CCI-001133
Terminate the network connection associated with a communications session at the end of the session or after an organization-defined time period of inactivity.
The A10 Networks ADC must terminate management sessions after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
1 rule found Severity: Medium
The Akamai Luna Portal must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 15 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium
The Arista Multilayer Switch must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium
The CA API Gateway must terminate all network connections associated with a Policy Manager session at the end of the session or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity within the Policy Manager, and for user sessions simply viewing the contents of Policy Manager or viewing Audit Logs for tracking purposes (non-privileged session), the session must be terminated after 15 minutes of inactivity.
1 rule found Severity: Medium
The DBN-6300 must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
The Lifetime Minutes and Renewal Threshold Minutes Login Session Controls must be set to 10 and 0 respectively in Docker Enterprise.
1 rule found Severity: Medium
1 rule found Severity: High
CounterACT must terminate all network connections associated with an Enterprise Manager Console session upon Exit, or session disconnection, or after 10 minutes of inactivity, except where prevented by documented and validated mission requirements.
1 rule found Severity: Medium
CounterACT must terminate all network connections associated with an SSH connection session upon Exit, session disconnection, or after 10 minutes of inactivity, except where prevented by documented and validated mission requirements.
1 rule found Severity: Medium
The HP FlexFabric Switch must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium
The storage system must terminate all network connections associated with a communications session at the end of the session, at shutdown, or after 10 minutes of inactivity.
1 rule found Severity: Medium
The HYCU server and Web UI must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 15 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
The DataPower Gateway must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
IBM Aspera Console interactive session must be terminated after 10 minutes of inactivity for non-privileged and privileged sessions.
1 rule found Severity: Medium
IBM Aspera Faspex interactive session must be terminated after 10 minutes of inactivity for non-privileged and privileged sessions.
1 rule found Severity: Medium
The IBM Aspera Shares interactive session must be terminated after 10 minutes of inactivity for non-privileged and privileged sessions.
1 rule found Severity: Medium
The WebGUI of the MQ Appliance network device must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium
The SSH CLI of the MQ Appliance network device must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium
MobileIron Sentry must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirement.
1 rule found Severity: High
The Sentry must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity; and for mobile device sessions (non-privileged session), the session must be terminated after 15 minutes of inactivity.
2 rules found Severity: Medium
Nutanix AOS must automatically terminate a user session after inactivity time-outs have expired or at shutdown.
1 rule found Severity: Medium
Oracle WebLogic must terminate the network connection associated with a communications session at the end of the session or after a DoD-defined time period of inactivity.
1 rule found Severity: Low
Riverbed Optimization System (RiOS) must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium
Symantec ProxySG must terminate all network connections associated with a communications session at the end of the session or terminate user sessions (nonprivileged session) after 15 minutes of inactivity.
1 rule found Severity: High
Common Access Card (CAC)-based authentication must be enabled and enforced on the Tanium Server for all access and all accounts.
2 rules found Severity: Medium
Symantec ProxySG must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
Tanium Operating System (TanOS) must terminate all network connections associated with a communications session at the end of the session, or as follows: For in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity; for user sessions (nonprivileged session), the session must be terminated after 15 minutes of inactivity, except to fulfill documented and validated mission requirements.
2 rules found Severity: Medium
The NSX-T Manager must terminate the device management session at the end of the session or after 10 minutes of inactivity.
1 rule found Severity: High
The macOS system must be configured with the SSH daemon ClientAliveInterval option set to 900 or less.
2 rules found Severity: Medium
2 rules found Severity: Medium
2 rules found Severity: Medium
The Ubuntu operating system must automatically terminate all network connections associated with SSH traffic at the end of the session or after 10 minutes of inactivity.
1 rule found Severity: Medium
The network device must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
4 rules found Severity: High
The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium
The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.
1 rule found Severity: Medium
The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.
1 rule found Severity: Medium
The BIG-IP appliance must be configured to terminate all management sessions after 10 minutes of inactivity.
1 rule found Severity: High
The BIG-IP Core implementation must terminate all communications sessions at the end of the session or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity, and for user sessions (nonprivileged sessions), the session must be terminated after 15 minutes of inactivity.
1 rule found Severity: Medium
The Arista network device must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
The Ubuntu operating system must immediately terminate all network connections associated with SSH traffic after a period of inactivity.
1 rule found Severity: Medium
The Ubuntu operating system must immediately terminate all network connections associated with SSH traffic at the end of the session or after 10 minutes of inactivity.
1 rule found Severity: Medium
The Cisco ASA must be configured to terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
The Cisco switch must be configured to terminate all network connections associated with device management after five minutes of inactivity.
3 rules found Severity: High
The Cisco router must be configured to terminate all network connections associated with device management after five minutes of inactivity.
3 rules found Severity: High
The Cisco ISE must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
The Enterprise Voice, Video, and Messaging Endpoint must be configured to terminate all network connections associated with a communications session at the end of the session.
1 rule found Severity: High
The F5 BIG-IP appliance must terminate all network connections associated with a communications session at the end of the session or after 15 minutes of inactivity.
1 rule found Severity: High
The Enterprise Voice, Video, and Messaging Session Manager must be configured to terminate all network connections associated with a communications session at the end of the session.
1 rule found Severity: Medium
The F5 BIG-IP appliance must set the idle time before automatic logout to five minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
SSMC must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity.
1 rule found Severity: Medium
The HPE Nimble must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity.
1 rule found Severity: High
The HPE 3PAR OS must be configured to terminate all network connections associated with a communications session at the end of the session, or after 10 minutes of inactivity.
1 rule found Severity: Medium
AIX must set inactivity time-out on login sessions and terminate all login sessions after 10 minutes of inactivity.
1 rule found Severity: Medium
The ICS must be configured to terminate after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
1 rule found Severity: Medium
Sentry must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirement.
1 rule found Severity: High
The Juniper EX switch must be configured to end all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill mission requirements.
1 rule found Severity: High
1 rule found Severity: Medium
1 rule found Severity: Medium
The directory service must be configured to terminate LDAP-based network connections to the directory server after 5 minutes of inactivity.
1 rule found Severity: Low
The network device must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
ONTAP must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
The Oracle Linux operating system must be configured so that all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium
The Oracle Linux operating system must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.
1 rule found Severity: Medium
The Oracle Linux operating system must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.
1 rule found Severity: Medium
The Riverbed NetProfiler must be configured to terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
SLEM 5 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.
1 rule found Severity: Medium
SLEM 5 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.
1 rule found Severity: Medium
The TippingPoint SMS must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
TOSS must be configured so that all network connections associated with SSH traffic are terminated at the end of the session or after 10 minutes of inactivity, except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium
12 rules found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
2 rules found Severity: Medium
The ALG must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity; and for user sessions (non-privileged session), the session must be terminated after 15 minutes of inactivity.
1 rule found Severity: Medium
The application must terminate all network connections associated with a communications session at the end of the session.
1 rule found Severity: Medium
Ubuntu 22.04 LTS must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.
1 rule found Severity: Medium
Ubuntu 22.04 LTS must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.
1 rule found Severity: Medium
AlmaLinux OS 9 must automatically exit interactive command shell user sessions after 10 minutes of inactivity.
1 rule found Severity: Medium
AlmaLinux OS 9 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.
1 rule found Severity: Medium
The application must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity.
1 rule found Severity: Medium
The Dell OS10 Switch must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
Forescout must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
The operating system must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity; and for user sessions (non-privileged session), the session must be terminated after 15 minutes of inactivity, except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium
AOS must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
The HYCU virtual appliance must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
AOS, when used as a VPN Gateway, must terminate all network connections associated with a communications session at the end of the session.
1 rule found Severity: Low
The Remote Access VPN Gateway must terminate remote access network connections after an organization-defined time period.
2 rules found Severity: Medium
IBM z/OS startup parameters for the FTP Server must be defined in the SYSTCPD and SYSFTPD DD statements for configuration files.
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
The Juniper router must be configured to terminate all network connections associated with device management after five minutes of inactivity.
1 rule found Severity: High
1 rule found Severity: Medium
2 rules found Severity: Medium
The IBM z/OS PROFILE.TCPIP configuration for the TN3270 Telnet server must have the INACTIVE statement properly specified.
1 rule found Severity: Medium
1 rule found Severity: Medium
The Juniper SRX Services Gateway Firewall must terminate all communications sessions associated with user traffic after 15 minutes or less of inactivity.
1 rule found Severity: Medium
IBM z/OS PROFILE.TCPIP configuration for the TN3270 Telnet server must have the INACTIVE statement properly specified.
1 rule found Severity: Medium
The Juniper SRX Services Gateway must terminate a device management session after 10 minutes of inactivity, except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium
The Juniper SRX Services Gateway must terminate a device management session if the keep-alive count is exceeded.
1 rule found Severity: Medium
The Juniper SRX Services Gateway VPN must terminate all network connections associated with a communications session at the end of the session.
1 rule found Severity: Medium
Windows Server 2019 directory service must be configured to terminate LDAP-based network connections to the directory server after five minutes of inactivity.
1 rule found Severity: Low
Windows Server 2022 directory service must be configured to terminate LDAP-based network connections to the directory server after five minutes of inactivity.
1 rule found Severity: Low
OL 8 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.
1 rule found Severity: Medium
OL 8 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.
1 rule found Severity: Medium
The Palo Alto Networks security platform must terminate communications sessions after 15 minutes of inactivity.
1 rule found Severity: Medium
Rancher RKE2 must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after five minutes of inactivity.
1 rule found Severity: Medium
OpenShift must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity.
1 rule found Severity: Medium
The Palo Alto Networks security platform must terminate management sessions after 10 minutes of inactivity except to fulfill documented and validated mission requirements.
1 rule found Severity: High
RHEL 8 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.
1 rule found Severity: Medium
RHEL 9 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.
1 rule found Severity: Medium
RHEL 9 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.
1 rule found Severity: Medium
RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.
1 rule found Severity: Medium
RHEL 9 must automatically exit interactive command shell user sessions after 15 minutes of inactivity.
1 rule found Severity: Medium
2 rules found Severity: Medium
The SUSE operating system for all network connections associated with SSH traffic must immediately terminate at the end of the session or after 10 minutes of inactivity.
2 rules found Severity: Medium
The operating system must terminate the network connection associated with a communications session at the end of the session or after 10 minutes of inactivity.
2 rules found Severity: Low
The operating system must terminate all sessions and network connections when nonlocal maintenance is completed.
2 rules found Severity: Medium
The NSX Manager must terminate all network connections associated with a session after five minutes of inactivity.
1 rule found Severity: High
The VMM must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity; and for user sessions (non-privileged session), the session must be terminated after 15 minutes of inactivity, except to fulfill documented and validated mission requirements.
1 rule found Severity: Medium
1 rule found Severity: Medium
2 rules found Severity: Medium
2 rules found Severity: Medium
2 rules found Severity: Medium
2 rules found Severity: Medium
2 rules found Severity: Medium
1 rule found Severity: Medium
2 rules found Severity: Medium
The VPN Gateway must terminate all network connections associated with a communications session at the end of the session.
1 rule found Severity: Low
2 rules found Severity: Medium
3 rules found Severity: Medium
User timeout parameter values for WebSphere MQ queue managers are not specified in accordance with security requirements.
3 rules found Severity: Medium