Skip to content

Cisco ASA IPS Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The Cisco ASA must block any prohibited mobile code at the enclave boundary when it is detected.

    Mobile code is defined as software modules obtained from remote systems, transferred across a network, and then downloaded and executed on a local system without explicit installation or execution ...
    Rule Medium Severity
  • The Cisco ASA must be configured to install updates for signature definitions and vendor-provided rules.

    Failing to update malicious code protection mechanisms, including application software files, signature definitions, and vendor-provided rules, leaves the system vulnerable to exploitation by recen...
    Rule Medium Severity
  • The Cisco ASA must be configured to automatically install updates to signature definitions and vendor-provided rules.

    Failing to automatically update malicious code protection mechanisms, including application software files, signature definitions, and vendor-provided rules, leaves the system vulnerable to exploit...
    Rule Medium Severity
  • SRG-NET-000078-IDPS-00063

    Group
  • SRG-NET-000075-IDPS-00060

    Group

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules