[BESAdmin-Announcements] NEW Security Configuration Management (SCM) Content Sites for SUSE 10

Announcements for BES Administrators besadmin-announcements at bigmail.bigfix.com
Thu Sep 8 20:12:07 PDT 2011 

IBM is pleased to announce the availability of NEW Security Configuration
Management (SCM) Content Sites for SUSE 10.

Each of these content sites contain security configuration checks that
evaluate and, if desired, remediate the security settings of your endpoints
according to the US Department of Defense DISA STIGs, which "contain
technical guidance to 'lock down' information systems/software that might
otherwise be vulnerable to a malicious computer attack" (
http://iase.disa.mil/stigs/). As with most of the existing SCM content in
the Tivoli Endpoint Manager for Security and Compliance library, most
checks include a corresponding analysis property to report actual values
(not just pass/fail), and many checks have a parameterized setting enabling
simple customization for compliance evaluation and remediation. Aggregate
and drill down historical compliance reports for this content are accessed
through the TEM Security and Compliance Analytics module.

---- AFFECTED SITES ----
The following content sites are new:

DISA STIG Checklist for SUSE 10 - site version 1 - this site is recommended
if you are using Tivoli Endpoint Manager 8.1 or above. The fixlets in this
site use the updated model for in-line parameterization settings.
SCM Checklist for DISA STIG on SUSE 10 - site version 1 - this site is
recommended if you are using Tivoli Endpoint Manager 7.x. The fixlets in
this site use the legacy model for setting scripted parameters.


---- ACTIONS TO TAKE ----
All customers that currently license the Tivoli Endpoint Manager for
Security & Compliance product, the BigFix SCMv3 solution module, the BigFix
SCVM solution pack, or the BigFix SLM+SCVM solution bundle are entitled to
the new content. If you are using BES 8.0 or Tivoli Endpoint Manager 8.1
and you are entitled to the new content, you may use the License Overview
dashboard to enable and gather the sites. If you are using an earlier
version of BigFix, you may contact IBM Licensing for the site mastheads.


---- PRE-REQUISITES AND ADDITIONAL INSTRUCTIONS ----
- DISA STIG Checklist for SUSE 10 - Minimum version of the Tivoli Endpoint
Manager client on all endpoints to run the new content: 8.1.551.0.
- SCM Checklist for DISA STIG on SUSE 10 - Minimum version of the BigFix or
TEM client on all endpoints to run the new content: 7.x

- Ensure you have enabled the SCM Reporting content site.

- Do not subscribe computers to the external sites. Instead, content should
be copied to a custom site using the "Create Custom Checklist Wizard".

- Once the content is copied to the custom site:
   -- Remove any undesired checks and analyses.
   -- Deactivate all analyses except those for which you desire measured
values reports. This will reduce the amount of time that the client
       takes to complete a full evaluation cycle and will also reduce
unnecessary network traffic between the endpoints, relays and server.
   -- Set the computer subscriptions for the site, taking care to use
appropriate selection criteria for the particular site.

 - To deploy:
   -- Use the "Configure Filesystem Scan Options" fixlet to control which
file systems and directories are included and excluded in a given scan.
       Note that on older and larger systems a scan can take significant
time to complete, so care should be taken to only include what you
       need for your security policy.
   -- Optionally change the current values by using the check
parameterization forms available on the Description tab of applicable
fixlets.
   -- Execute the "Deploy and Run Security Checklist" task. This task
enacts your parameter changes and executes a scan of the targeted
      endpoints using the current parameters contained in each fixlet and
the settings defined in the "Configure Filesystem Scan Options" fixlet.

       Once this task has completed, and the client has completed its
evaluation loop, compliance results will be visible in the TEM console and
       Security and Compliance Analytics will reflect the latest pass/fail
state, desired values, and measured values upon the next import.


Please contact IBM Tivoli Endpoint Manager Technical Support if you have
any questions regarding this update. We hope you find this latest release
of SCM content useful and effective.

Thank you!
  -- The Tivoli Endpoint Manager for Security & Compliance product team

More information about the Besadmin-announcements mailing list