STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← AC-4 (17) — Information Flow Enforcement

CCI-002205

Definition

Uniquely identify and authenticate source by organization, system, application, service, and/or individual for information transfer.

Parent Control

AC-4 (17)Information Flow EnforcementAccess Control

Linked STIG Checks (35)

V-204988CAT IIThe ALG that is part of a CDS must uniquely identify and authenticate source by organization, system, application, and/or individual for information transfer.Application Layer Gateway Security Requirements Guide V-278960CAT IIThe application server must uniquely identify and authenticate source by organization, system, application, and/or individual for information transfer.Application Server Security Requirements Guide V-217523CAT IIThe Arista Multilayer Switch must enable neighbor router authentication for control plane protocols except RIP.Arista MLS DCS-7000 Series RTR Security Technical Implementation Guide V-256027CAT IIThe Arista BGP router must be configured to use a unique key for each autonomous system (AS) that it peers with.Arista MLS EOS 4.2x Router Security Technical Implementation Guide V-256010CAT IIThe Arista router must be configured to authenticate all routing protocol messages using NIST-validated FIPS 198-1 message authentication code algorithm.Arista MLS EOS 4.X Router Security Technical Implementation Guide V-256027CAT IIThe Arista BGP router must be configured to use a unique key for each autonomous system (AS) that it peers with.Arista MLS EOS 4.X Router Security Technical Implementation Guide V-216555CAT IIThe Cisco router must be configured to enable routing protocol authentication using FIPS 198-1 algorithms with keys not exceeding 180 days of lifetime.Cisco IOS Router RTR Security Technical Implementation Guide V-216992CAT IIThe Cisco BGP router must be configured to use a unique key for each autonomous system (AS) that it peers with.Cisco IOS Router RTR Security Technical Implementation Guide V-220423CAT IIThe Cisco switch must be configured to enable routing protocol authentication using FIPS 198-1 algorithms with keys not exceeding 180 days of lifetime.Cisco IOS Switch RTR Security Technical Implementation Guide V-216645CAT IIThe Cisco router must be configured to enable routing protocol authentication using FIPS 198-1 algorithms with keys not exceeding 180 days of lifetime.Cisco IOS XE Router RTR Security Technical Implementation Guide V-217000CAT IIThe Cisco BGP router must be configured to use a unique key for each autonomous system (AS) that it peers with.Cisco IOS XE Router RTR Security Technical Implementation Guide V-220990CAT IIThe Cisco switch must be configured to enable routing protocol authentication using FIPS 198-1 algorithms with keys not exceeding 180 days of lifetime.Cisco IOS XE Switch RTR Security Technical Implementation Guide V-221022CAT IIThe Cisco BGP switch must be configured to use a unique key for each autonomous system (AS) that it peers with.Cisco IOS XE Switch RTR Security Technical Implementation Guide V-216739CAT IIThe Cisco router must be configured to enable routing protocol authentication using FIPS 198-1 algorithms with keys not exceeding 180 days of lifetime.Cisco IOS XR Router RTR Security Technical Implementation Guide V-217008CAT IIThe Cisco BGP router must be configured to use a unique key for each autonomous system (AS) that it peers with.Cisco IOS XR Router RTR Security Technical Implementation Guide V-221072CAT IIThe Cisco switch must be configured to implement message authentication for all control plane protocols.Cisco NX OS Switch RTR Security Technical Implementation Guide V-221073CAT IIThe Cisco switch must be configured to use keys with a duration not exceeding 180 days for authenticating routing protocol messages.Cisco NX OS Switch RTR Security Technical Implementation Guide V-221102CAT IIThe Cisco BGP switch must be configured to use a unique key for each autonomous system (AS) that it peers with.Cisco NX OS Switch RTR Security Technical Implementation Guide V-66109CAT IIThe HP FlexFabric Switch must enable neighbor authentication for all control plane protocols.HP FlexFabric Switch RTR Security Technical Implementation Guide V-254025CAT IIThe Juniper router must be configured to implement message authentication for all control plane protocols.Juniper EX Series Switches Router Security Technical Implementation Guide V-254026CAT IIThe Juniper BGP router must be configured to use a unique key for each autonomous system (AS) that it peers with.Juniper EX Series Switches Router Security Technical Implementation Guide V-254027CAT IIThe Juniper router must be configured to use keys with a duration not exceeding 180 days for authenticating routing protocol messages.Juniper EX Series Switches Router Security Technical Implementation Guide V-217012CAT IIThe Juniper router must be configured to implement message authentication for all control plane protocols.Juniper Router RTR Security Technical Implementation Guide V-217013CAT IIThe Juniper router must be configured to use keys with a duration not exceeding 180 days for authenticating routing protocol messages.Juniper Router RTR Security Technical Implementation Guide V-217052CAT IIThe Juniper BGP router must be configured to use a unique key for each autonomous system (AS) that it peers with.Juniper Router RTR Security Technical Implementation Guide V-278983CAT IIThe layer 2 switch must uniquely identify and authenticate source by organization, system, application, and/or individual for information transfer.Layer 2 Switch Security Requirements Guide V-279002CAT IIThe router must uniquely identify and authenticate source by organization, system, application, and/or individual for information transfer.Router Security Requirements Guide V-265431CAT IThe NSX Tier-0 Gateway router must be configured to implement message authentication for all control plane protocols.VMware NSX 4.x Tier-0 Gateway Router Security Technical Implementation Guide V-265432CAT IIThe NSX Tier-0 Gateway must be configured to use a unique password for each autonomous system (AS) with which it peers.VMware NSX 4.x Tier-0 Gateway Router Security Technical Implementation Guide V-265485CAT IThe NSX Tier-0 Gateway router must be configured to use encryption for border gateway protocol (BGP) routing protocol authentication.VMware NSX 4.x Tier-0 Gateway Router Security Technical Implementation Guide V-69129CAT IIThe NSX Distributed Logical Router must enable neighbor router authentication for control plane protocols.VMware NSX Distributed Logical Router Security Technical Implementation Guide V-251751CAT IIThe NSX-T Tier-0 Gateway must be configured to implement message authentication for all control plane protocols.VMware NSX-T Tier-0 Gateway RTR Security Technical Implementation Guide V-251752CAT IIThe NSX-T Tier-0 Gateway must be configured to use a unique key for each autonomous system (AS) with which it peers.VMware NSX-T Tier-0 Gateway RTR Security Technical Implementation Guide V-279021CAT IIThe VPN Gateway must uniquely identify and authenticate source by organization, system, application, and/or individual for information transfer.Virtual Private Network (VPN) Security Requirements Guide V-279028CAT IIThe web server must uniquely identify and authenticate source by organization, system, application, and/or individual for information transfer.Web Server Security Requirements Guide