The A10 Networks ADC must not have any unnecessary or unapproved virtual servers configured.

A deny-all, permit-by-exception network communications traffic policy ensures that only those connections which are essential and approved are allowed. A virtual server is an instance where the device accepts traffic from outside hosts and redirects traffic to one or more real servers. In keeping with a deny-all, permit-by-exception policy, the services that the device provides to outside hosts must be only those that are necessary, documented, and approved.