STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
STIGs updated 13 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to STIGs

Cisco ASA IPS Security Technical Implementation Guide

Version

V2R1

Release Date

Aug 27, 2024

SCAP Benchmark ID

Cisco_ASA_IPS_STIG

Total Checks

23

Tags

network
CAT I: 0CAT II: 23CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKLExport CSVExport JSON

Checks (23)

V-239873MEDIUMThe Cisco ASA must be configured to produce audit records containing sufficient information to establish what type of event occurred.V-239874MEDIUMThe Cisco ASA must be configured to produce audit records containing information to establish when the events occurred.V-239875MEDIUMThe Cisco ASA must be configured to produce audit records containing information to establish where the event was detected.V-239876MEDIUMThe Cisco ASA must be configured to produce audit records containing information to establish the source of the event.V-239877MEDIUMThe Cisco ASA must be configured to produce audit records containing information to establish the outcome of events associated with detected harmful or potentially harmful traffic.V-239878MEDIUMThe Cisco ASA must be configured to log events based on policy access control rules, signatures, and anomaly analysis.V-239879MEDIUMThe Cisco ASA must be configured to off-load log records to a centralized log server.V-239880MEDIUMThe Cisco ASA must be configured to send log records to the syslog server for specific facility and severity level.V-239881MEDIUMThe Cisco ASA must be configured to queue log records locally In the event that the central audit server is down or not reachable.V-239882MEDIUMThe Cisco ASA must be configured to block outbound traffic containing denial-of-service (DoS) attacks by ensuring an intrusion prevention policy has been applied to outbound communications traffic.V-239883MEDIUMThe Cisco ASA must be configured to use Advanced Malware Protection (AMP) features to detect and block the transmission of malicious software and malware.V-239884MEDIUMThe Cisco ASA must block any prohibited mobile code at the enclave boundary when it is detected.V-239885MEDIUMThe Cisco ASA must be configured to install updates for signature definitions and vendor-provided rules.V-239886MEDIUMThe Cisco ASA must be configured to block malicious code.V-239887MEDIUMThe Cisco ASA must be configured to block traffic from IP addresses that have a known bad reputation based on the latest reputation intelligence.V-239888MEDIUMThe Cisco ASA must be configured to send an alert to organization-defined personnel and/or the firewall administrator when malicious code is detected.V-239889MEDIUMThe Cisco ASA must be configured to automatically install updates to signature definitions and vendor-provided rules.V-239890MEDIUMThe Cisco ASA must be configured to block inbound traffic containing unauthorized activities or conditions.V-239891MEDIUMThe Cisco ASA must be configured to block outbound traffic containing unauthorized activities or conditions.V-239892MEDIUMThe Cisco ASA must be configured to send an alert to organization-defined personnel and/or the firewall administrator when intrusion events are detected.V-239893MEDIUMThe Cisco ASA must be configured to send an alert to organization-defined personnel and/or the firewall administrator when threats are detected.V-239894MEDIUMThe Cisco ASA must be configured to send an alert to organization-defined personnel and/or the firewall administrator when DoS incidents are detected.V-239895MEDIUMThe Cisco ASA must generate an alert to organization-defined personnel and/or the firewall administrator when active propagation of malware or malicious code is detected.