on Dec 15, 2017 9:56 AM. Last modified by Thank you for choosing this document. You will need to supply vendor specific CLI or Regular expression statements for these checks.
You will need to create TWO Custom Properties for your Devices.
Name the first column "C1_DeviceType" and include the following drop-down selections:
L2SW - Layer 2 Switches
IL3S - Infrastructure Layer 3 Switches
IRTR - Infrastructure Routers
PL3S - Perimeter Layer 3 Switches
PRTR - Perimeter Routers
XE - IOS-XE Routers
F5 - F5 Load Balancers
FW - Firewall Devices
IPSEC - IPSEC VPN Devices
SRX - Juniper SRX Devices
IDPS - Intrusion Detection and Prevention Systems
NIPR - WLAN Access Point (Enclave-NIPRNet Connected)
IGOC - WLAN Access Point (Internet Gateway Only Connection)
CNTRL - WLAN Controller
BRDG - WLAN Bridge
Name the second custom property "C2_OS" and include the following drop-down selections:
OSXE - To support IOS and IOS-XE devices
NXOS - To support Nexus OS
ASA - To support ASA OS
IOSXE - To support IOS-XE Routers
F5 - To support F5 Big IP Load Balancers
FW - To support Firewall SRG devices
VPN - To support VPN specific STIGs
SRG - To support SRG Type Documentation
SRX - To support SRX Device Management
PANOS - To support Palo Alto Firewalls
This file was uploaded from the "Shared on Thwack" Tab via NCM Compliance tree.
Thanks and stay tuned...........
Guess What? I have developed a class to assist you in your CCRI's, SAVs, and other Auditing events. Check it out.
https://loop1.com/modular-data/storage/2d7e/loop1-advanced-ncm---disa-stig-compliance-2eae.pdf
Regular Expression Short-Cuts
Regular Expression Pattern Matching
Everything You Ever Wanted to Know About Regular Expressions in NCM But Were Afraid to Ask
Cisco STIGs
This Policy Document will evaluate every port (TenGigabit, GigabitEthernet, FastEthernet, Ethernet) on your network device.
Cisco IOS XE Release 3 NDM Security Technical Implementation Guide: Version: 1: Release: 4: 27 Apr 2018
CSCO-IOSXE-NDM - SNMP SSH and VTY
CSCO-IOSXE-NDM - Logging Part 1
CSCO-IOSXE-NDM - Account Access
CSCO-IOSXE-NDM - Logging Part 2
Cisco IOS XE Release 3 RTR Security Technical Implementation Guide: Version: 1: Release: 4: 27 Apr 2018
CSCO-IOSXE-RTR - Routing Protocol
CSCO-IOSXE-RTR - Multicast and IPv6
Firewall Security Technical Implementation Guide - Cisco Version: 8: Release: 25: 26 Jan 2018
Perimeter Router - Cisco Security Technical Implementation Guide Version: 8: Release: 29: 27 April 2018
CSCO-OSXE-PRTR - Account Access
CSCO-OSXE-PRTR - VTY and Console
CSCO-OSXE-PRTR - Routing Protocol
CSCO-OSXE-PRTR - Logging and NTP
CSCO-OSXE-PRTR - IPv6 and Multicast
CSCO-OSXE-PRTR - External Interface
Perimeter L3 Switch - Cisco Security Technical Implementation Guide Version: 8: Release: 29: 27 Apr 2018
CSCO-OSXE-PL3S - VTY and Console
CSCO-OSXE-PL3S - Switch Interface
CSCO-OSXE-PL3S - Router Interface
CSCO-OSXE-PL3S - Logging and NTP
CSCO-OSXE-PL3S - IPv6 and Multicast
CSCO-OSXE-PL3S - Bidirectional ACL
CSCO-OSXE-PL3S - Account Access
Layer 2 Switch Security Technical Implementation Guide - Cisco Version: 8: Release: 24: 27 Apr 2018
CSCO-OSXE-L2SW - Switch Interface
CSCO-OSXE-L2SW - Logging and NTP
CSCO-OSXE-L2SW - Account Access
CSCO-OSXE-L2SW - VTY and Console
Infrastructure Router Secure Technical Implementation Guide - Cisco Version: 8: Release: 26: 27 Apr 2018
CSCO-OSXE-IRTR - VTY and Console
CSCO-OSXE-IRTR - Routing Protocol
CSCO-OSXE-IRTR - Logging and NTP
CSCO-OSXE-IRTR - IPv6 and Multicast
CSCO-OSXE-IRTR - Account Access
Infrastructure L3 Switch Secure Technical Implementation Guide - Cisco Version: 8: Release: 26: 27 Apr 2018
CSCO-OSXE-IL3S - VTY and Console
CSCO-OSXE-IL3S - Switch Interface
CSCO-OSXE-IL3S - Routing Protocol
CSCO-OSXE-IL3S - Account Access
CSCO-OSXE-IL3S - Logging and NTP
CSCO-OSXE-IL3S - IPv6 and Multicast
F5 STIGs
F5 BIG-IP Access Policy Manager (APM) 11.x STIG- Ver 1, Rel 1
F5 BIG-IP Advanced Firewall Manager (AFM) 11.x STIG - Ver 1, Rel 1
F5 BIG-IP Application Security Manager (ASM) 11.x STIG - Ver 1, Rel 1
F5 Big-IP Device Management 11.x STIG - Ver 1, Rel 5
F5 BIG-IP Local Traffic Manager (LTM) 11.x STIG - Ver 1, Rel 2
SRG - Security Requirements Guides
Firewall Security Requirements Guide - DRAFT- Version: 1 - Rel: 0.1 01 Jan 7999
Network Device Management Security Requirements Guide Version: 2: Release: 13: 26 Jan 2018
Draft Router SRG Ver 3
Layer 2 Switch Security Requirements Guide Version: 1: Release: 1: 27 Jun 2016
SRG-Layer 2 Switch - Section 1
SRG-Layer 2 Switch - Section 2
SRG-Layer 2 Switch - Section 3
Juniper STIGs
Juniper SRX SG VPN Security Technical Implementation Guide Version: 1: Release: 2: 27 Oct 2017
Juniper-SRX-SG-VPN - Section 1
Juniper-SRX-SG-VPN - Section 2
Juniper-SRX-SG-VPN - Section 3
Juniper SRX SG NDM Security Technical Implementation Guide Version: 1: Release: 2: 27 Jan 2017
Juniper-SRX-SG-NDM - User Access
Juniper-SRX-SG-NDM - Logging 2
Juniper-SRX-SG-NDM - Logging 1
Juniper SRX SG IDPS Security Technical Implementation Guide Version: 1: Release: 2: 28 Jul 2017
Juniper-SRX-SG-IDPS - Section 1
Juniper-SRX-SG-IDPS - Section 2
Juniper-SRX-SG-IDPS - Section 3
Juniper SRX Services Gateway (SG) Application Layer Gateway (ALG) STIG, Version 1
Perimeter Router Security Technical Implementation Guide Juniper Version: 8: Release: 28 26 Jan 2018
JNPR-JNOS-PRTR - VTY and Console
JNPR-JNOS-PRTR - Routing Protocol
JNPR-JNOS-PRTR - Router Interface
JNPR-JNOS-PRTR - IPv6 and Multicast
JNPR-JNOS-PRTR - Access Account
JNPR-JNOS-PRTR - Logging and NTP
Infrastructure Router Security Technical Implementation Guide Juniper Version: 8: Release: 25: 26 Jan 2018
JNPR-JNOS-IRTR - VTY and Console
JNPR-JNOS-IRTR - Routing Protocol
JNPR-JNOS-IRTR - Logging and NTP
JNPR-JNOS-IRTR - IPv6 and Multicast
JNPR-JNOS-IRTR - Account Access
Palo Alto Networks STIGs
Palo Alto Networks ALG Security Technical Implementation Guide Version: 1: Release: 3: 28 Jul 2017
Palo Alto Networks IDPS Security Technical Implementation Guide Version: 1: Release: 1: 30 Nov 2015
Palo Alto Networks NDM Security Technical Implementation Guide Version: 1: Release: 3: 28 Jul 2017
A10
A10 Networks ADC NDM Security Technical Implementation Guide: Version: 1: Release: 1: 15 Apr 2016
A10 Networks ADC ALG Security Technical Implementation Guide: Version: 1: Release: 1: 15 Apr 2016
Others
IPSec VPN Gateway Security Technical Implementation Guide Version: 1: Release: 14: 26 Jan 2018
WLAN
WLAN Access Point (Enclave-NIPRNet Connected) Security Technical Implementation Guide (STIG) Version: 6 Release: 14 27 Apr 2018
WLAN Access Point (Internet Gateway Only Connection) Security Technical Implementation Guide (STIG) Version: 6 Release: 14 27 Apr 2018
WLAN Controller Security Technical Implementation Guide (STIG) Version: 6 Release: 14 27 Apr 2018
WLAN Bridge Security Technical Implementation Guide (STIG) Version: 6 Release: 14 27 Apr 2018
Comments