STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to STIGs

F5 BIG-IP Advanced Firewall Manager Security Technical Implementation Guide

Version

V2R2

Release Date

Dec 19, 2024

SCAP Benchmark ID

F5_BIG-IP_Advanced_Firewall_Manager_11-x_STIG

Total Checks

6

Tags

network
CAT I: 2CAT II: 4CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKLExport CSVExport JSONDownload STIG ZIP

Checks (6)

V-214498MEDIUMThe BIG-IP AFM module must be configured to enforce approved authorizations for controlling the flow of information within the network based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic.V-214499HIGHThe BIG-IP AFM module must be configured to restrict or block harmful or suspicious communications traffic by controlling the flow of information between interconnected networks based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic.V-214500MEDIUMThe BIG-IP AFM module must be configured to produce audit records containing information to establish what type of events occurred.V-214501MEDIUMThe BIG-IP AFM module must be configured to only allow incoming communications from authorized sources routed to authorized destinations.V-214502MEDIUMThe BIG-IP AFM module must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives.V-270900HIGHThe version of F5 BIG-IP must be a supported version.