[BESAdmin-Announcements] NEW USGCB Win7 Tivoli Endpoint Manager security compliance content available! + DISA UNIX & FDCC Windows Patch Release
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Wed Jul 13 17:39:19 PDT 2011
Dear BESAdmin Community,
**NEW Release**
IBM is pleased to announce the availability of the new security
configuration management checklists for Tivoli Endpoint Manager for
Security and Compliance. The new checklists, based on guidance provided by
NIST through the United States Government Configuration Baseline (USGCB),
is:
- USGCB Checklist for Windows 7
This content site provides specific OS checks in addition to the
previously released USGCB checklists for:
- USGCB Checklist for Internet Explorer 8
- USGCB Checklist for Windows 7 Energy
- USGCB Checklist for Windows 7 Firewall
This content contains security configuration checks that evaluate and, if
desired, remediate the security settings of your endpoints according the
USGCB configuration baselines designed "to improve and maintain effective
configuration settings focusing primarily on security" (
http://usgcb.nist.gov/). As with most of the existing SCM content in the
Tivoli Endpoint Manager for Security and Compliance library, most checks
include a corresponding analysis property to report actual values (not
just pass/fail), and most checks have a parameterized setting enabling
simple customization for compliance evaluation and remediation.
In addition to the new sites, the following existing sites have been
updated to be compatible with the new content:
- BES Support
ACTIONS TO TAKE
All customers that currently license the Tivoli Endpoint Manager for
Security and Compliance product, the BigFix SCMv3 solution module, the
BigFix SCVM solution pack, or the BigFix SLM+SCVM solution bundle are
entitled to the new content. If you are using BES 8.0 or Tivoli Endpoint
Manager 8.1 and you are entitled to the new content, you may use the
License Overview dashboard to enable and gather the sites. If you are
running BES 7.x and you are currently licensed for Tivoli Endpoint Manager
for Security and Compliance, BigFix SCVM, BigFix SLM+SCVM, or BigFix SCM
v3, please contact ibmtemlicensing at lotus.com for access to the new
mastheads.
**PATCH Release**
The Security and Compliance team at IBM has modified the content within
the UNIX System checklists to enable parameterization for GEN000540a in
the RHEL Sites:
- DISA STIG Checklist for RHEL 3
- DISA STIG Checklist for RHEL 4
- DISA STIG Checklist for RHEL 5
- SCM Checklist DISA STIG on Redhat 3
- SCM Checklist DISA STIG on Redhat 4
- SCM Checklist DISA STIG on Redhat 5
BigFix has modified the content within the FDCC Security Configuration
Management checklist sites.
SCM Checklist for FDCC on Windows XP
* ID: 9000 Security Patches Up-To-Date – Updated to reflect the
SCAP-expressed data stream updated by NIST on 7.5.2011.
SCM Checklist for FDCC on Internet Explorer 7
* ID: 9000 Security Patches Up-to-Date – Updated to reflect the
SCAP-expressed data stream updated by NIST on 7.5.2011.
SCM Checklist for FDCC on Windows Vista
* ID: 9000 Security Patches Up-to-Date – Updated to reflect the
SCAP-expressed data stream updated by NIST on 7.5.2011.
Although unlikely that baselines are being used with Security
Configuration Management content BES administrators are encouraged to
verify open actions and synchronize baselines that contain the modified
content. Instructions for synchronizing baselines can be found here:
http://support.bigfix.com/cgi-bin/kbdirect.pl?id=401. Please contact
BigFix Technical Support if you have any questions regarding this change.
We hope you find this latest release of SCM content useful and effective.
Thank you!
-- The Tivoli Endpoint Manager for Security and Compliance product team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20110713/e3650b04/attachment.htm
More information about the Besadmin-announcements
mailing list