Network Device Checklist Automator

Report No. ARL-TR-5394
Authors: Donald A. Bennett and Aaron P. Hiltgen
Date/Pages: November 2010; 32 pages
Abstract: The Department of Defense (DoD) 8500 series mandates that all agencies implement the Security Technical Implementation Guides (STIGs) released by the Defense Information Systems Agency (DISA) to protect information systems against attackers and misuse. Agencies are required to perform regular checks on all their systems for compliance with these regulations. To make the STIG compliance validation process easier, the DoD allows the use of Security Readiness Review Scripts (SRRS), which automatically perform many checks, allowing auditors to focus attention on critical areas. Per the DoD, network devices are the most critical, but to date there are no commonly available Government automation tools for network devices such as routers, firewalls, switches, and intrusion detection systems (IDSs). Without sufficient support, many of these devices are running with little or no checking. The Network Device Checklist Automator (NDCA) seeks to become the first SRRS for network devices and provide the groundwork for future development. Our goal is to create a framework and implement full support for a few devices to demonstrate proof of concept in hopes of transitioning the project to other organizations for further evaluation and testing, and eventual implementation by all sections of the DoD tasked with ensuring network device STIG compliance.
Distribution: Approved for public release
  Download Report ( 1.406 MBytes )
If you are visually impaired or need a physical copy of this report, please visit and contact DTIC.

Last Update / Reviewed: November 1, 2010