CCI-001133
Terminate the network connection associated with a communications session at the end of the session or after an organization-defined time period of inactivity.
The A10 Networks ADC must terminate management sessions after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

1 rule found Severity: Medium

The Akamai Luna Portal must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 15 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium

The Arista Multilayer Switch must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium

The CA API Gateway must terminate all network connections associated with a Policy Manager session at the end of the session or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity within the Policy Manager, and for user sessions simply viewing the contents of Policy Manager or viewing Audit Logs for tracking purposes (non-privileged session), the session must be terminated after 15 minutes of inactivity.
1 rule found Severity: Medium

The DBN-6300 must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

The Lifetime Minutes and Renewal Threshold Minutes Login Session Controls must be set to 10 and 0 respectively in Docker Enterprise.
1 rule found Severity: Medium

1 rule found Severity: High

CounterACT must terminate all network connections associated with an Enterprise Manager Console session upon Exit, or session disconnection, or after 10 minutes of inactivity, except where prevented by documented and validated mission requirements.
1 rule found Severity: Medium

CounterACT must terminate all network connections associated with an SSH connection session upon Exit, session disconnection, or after 10 minutes of inactivity, except where prevented by documented and validated mission requirements.
1 rule found Severity: Medium

The HP FlexFabric Switch must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium

The storage system must terminate all network connections associated with a communications session at the end of the session, at shutdown, or after 10 minutes of inactivity.
1 rule found Severity: Medium

The HYCU server and Web UI must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 15 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

The DataPower Gateway must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

IBM Aspera Console interactive session must be terminated after 10 minutes of inactivity for non-privileged and privileged sessions.
1 rule found Severity: Medium

IBM Aspera Faspex interactive session must be terminated after 10 minutes of inactivity for non-privileged and privileged sessions.
1 rule found Severity: Medium

The IBM Aspera Shares interactive session must be terminated after 10 minutes of inactivity for non-privileged and privileged sessions.
1 rule found Severity: Medium

The WebGUI of the MQ Appliance network device must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium

The SSH CLI of the MQ Appliance network device must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium

MobileIron Sentry must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirement.
1 rule found Severity: High

The Sentry must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity; and for mobile device sessions (non-privileged session), the session must be terminated after 15 minutes of inactivity.
2 rules found Severity: Medium

Nutanix AOS must automatically terminate a user session after inactivity time-outs have expired or at shutdown.
1 rule found Severity: Medium

Oracle WebLogic must terminate the network connection associated with a communications session at the end of the session or after a DoD-defined time period of inactivity.
1 rule found Severity: Low

Riverbed Optimization System (RiOS) must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium

Symantec ProxySG must terminate all network connections associated with a communications session at the end of the session or terminate user sessions (nonprivileged session) after 15 minutes of inactivity.
1 rule found Severity: High

Common Access Card (CAC)-based authentication must be enabled and enforced on the Tanium Server for all access and all accounts.
2 rules found Severity: Medium

Symantec ProxySG must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

Tanium Operating System (TanOS) must terminate all network connections associated with a communications session at the end of the session, or as follows: For in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity; for user sessions (nonprivileged session), the session must be terminated after 15 minutes of inactivity, except to fulfill documented and validated mission requirements.
2 rules found Severity: Medium

The NSX-T Manager must terminate the device management session at the end of the session or after 10 minutes of inactivity.
1 rule found Severity: High

The macOS system must be configured with the SSH daemon ClientAliveInterval option set to 900 or less.
2 rules found Severity: Medium

2 rules found Severity: Medium

2 rules found Severity: Medium

The Ubuntu operating system must automatically terminate all network connections associated with SSH traffic at the end of the session or after 10 minutes of inactivity.
1 rule found Severity: Medium

The network device must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
4 rules found Severity: High

The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium

The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.
1 rule found Severity: Medium

The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.
1 rule found Severity: Medium

The BIG-IP appliance must be configured to terminate all management sessions after 10 minutes of inactivity.
1 rule found Severity: High

The BIG-IP Core implementation must terminate all communications sessions at the end of the session or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity, and for user sessions (nonprivileged sessions), the session must be terminated after 15 minutes of inactivity.
1 rule found Severity: Medium

The Arista network device must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

The Ubuntu operating system must immediately terminate all network connections associated with SSH traffic after a period of inactivity.
1 rule found Severity: Medium

The Ubuntu operating system must immediately terminate all network connections associated with SSH traffic at the end of the session or after 10 minutes of inactivity.
1 rule found Severity: Medium

The Cisco ASA must be configured to terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

The Cisco switch must be configured to terminate all network connections associated with device management after five minutes of inactivity.
3 rules found Severity: High

The Cisco router must be configured to terminate all network connections associated with device management after five minutes of inactivity.
3 rules found Severity: High

The Cisco ISE must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

The Enterprise Voice, Video, and Messaging Endpoint must be configured to terminate all network connections associated with a communications session at the end of the session.
1 rule found Severity: High

The F5 BIG-IP appliance must terminate all network connections associated with a communications session at the end of the session or after 15 minutes of inactivity.
1 rule found Severity: High

The Enterprise Voice, Video, and Messaging Session Manager must be configured to terminate all network connections associated with a communications session at the end of the session.
1 rule found Severity: Medium

The F5 BIG-IP appliance must set the idle time before automatic logout to five minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

SSMC must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity.
1 rule found Severity: Medium

The HPE Nimble must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity.
1 rule found Severity: High

The HPE 3PAR OS must be configured to terminate all network connections associated with a communications session at the end of the session, or after 10 minutes of inactivity.
1 rule found Severity: Medium

AIX must set inactivity time-out on login sessions and terminate all login sessions after 10 minutes of inactivity.
1 rule found Severity: Medium

The ICS must be configured to terminate after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

1 rule found Severity: Medium

Sentry must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirement.
1 rule found Severity: High

The Juniper EX switch must be configured to end all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill mission requirements.
1 rule found Severity: High

1 rule found Severity: Medium

1 rule found Severity: Medium

The directory service must be configured to terminate LDAP-based network connections to the directory server after 5 minutes of inactivity.
1 rule found Severity: Low

The network device must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

ONTAP must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

The Oracle Linux operating system must be configured so that all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium

The Oracle Linux operating system must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.
1 rule found Severity: Medium

The Oracle Linux operating system must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.
1 rule found Severity: Medium

The Riverbed NetProfiler must be configured to terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

SLEM 5 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.
1 rule found Severity: Medium

SLEM 5 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.
1 rule found Severity: Medium

The TippingPoint SMS must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

TOSS must be configured so that all network connections associated with SSH traffic are terminated at the end of the session or after 10 minutes of inactivity, except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium

12 rules found Severity: Medium

1 rule found Severity: Medium

1 rule found Severity: Medium

2 rules found Severity: Medium

The ALG must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity; and for user sessions (non-privileged session), the session must be terminated after 15 minutes of inactivity.
1 rule found Severity: Medium

The application must terminate all network connections associated with a communications session at the end of the session.
1 rule found Severity: Medium

Ubuntu 22.04 LTS must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.
1 rule found Severity: Medium

Ubuntu 22.04 LTS must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.
1 rule found Severity: Medium

AlmaLinux OS 9 must automatically exit interactive command shell user sessions after 10 minutes of inactivity.
1 rule found Severity: Medium

AlmaLinux OS 9 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.
1 rule found Severity: Medium

The application must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity.
1 rule found Severity: Medium

The Dell OS10 Switch must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

Forescout must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

The operating system must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity; and for user sessions (non-privileged session), the session must be terminated after 15 minutes of inactivity, except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium

AOS must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

The HYCU virtual appliance must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

AOS, when used as a VPN Gateway, must terminate all network connections associated with a communications session at the end of the session.
1 rule found Severity: Low

The Remote Access VPN Gateway must terminate remote access network connections after an organization-defined time period.
2 rules found Severity: Medium

IBM z/OS startup parameters for the FTP Server must be defined in the SYSTCPD and SYSFTPD DD statements for configuration files.
1 rule found Severity: Medium

1 rule found Severity: Medium

1 rule found Severity: Medium

The Juniper router must be configured to terminate all network connections associated with device management after five minutes of inactivity.
1 rule found Severity: High

1 rule found Severity: Medium

2 rules found Severity: Medium

The IBM z/OS PROFILE.TCPIP configuration for the TN3270 Telnet server must have the INACTIVE statement properly specified.
1 rule found Severity: Medium

1 rule found Severity: Medium

The Juniper SRX Services Gateway Firewall must terminate all communications sessions associated with user traffic after 15 minutes or less of inactivity.
1 rule found Severity: Medium

IBM z/OS PROFILE.TCPIP configuration for the TN3270 Telnet server must have the INACTIVE statement properly specified.
1 rule found Severity: Medium

The Juniper SRX Services Gateway must terminate a device management session after 10 minutes of inactivity, except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium

The Juniper SRX Services Gateway must terminate a device management session if the keep-alive count is exceeded.
1 rule found Severity: Medium

The Juniper SRX Services Gateway VPN must terminate all network connections associated with a communications session at the end of the session.
1 rule found Severity: Medium

Windows Server 2019 directory service must be configured to terminate LDAP-based network connections to the directory server after five minutes of inactivity.
1 rule found Severity: Low

Windows Server 2022 directory service must be configured to terminate LDAP-based network connections to the directory server after five minutes of inactivity.
1 rule found Severity: Low

OL 8 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.
1 rule found Severity: Medium

OL 8 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.
1 rule found Severity: Medium

The Palo Alto Networks security platform must terminate communications sessions after 15 minutes of inactivity.
1 rule found Severity: Medium

Rancher RKE2 must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after five minutes of inactivity.
1 rule found Severity: Medium

OpenShift must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity.
1 rule found Severity: Medium

The Palo Alto Networks security platform must terminate management sessions after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High

RHEL 8 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.
1 rule found Severity: Medium

RHEL 9 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.
1 rule found Severity: Medium

RHEL 9 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.
1 rule found Severity: Medium

RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.
1 rule found Severity: Medium

RHEL 9 must automatically exit interactive command shell user sessions after 15 minutes of inactivity.
1 rule found Severity: Medium

2 rules found Severity: Medium

The SUSE operating system for all network connections associated with SSH traffic must immediately terminate at the end of the session or after 10 minutes of inactivity.
2 rules found Severity: Medium

The operating system must terminate the network connection associated with a communications session at the end of the session or after 10 minutes of inactivity.
2 rules found Severity: Low

The operating system must terminate all sessions and network connections when nonlocal maintenance is completed.
2 rules found Severity: Medium

The NSX Manager must terminate all network connections associated with a session after five minutes of inactivity.
1 rule found Severity: High

The VMM must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity; and for user sessions (non-privileged session), the session must be terminated after 15 minutes of inactivity, except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium

1 rule found Severity: Medium

2 rules found Severity: Medium

2 rules found Severity: Medium

2 rules found Severity: Medium

2 rules found Severity: Medium

2 rules found Severity: Medium

1 rule found Severity: Medium

2 rules found Severity: Medium

The VPN Gateway must terminate all network connections associated with a communications session at the end of the session.
1 rule found Severity: Low

2 rules found Severity: Medium

3 rules found Severity: Medium

User timeout parameter values for WebSphere MQ queue managers are not specified in accordance with security requirements.
3 rules found Severity: Medium
