Detections
Analytics

CSCv7|12.3

Title

Deny Communications with Known Malicious IP Addresses

Description

Deny communications with known malicious or unused Internet IP addresses and limit access only to trusted and necessary IP address ranges at each of the organization's network boundaries,.

Reference Item Details

Category: Boundary Defense

Audit Items

View all Reference Audit Items

NamePluginAudit Name
2.7 Ensure internal sources are blocked on external networksJuniperCIS Juniper OS Benchmark v2.1.0 L2
3.2 Configure a Default Drop/Cleanup RuleCheckPointCIS Check Point Firewall L2 v1.1.0
3.3 Ensure access to Configuration utility is restricted to needed IP addresses onlyF5CIS F5 Networks v1.0.0 L1
3.3 Ensure firewall policy denying all traffic to/from Tor, malicious server, or scanner IP addresses using ISDBFortiGateCIS Fortigate 7.0.x v1.3.0 L1
4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervalsPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
7.3 Ensure 'Security Policy' denying any/all traffic to/from IP addresses on Trusted Threat Intelligence Sources ExistsPalo_AltoCIS Palo Alto Firewall 10 v1.2.0 L1
7.3 Ensure 'Security Policy' denying any/all traffic to/from IP addresses on Trusted Threat Intelligence Sources ExistsPalo_AltoCIS Palo Alto Firewall 11 v1.1.0 L1
7.3 Ensure 'Security Policy' denying any/all traffic to/from IP addresses on Trusted Threat Intelligence Sources ExistsPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1