National Vulnerability Database

National Vulnerability Database

National Vulnerability

A10 Networks Application Delivery Controller (ADC) Version 1 Checklist Details (Checklist Revisions)

Supporting Resources:


Target CPE Name
A10 Networks Application Delivery Controller cpe:/a:a10networks:application_delivery_controller (View CVEs)

Checklist Highlights

Checklist Name:
A10 Networks Application Delivery Controller (ADC)
Checklist ID:
Version 1
Review Status:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:

Checklist Summary:

The A10 Networks Application Delivery Controller (ADC) Application Layer Gateway (ALG) Security Technical Implementation Guide (STIG) provides the technical security policies, requirements, and implementation details for applying security concepts to the A10 Networks AX and Thunder platforms (physical and virtual machine). This document is meant for use in conjunction with the A10 Networks ADC Network Device Management STIG and is required to be used for each deployment of the A10 Networks ADC. The A10 Networks AX and Thunder ADCs are advanced load balancers with additional capabilities, including an integrated Web Application Firewall (WAF), HTTP and Domain Name System (DNS) protocol compliance checking, and Secure Sockets Layer/Transport Layer Security (SSL/TLS) encryption. These platforms are not intended as enclave perimeter protection devices and are used primarily to increase availability of services by managing connections to servers. The A10 Networks ADC platforms come in both FIPS-compliant and non-FIPS-compliant versions. For use within the DoD, FIPS-compliant versions must be used. FIPS-compliant versions are identified by the designation “FIPS” in the stock keeping unit (SKU).

Checklist Role:

  • Domain Controller
  • Firewall

Known Issues:

Not provided.

Target Audience:

Not provided.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

DoD Instruction (DoDI) 8500.01


Not provided.


NIST does not guarantee or warrant the checklist’s accuracy or completeness. NIST is not responsible for loss, damage, or problems that may be caused by using the checklist.

Product Support:

All technical NIST SP 800-53 requirements were considered while developing this STIG. Requirements that are applicable and configurable will be included in the final STIG. A report marked For Official Use Only (FOUO) will be available for those items that did not meet requirements. This report will be available to component Authorizing Official (AO) personnel for risk assessment purposes by request via email to:

Point of Contact:


Not provided.


Not provided.

Change History:

New Checklist Candidate - 07/18/2017
Updated URL to reflect change to the DISA website - http --> https
Moved to FINAL - 03/30/2018
Updated URLs - 6/4/19


URL Description


Reference URL Description A10 Networks Application Delivery Controller (ADC) Overview, Ver 1 A10 Networks Application Delivery Controller (ADC) STIG Ver 1 Release Memo

NIST checklist record last modified on 06/04/2019