U.S. Government / U.S. Department of Defense (DoD) / NATO

The U.S. DoD is continuously implementing new methods to ensure information security (INFOSEC). The Defense Information Systems Agency (DISA) releases Security Technical Implementation Guides (STIG) and Security Recommendations Guides (SRG) to assist with the protection and defense of the systems that support military readiness and operations. Command Cyber Readiness Inspections (CCRI) are performed to assess defensive posture as it relates to STIGs best practices. 

Automated Network Compliance for DISA STIGs (ANCDS) automates the tedious manual process of determining if your network devices are configured in accordance with the appropriate DISA STIGs. ANCDS uses interactive workflows to guide you through automating the remediation process which further reduces the level of effort to maintain your Risk Management Framework (RMF) security controls and posture.

We currently support 1,100+ automated individual checks per device and we are adding more every day. ANCDS supports DoD’s Comply-to-Connect (C2C) and Information Security Continuous Monitoring (ISCM) initiatives.

Solution Features

  • Risk scoring for software and configuration vulnerabilities using NIST and DISA classification standards

  • Analysis and reporting of out-of-support device operating systems, chassis hardware and hardware modules

  • DISA STIG/SRG configuration vulnerabilities analysis and reporting

  • Automated remediation of DISA STIG/SRG configuration vulnerabilities

  • Ad-hoc audits to address out-of-cycle or zero-day software vulnerabilities reporting

  • No sampling; all devices and interfaces are inspected ensuring thorough compliance

  • On-site support included in the cost of the subscription

  • 100% on-premises - no information leaves your site

Platform Certifications


  • Army Certificate of Networthiness (CoN)

  • FIPS Compliant

Supported DISA SRGs & STIGs*

  • Firewall STIG v8 Release 25 for Cisco ASA

  • Firewall SRG v1 Revision 3 for Cisco ASA

  • Network WLAN STIG v6 Release 15 for Cisco WLC

  • Network Infrastructure Policy STIG v9 Release 8

  • Network L2 Switch STIG v8 Release 27 for Cisco IOS & IOS-XE

  • Network L2 Switch STIG v8 Release 27 for Cisco Nexus & MDS

  • Network Infrastructure Router L3 Switch STIG v8 Release 29 for Cisco IOS & IOS-XE

  • Network Perimeter Router L3 Switch STIG v8 Release 32 for Cisco IOS & IOS-XE

  • Cisco IOS XE NDM STIG v1 Release 5

  • Cisco IOS XE RTR STIG v1 Release 3

* Audit names are based on DISA’s naming convention

Trusted to secure the networks of the U.S. defense community

Squirrel’s Automated Network Compliance for DISA STIGs (ANCDS) is used by the U.S. Department of Defense to provide continuous vulnerability monitoring and remediation of its network infrastructure environment. References are available upon request.



519190 | 541310 | 541330 | 541511 | 541512 | 541513 | 541519 | 541690 | 611420 | 511210