The NIOS appliance is compliant with the following:
- Qualys and Nessus security requirements
- Joint Interoperability Test Command (JITC) certification for Internet Protocol version 6 capability
- RFCs (Request for Comments)
The list of RFCs are:
NTP RFC Compliance
The NIOS appliance complies with the following NTP RFCs:
RFCs for NTP
| RFC Number | RFC Title |
|---|---|
| 8915 | Network Time Security for the Network Time Protocol |
| 8633 | Network Time Protocol Best Current Practices |
| 8573 | Message Authentication Code for the Network Time Protocol |
| 7822 | Network Time Protocol Version 4: Protocol and Algorithms Specification |
| 7821 | UDP Checksum Complement in the Network Time Protocol (NTP) |
| 7384 | Security Requirements of Time Protocols in Packet Switched Networks |
| 5908 | Network Time Protocol (NTP) Server Option for DHCPv6 |
| 5907 | Definitions of Managed Objects for Network Time Protocol Version 4 (NTPv4) |
| 5906 | Network Time Protocol Version 4: Autokey Specification |
| 5905 | Network Time Protocol Version 4: Protocol and Algorithms Specification |
| 4330 | Simple Network Time Protocol (SNTP) Version 4 for IPv4, IPv6 and OSI |
| 4075 | Simple Network Time Protocol (SNTP) Configuration Option for DHCPv6 |
| 3280 | Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile |
| 3279 | Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile |
| 3161 | Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) |
| 2875 | Diffie-Hellman Proof-of-Possession Algorithms |
| 2783 | Pulse-Per-Second API for UNIX-like Operating Systems, Version 1.0 |
| 2560 | X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP |
| 2510 | Internet X.509 Public Key Infrastructure Certificate Management Protocols |
| 2373 | IP Version 6 Addressing Architecture |
| 2030 | Simple Network Time Protocol (SNTP) Version 4 for IPv4, IPv6 and OSI |
| 1828 | IP Authentication using Keyed MD5 |
| 1769 | Simple Network Time Protocol (SNTP) |
| 1589 | A Kernel Model for Precision Timekeeping |
| 1361 | Simple Network Time Protocol (SNTP) |
| 1321 | The MD5 Message-Digest Algorithm |
| 1305 | Network Time Protocol (Version 3) Specification, Implementation and Analysis |
| 1241 | A Scheme for an Internet Encapsulation Protocol: Version 1 |
| 1165 | Network Time Protocol (NTP) over the OSI Remote Operations Service |
| 1129 | Internet Time Synchronization: the Network Time Protocol |
| 1128 | Measured Performance of the Network Time Protocol in the Internet System |
| 1119 | Network Time Protocol (Version 2) Specification and Implementation |
| 1059 | Network Time Protocol (Version 1) Specification and Implementation |
| 1004 | A Distributed-Protocol Authentication Scheme |
| 996 | Statistics Server |
| 985 | Requirements for Internet Gateways |
| 981 | An Experimental Multiple-Path Routing Algorithm |
| 975 | Autonomous Confederations |
| 958 | Network Time Protocol (NTP) |
| 957 | Experiments in Network Clock Synchronization |
| 956 | Algorithms for Synchronizing Network Clocks |
| 904 | Exterior Gateway Protocol Formal Specification |
| 891 | DCN Local-Network Protocols |
| 889 | Internet Delay Experiments |
| 799 | Internet Name Domains |
| 778 | DCNET Internet Clock Service |
| IEN 173 | Time Synchronization in DCNET Hosts |
DNS RFC Compliance
The NIOS appliance complies with the following DNS RFCs:
RFCs for DNS
| RFC Number | RFC Title |
|---|---|
| 791 | IPv4 Internet Protocol |
| 805 | Computer Mail Meeting Notes |
| 811 | Hostnames Server |
| 819 | The Domain Naming Convention for Internet User Applications |
| 881 | The Domain Names Plan and Schedule |
| 882 | Domain Names: Concepts and Facilities |
| 883 | Domain Names: Implementation Specification |
| 897 | Domain Name System Implementation Schedule |
| 920 | Domain Requirements |
| 921 | Domain Name System Implementation Schedule – Revised |
| 973 | Domain System Changes and Observations |
| 974 | Mail Routing and the Domain System |
| 1032 | Domain Administrators Guide |
| 1033 | Domain Administrators Operations Guide |
| 1034 | Domain Names – Concepts and Facilities |
| 1035 | Domain Names – Implementation and Specification |
| 1101 | DNS Encoding of Network Names and Other Types |
| 1122 | Requirements for Internet Hosts – Communication Layers |
| 1123 | Requirements for Internet Hosts – Application and Support |
| 1178 | Choosing a Name for Your Computer |
| 1348 | DNS NSAP RRs |
| 1386 | The US Domain |
| 1464 | Using the Domain Name System to Store Arbitrary String Attributes |
| 1535 | A Security Problem and Proposed Correction with Widely Deployed DNS Software |
| 1536 | Common DNS Implementation Errors and Suggested Fixes |
| 1537 | Common DNS Data File Configuration Errors |
| 1591 | Domain Name System Structure and Delegation |
| 1611 | DNS Server MIB Extensions |
| 1612 | DNS Resolver MIB Extensions |
| 1637 | DNS NSAP Resource Records |
| 1664 | Using the Internet DNS to Distribute RFC |
| 1327 | Mail Address Mapping Tables |
| 1713 | Tools for DNS debugging |
| 1794 | DNS Support for Load Balancing |
| 1811 | U.S. Government Internet Domain Names |
| 1816 | U.S. Government Internet Domain Names |
| 1912 | Common DNS Operational and Configuration Errors |
| 1956 | Registration in the MIL Domain |
| 1982 | Serial Number Arithmetic |
| 1995 | Incremental Zone Transfer in DNS |
| 1996 | A Mechanism for Prompt Notification of Zone Changes |
| 2010 | Operational Criteria for Root Name Servers |
| 2052 | A DNS RR for specifying the location of services (DNS SRV) |
| 2053 | The AM (Armenia) Domain |
| 2136 | Dynamic Updates in the Domain Name System (DNS UPDATE) |
| 2142 | Mailbox Names for Common Services, Roles and Functions |
| 2146 | U.S. Government Internet Domain Names |
| 2168 | Resolution of Uniform Resource Identifiers using the Domain Name System |
| 2181 | Clarifications to the DNS Specification |
| 2182 | Selection and Operation of Secondary DNS Servers |
| 2219 | Use of DNS Aliases for Network Services |
| 2240 | A Legal Basis for Domain Name Allocation |
| 2308 | Negative Caching of DNS Queries (DNS NCACHE) |
| 2317 | Classless IN-ADDR.ARPA Delegation |
| 2352 | A Convention for Using Legal Names as Domain Names |
| 2460 | IPv6 Internet Protocol |
| 2537 | RSA/MD5 KEYs and SIGs in the Domain Name System (DNS) |
| 2606 | Reserved Top Level DNS Names |
| 2782 | A DNS RR for Specifying the Location of Services (DNS SRV) |
| 2845 | Secret Key Transaction Authentication for DNS (TSIG) |
| 2915 | The Naming Authority Pointer (NAPTR) DNS Resource Record |
| 2930 | Secret Key Establishment for DNS (TKEY RR) |
| 3596 | DNS Extensions to Support IP Version 6 |
| 3645 | Generic Security Service Algorithm for Secret Key Transaction Authentication for DNS (GSS-TSIG) |
| 3768 | Virtual Router Redundancy Protocol (VRRP) |
| 4033 | DNS Security Introduction and Requirements |
| 4034 | Resource Records for the DNS Security Extensions |
| 4035 | Protocol Modifications for the DNS Security Extensions |
| 4641 | DNSSEC Operational Practices |
| 4956 | DNS Security (DNSSEC) Opt-In |
| 4986 | Requirements Related to DNS Security (DNSSEC) Trust Anchor Rollover |
| 5155 | DNSSEC Hashed Authenticated Denial of Existence |
| 5702 | Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC |
| 5936 | DNS Zone Transfer Protocol (AXFR) |
| 6147 | DNS Extensions for Network Address Translation from IPv6 Clients to IPv4 Servers |
| 6698 | The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA |
| 6844 | DNS Certification Authority Authorization (CAA) Resource Record |
| 6891 | Extension Mechanisms for DNS (EDNS0) |
| 7646 | Definition and Use of DNSSEC Negative Trust Anchors |
| 7671 | The DNS-Based Authentication of Named Entities (DANE) Protocol |
| 7766 | DNS Transport over TCP |
| 7871 | Client Subnet in DNS Queries |
DHCP RFC Compliance
The appliance complies with the following DHCP RFCs:
RFCs for DHCP
| RFC Number | RFC Title |
|---|---|
| 1531 | Dynamic Host Configuration Protocol 1534 Interoperation Between DHCP and BOOTP |
| 1542 | Clarifications and Extensions for the Bootstrap Protocol |
| 2131 | Dynamic Host Configuration Protocol |
| 2132 | DHCP Options and BOOTP Vendor Extensions |
| 3046 | DHCP Relay Agent Information Option |
| 3315 | Dynamic Host Configuration Protocol for IPv6 (DHCPv6) |
| 3925 | Vendor-Identifying Vendor Options for Dynamic Host Configuration Protocol version 4 (DHCPv4) |
| 4388 | Dynamic Host Configuration Protocol (DHCP) Leasequery |
DHCPv6 RFC Compliance
The appliance complies with the following DHCPv6 RFCs:
RFCs for DHCPv6
| RFC Number | RFC Title |
|---|---|
| 4075 | Simple Network Time Protocol (SNTP) Configuration Option for DHCPv6 |
| 3898 | Network Information Service (NIS) Configuration Options for Dynamic Host Configuration Protocol for IPv6 (DHCPv6) |
| 3736 | Stateless Dynamic Host Configuration Protocol (DHCP) Service for IPv6 |
| 3646 | DNS Configuration options for Dynamic Host Configuration Protocol for IPv6 (DHCPv6) |
| 3633 | IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6 |
| 3319 | Dynamic Host Configuration Protocol (DHCPv6) Options for Session Initiation Protocol (SIP) Servers |
IDN (Internationalized Domain Names) RFC Compliance
The appliance complies with the following IDN RFCs:
RFCs for IDN
| RFC Number | RFC Title |
|---|---|
| 3492 | Punycode: A Bootstring encoding of Unicode for Internationalized Domain Names in Applications (IDNA) |
| 5890 | Internationalized Domain Names for Applications (IDNA): Definitions and Document Framework |
| 5891 | Internationalized Domain Names for Applications (IDNA): Background, Explanation, and Rationale |
| 5892 | The Unicode code points and IDNA |
| 5893 | Right-to-left scripts for IDNA |
| 5894 | Internationalized Domain Names in Applications (IDNA): Protocol |
| 5895 | Mapping Characters in IDNA2008 |
| 6452 | The Unicode Code Points and Internationalized Domain Names for Applications (IDNA) - Unicode 6.0 |