Skip to content
ATO Pathways
  Log In

CCI-001109

Deny network communications traffic by default and allow network communications traffic by exception at managed interfaces; and/or for organization-defined systems.

Logo
1

Rule

Severity: Medium
The A10 Networks ADC must not have any unnecessary or unapproved virtual servers configured.
Logo
2

Rule

Severity: High
The Arista perimeter router must be configured to deny network traffic by default and allow network traffic by exception.
Logo
2

Rule

Severity: Medium
The ALG must deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception).
Logo
2

Rule

Severity: High
The firewall must deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception).
Logo
4

Rule

Severity: High
The Juniper perimeter router must be configured to deny network traffic by default and allow network traffic by exception.
Logo
2

Rule

Severity: Medium
The Juniper SRX Services Gateway Firewall must deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception).
Logo
2

Rule

Severity: High
The perimeter router must be configured to deny network traffic by default and allow network traffic by exception.
Logo
1

Rule

Severity: Medium
Symantec ProxySG must deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception).
Logo
1

Rule

Severity: Low
The NSX-T Distributed Firewall must deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception).
Logo
2

Rule

Severity: Medium
The NSX-T Tier-1 Gateway Firewall must deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception).
Logo
6

Rule

Severity: High
The Cisco perimeter router must be configured to deny network traffic by default and allow network traffic by exception.
Logo
6

Rule

Severity: High
The Cisco perimeter switch must be configured to deny network traffic by default and allow network traffic by exception.
Logo
2

Rule

Severity: Medium
The Palo Alto Networks security platform must deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception).
Logo
1

Rule

Severity: High
The F5 BIG-IP appliance must deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception).
Logo
1

Rule

Severity: Medium
The NSX Distributed Firewall must deny network communications traffic by default and allow network communications traffic by exception.
Logo
1

Rule

Severity: Medium
The NSX Tier-0 Gateway Firewall must deny network communications traffic by default and allow network communications traffic by exception.
Logo
1

Rule

Severity: Medium
The NSX Tier-1 Gateway firewall must deny network communications traffic by default and allow network communications traffic by exception.

Patternfly

PatternFly elements

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules