINTENANCE

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AIX7-00-003003 - AIX must set inactivity time-out on login sessions and terminate all login sessions after 10 minutes of inactivity.UnixDISA STIG AIX 7.x v2r9
ARST-ND-000490 - The Arista network device must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.AristaDISA STIG Arista MLS EOS 4.2x NDM v1r1
Big Sur - Terminate all sessions and network connections when maintenance is completedUnixNIST macOS Big Sur v1.4.0 - All Profiles
Catalina - Terminate all sessions and network connections when maintenance is completedUnixNIST macOS Catalina v1.5.0 - All Profiles
F5BI-DM-000137 - The BIG-IP appliance must be configured to terminate all management sessions after 10 minutes of inactivity.F5DISA F5 BIG-IP Device Management 11.x STIG v2r2
FGFW-ND-000270 - The FortiGate device must terminate idle sessions after 10 minutes of inactivity.FortiGateDISA Fortigate Firewall NDM STIG v1r4
JUEX-NM-000350 - The Juniper EX switch must be configured to terminate all sessions and network connections when nonlocal device maintenance is completed.JuniperDISA Juniper EX Series Network Device Management v1r4
JUSX-DM-000153 - The Juniper SRX Services Gateway must immediately terminate SSH network connections when the user logs off, the session abnormally terminates, or an upstream link from the managed device goes down.JuniperDISA Juniper SRX Services Gateway NDM v2r1
JUSX-DM-000154 - The Juniper SRX Services Gateway must terminate the console session when the serial cable connected to the console port is unplugged.JuniperDISA Juniper SRX Services Gateway NDM v2r1
Monterey - Terminate all sessions and network connections when maintenance is completedUnixNIST macOS Monterey v1.0.0 - All Profiles
OL6-00-000231 - The SSH daemon must set a timeout count on idle sessions.UnixDISA STIG Oracle Linux 6 v2r7
OL08-00-010200 - OL 8 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.UnixDISA Oracle Linux 8 STIG v1r8
OL08-00-010201 - OL 8 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.UnixDISA Oracle Linux 8 STIG v1r8
PHTN-30-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less.UnixDISA STIG VMware vSphere 7.0 Photon OS v1r2
PHTN-67-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less - durationUnixDISA STIG VMware vSphere 6.7 Photon OS v1r6
PHTN-67-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less - exportUnixDISA STIG VMware vSphere 6.7 Photon OS v1r6
PHTN-67-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less - mesgUnixDISA STIG VMware vSphere 6.7 Photon OS v1r6
PHTN-67-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less - readonlyUnixDISA STIG VMware vSphere 6.7 Photon OS v1r6
RHEL-06-000231 - The SSH daemon must set a timeout count on idle sessions.UnixDISA Red Hat Enterprise Linux 6 STIG v2r2
RHEL-09-255100 - RHEL 9 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.UnixDISA Red Hat Enterprise Linux 9 STIG v1r1
SLES-12-030190 - The SUSE operating system SSH daemon must be configured with a timeout interval.UnixDISA SLES 12 STIG v2r12
SLES-12-030191 - The SUSE operating system for all network connections associated with SSH traffic must immediately terminate at the end of the session or after 10 minutes of inactivity.UnixDISA SLES 12 STIG v2r12
SLES-15-010280 - The SUSE operating system SSH daemon must be configured with a timeout interval.UnixDISA SLES 15 STIG v1r11
SLES-15-010320 - The SUSE operating system for all network connections associated with SSH traffic must immediately terminate at the end of the session or after 10 minutes of inactivity.UnixDISA SLES 15 STIG v1r11
SOL-11.1-050460 - The operating system must terminate all sessions and network connections when non-local maintenance is completedUnixDISA STIG Solaris 11 SPARC v2r8
SOL-11.1-050460 - The operating system must terminate all sessions and network connections when non-local maintenance is completedUnixDISA STIG Solaris 11 X86 v2r8
SOL-11.1-050460 - The operating system must terminate all sessions and network connections when non-local maintenance is completed - 'ClientAliveCountMax'UnixDISA STIG Solaris 11 X86 v2r6
SOL-11.1-050460 - The operating system must terminate all sessions and network connections when non-local maintenance is completed - 'ClientAliveCountMax'UnixDISA STIG Solaris 11 SPARC v2r6
SOL-11.1-050460 - The operating system must terminate all sessions and network connections when non-local maintenance is completed - 'ClientAliveInterval'UnixDISA STIG Solaris 11 X86 v2r6
SOL-11.1-050460 - The operating system must terminate all sessions and network connections when non-local maintenance is completed - 'ClientAliveInterval'UnixDISA STIG Solaris 11 SPARC v2r6
SRG-OS-000126-ESXI5 - The system must set a timeout for the ESXi Shell to automatically disable itself after a predetermined period.VMwareDISA STIG VMWare ESXi Server 5 STIG v2r1
UBTU-16-030270 - The Ubuntu operating system must be configured so that all network connections associated with SSH traffic are terminated at the end of the session or after 10 minutes of inactivity, except to fulfill documented and validated mission requirements - ClientAliveIntervalUnixDISA STIG Ubuntu 16.04 LTS v2r3
UBTU-16-030271 - The Ubuntu operating system must be configured so that all network connections associated with SSH traffic terminate after a period of inactivity.UnixDISA STIG Ubuntu 16.04 LTS v2r3
UBTU-18-010415 - The Ubuntu operating system must immediately terminate all network connections associated with SSH traffic after a period of inactivity.UnixDISA STIG Ubuntu 18.04 LTS v2r12
UBTU-20-010036 - The Ubuntu operating system must immediately terminate all network connections associated with SSH traffic after a period of inactivity.UnixDISA STIG Ubuntu 20.04 LTS v1r10
UBTU-20-010036 - The Ubuntu operating system must immediately terminate all network connections associated with SSH traffic after a period of inactivity.UnixDISA STIG Ubuntu 20.04 LTS v1r7