Two STIGs are packaged together to ensure both the network backplane and the WAN optimization functions are secured. The SteelHead 8.6 NDM STIG contains requirements which address the management and backplane functions of RiOS. RiOS is installed on all of the Riverbed SteelHead products. While the SteelHead v8.6 Network Device Management (NDM) STIG can be used to secure the management functions of all SteelHead products that use RiOS 8.x.x, the scope of the application layer gateway (ALG) STIG includes only SteelHead CX implementations.

For assessments using the SteelHead virtual appliance, an assessment of the host using the applicable operating system STIG (for example, Windows or Linux) must be performed. Also, an assessment of applications cohosted on the host is also required.