on Dec 15, 2017 9:56 AM. Last modified by Thank you for choosing this document. You will need to supply vendor specific CLI or Regular expression statements for these checks.
You will need to create TWO Custom Properties for your Devices.
Name the first column "C1_DeviceType" and include the following drop-down selections:
L2SW - Layer 2 Switches
IL3S - Infrastructure Layer 3 Switches
IRTR - Infrastructure Routers
PL3S - Perimeter Layer 3 Switches
PRTR - Perimeter Routers
XE - IOS-XE Routers
F5 - F5 Load Balancers
FW - Firewall Devices
IPSEC - IPSEC VPN Devices
SRX - Juniper SRX Devices
IDPS - Intrusion Detection and Prevention Systems
NIPR - WLAN Access Point (Enclave-NIPRNet Connected)
IGOC - WLAN Access Point (Internet Gateway Only Connection)
CNTRL - WLAN Controller
BRDG - WLAN Bridge
Name the second custom property "C2_OS" and include the following drop-down selections:
OSXE - To support IOS and IOS-XE devices
NXOS - To support Nexus OS
ASA - To support ASA OS
IOSXE - To support IOS-XE Routers
F5 - To support F5 Big IP Load Balancers
FW - To support Firewall SRG devices
VPN - To support VPN specific STIGs
SRG - To support SRG Type Documentation
SRX - To support SRX Device Management
PANOS - To support Palo Alto Firewalls
This file was uploaded from the "Shared on Thwack" Tab via NCM Compliance tree.
Thanks and stay tuned...........
Guess What? I have developed a class to assist you in your CCRI's, SAVs, and other Auditing events. Check it out.
https://loop1.com/modular-data/storage/2d7e/loop1-advanced-ncm---disa-stig-compliance-2eae.pdf
Regular Expression Short-Cuts
Regular Expression Pattern Matching
Everything You Ever Wanted to Know About Regular Expressions in NCM But Were Afraid to Ask
Cisco STIGs
This Policy Document will evaluate every port (TenGigabit, GigabitEthernet, FastEthernet, Ethernet) on your network device.
Cisco IOS XE Release 3 NDM Security Technical Implementation Guide: Version: 1: Release: 4: 27 Apr 2018
CSCO-IOSXE-NDM - SNMP SSH and VTY
CSCO-IOSXE-NDM - Logging Part 1
CSCO-IOSXE-NDM - Account Access
CSCO-IOSXE-NDM - Logging Part 2
Cisco IOS XE Release 3 RTR Security Technical Implementation Guide: Version: 1: Release: 4: 27 Apr 2018
CSCO-IOSXE-RTR - Routing Protocol
CSCO-IOSXE-RTR - Multicast and IPv6
Firewall Security Technical Implementation Guide - Cisco Version: 8: Release: 25: 26 Jan 2018
Perimeter L3 Switch STIG: V8R31: 26 Oct 2018 running Cisco IOS and XE-OS
Perimeter Router STIG: V8R31: 26 Oct 2018 running Cisco IOS and XE-OS
Layer 2 Switch STIG - Cisco: V8R26: 26 Oct 2018 running Cisco IOS and XE-OS
Infrastructure L3 Switch STIG - Cisco: V8R28: 26 Oct 2018 running Cisco IOS and XE-OS
Infrastructure Router STIG Cisco: V8R28: 26 Oct 2018 running Cisco IOS and XE-OS
F5 STIGs
F5 BIG-IP Access Policy Manager (APM) 11.x STIG- Ver 1, Rel 1
F5 BIG-IP Advanced Firewall Manager (AFM) 11.x STIG - Ver 1, Rel 1
F5 BIG-IP Application Security Manager (ASM) 11.x STIG - Ver 1, Rel 1
F5 Big-IP Device Management 11.x STIG - Ver 1, Rel 5
F5 BIG-IP Local Traffic Manager (LTM) 11.x STIG - Ver 1, Rel 2
SRG - Security Requirements Guides
Draft Router SRG Ver 3
Firewall Security Requirements Guide: Version: 1: Release: 1: 16 Mar 2018
Layer 2 Switch Security Requirements Guide: Version: 1: Release: 2: 27 Jul 2018
SRG-Layer 2 Switch - Switch Interfaces
Network Device Management Security Requirements Guide: Version: 2: Release: 14: 27 Jul 2018
SRG-Network Device Mgt - SSH and SNMP
SRG-Network Device Mgt - Services
SRG-Network Device Mgt - Logging
SRG-Network Device Mgt - Authorization
SRG-Network Device Mgt - Authentication
SRG-Network Device Mgt - Accounting
Juniper STIGs
Juniper SRX SG VPN Security Technical Implementation Guide Version: 1: Release: 2: 27 Oct 2017
Juniper-SRX-SG-VPN - Section 1
Juniper-SRX-SG-VPN - Section 2
Juniper-SRX-SG-VPN - Section 3
Juniper SRX SG NDM Security Technical Implementation Guide Version: 1: Release: 2: 27 Jan 2017
Juniper-SRX-SG-NDM - User Access
Juniper-SRX-SG-NDM - Logging 2
Juniper-SRX-SG-NDM - Logging 1
Juniper SRX SG IDPS Security Technical Implementation Guide Version: 1: Release: 2: 28 Jul 2017
Juniper-SRX-SG-IDPS - Section 1
Juniper-SRX-SG-IDPS - Section 2
Juniper-SRX-SG-IDPS - Section 3
Juniper SRX SG ALG Security Technical Implementation Guide: Version: 1: Release: 3: 27 Apr 2018
JUNIPER-SRX-SG-ALG - Logging and NTP
Perimeter Router Security Technical Implementation Guide Juniper Version: 8: Release: 28 26 Jan 2018
JNPR-JNOS-PRTR - VTY and Console
JNPR-JNOS-PRTR - Routing Protocol
JNPR-JNOS-PRTR - Router Interface
JNPR-JNOS-PRTR - IPv6 and Multicast
JNPR-JNOS-PRTR - Access Account
JNPR-JNOS-PRTR - Logging and NTP
Infrastructure Router Security Technical Implementation Guide Juniper Version: 8: Release: 25: 26 Jan 2018
JNPR-JNOS-IRTR - VTY and Console
JNPR-JNOS-IRTR - Routing Protocol
JNPR-JNOS-IRTR - Logging and NTP
JNPR-JNOS-IRTR - IPv6 and Multicast
JNPR-JNOS-IRTR - Account Access
Palo Alto Networks STIGs
Palo Alto Networks ALG Security Technical Implementation Guide Version: 1: Release: 3: 28 Jul 2017
Palo Alto Networks IDPS Security Technical Implementation Guide Version: 1: Release: 1: 30 Nov 2015
Palo Alto Networks NDM Security Technical Implementation Guide Version: 1: Release: 3: 28 Jul 2017
A10
A10 Networks ADC NDM Security Technical Implementation Guide: Version: 1: Release: 1: 15 Apr 2016
A10 Networks ADC ALG Security Technical Implementation Guide: Version: 1: Release: 1: 15 Apr 2016
Arista Networks
Arista MLS DCS-7000 Series L2S Security Technical Implementation Guide: Version: 1: Release: 2 : 22 Apr 2016
ARISTA-AMLS-7k-NM - User Access
ARISTA-AMLS-7k-NM - Logging and NTP
ARISTA-AMLS-7k-NM - Account Access
ARISTA-AMLS-7k-L3 - Routing Protocol
ARISTA-AMLS-7k-L3 - Multicast and IPv6
Riverbed
HP FlexFabric
HP FlexFabric Switch L2S Security Technical Implementation Guide: Version: 1: Release: 1: 26 Feb 2016
HP-FlexFabric-L2SW - Interface
HP FlexFabric Switch NDM Security Technical Implementation Guide: Version: 1: Release: 1: 26 Feb 2016
HP-FlexFabric-NDM - User Access
HP-FlexFabric-NDM - Logging and NTP
HP-FlexFabric-NDM - Account Access
HP FlexFabric Switch RTR Security Technical Implementation Guide: Version: 1: Release: 1: 26 Feb 2016
HP-FlexFabric-RTR - Routing Protocol
HP-FlexFabric-RTR - IPv6-Multicast-QoS
Others
IPSec VPN Gateway Security Technical Implementation Guide: Version: 1: Release: 15: 27 Apr 2018
WLAN
WLAN Access Point (Enclave-NIPRNet Connected) Security Technical Implementation Guide (STIG) Version: 6 Release: 14 27 Apr 2018
WLAN Access Point (Internet Gateway Only Connection) Security Technical Implementation Guide (STIG) Version: 6 Release: 14 27 Apr 2018
WLAN Controller Security Technical Implementation Guide (STIG) Version: 6 Release: 14 27 Apr 2018
WLAN Bridge Security Technical Implementation Guide (STIG) Version: 6 Release: 14 27 Apr 2018
Comments