[BESAdmin-Announcements] *UPDATE* New DISA Windows & DISA UNIX Release - Mar 15, 2012

[Announcements for BES Administrators]

IBM Tivoli Endpoint Manager for Security and Compliance 
Security Configuration Management (SCM)

The Security and Compliance team at IBM has modified the content within 
the DISA Checklists for both Windows and UNIX Operating Systems.

Each of these content sites contain security configuration checks that 
evaluate and, if desired, remediate the security settings of your 
endpoints according the US Department of Defense DISA STIGs, which 
"contain technical guidance to 'lock down' information systems/software 
that might otherwise be vulnerable to a malicious computer attack" (
http://iase.disa.mil/stigs/). 

As with most of the existing SCM content in the Tivoli Endpoint Manager 
for Security and Compliance library, most checks include a corresponding 
analysis property to report actual values (not just pass/fail), and many 
checks have a parameterized setting enabling simple customization for 
compliance evaluation and remediation.



Windows:

This update from IBM is based on DISA's guidance as of Jan 10, 2012 (and 
released to the public on January 27, 2012).

DISA STIG Checklist for Windows 2003 DC ------- site version 2
DISA STIG Checklist for Windows 2003 MS ------- site version 2
DISA STIG Checklist for Windows 2008 DC ------- site version 2
DISA STIG Checklist for Windows 2008 MS ------- site version 2
DISA STIG Checklist for Windows 2008 R2 DC --- site version 2 *new 
checklist
DISA STIG Checklist for Windows 2008 R2 MS --- site version 2 *new 
checklist
DISA STIG Checklist for Windows XP --------------- site version 2
DISA STIG Checklist for Windows Vista ------------ site version 2
DISA STIG Checklist for Windows 7 ----------------- site version 2

Also updated to support the new sites:
BES Support ---------------------------------------------- site version 
870
SCM Reporting ------------------------------------------ site version 35



UNIX:

An enhancement as been added to the DISA UNIX Content: The DISA 
Vulnerability ID (disa_vulid) has been added to the 
MIME_X-Fixlet-scm-metadata field for all sites below.

Self-Parameterizing Sites:
1.    DISA STIG Checklist for AIX 5.1 --------- now site version 11
2.    DISA STIG Checklist for AIX 5.2 --------- now site version 10
3.    DISA STIG Checklist for AIX 5.3 --------- now site version 10
4.    DISA STIG Checklist for AIX 6.1 --------- now site version 10
5.    DISA STIG Checklist for HPUX 11.00 --- now site version 10
6.    DISA STIG Checklist for HPUX 11.11 --- now site version 10
7.    DISA STIG Checklist for HPUX 11.23 --- now site version 10
8.    DISA STIG Checklist for RHEL 3 --------- now site version 10
9.    DISA STIG Checklist for RHEL 4 --------- now site version 10
0.    DISA STIG Checklist for RHEL 5 --------- now site version 10
11.   DISA STIG Checklist for Solaris 8 ------- now site version 11
12.   DISA STIG Checklist for Solaris 9 ------- now site version 10
13.   DISA STIG Checklist for Solaris 10 ------ now site version 10
14.   DISA STIG Checklist for SUSE 9 ---------- now site version 5
15.   DISA STIG Checklist for SUSE 10 -------- now site version 7
16.   DISA STIG Checklist for SUSE 11 -------- now site version 5 

Legacy Sites:
17.   SCM Checklist DISA STIG on AIX 5.1 -------- now site version 24
18.   SCM Checklist DISA STIG on AIX 5.2 -------- now site version 22
19.   SCM Checklist DISA STIG on AIX 5.3 -------- now site version 24
20.   SCM Checklist DISA STIG on AIX 6.1 -------- now site version 20 
21.   SCM Checklist DISA STIG on HP-UX 11.00 - now site version 22
22.   SCM Checklist DISA STIG on HP-UX 11.11 - now site version 20
23.   SCM Checklist DISA STIG on HP-UX 11.23 - now site version 20
24.   SCM Checklist DISA STIG on RedHat 3 ----- now site version 20
25.   SCM Checklist DISA STIG on RedHat 4 ----- now site version 20
26.   SCM Checklist DISA STIG on RedHat 5 ----- now site version 18
27.   SCM Checklist DISA STIG on Solaris 8 ------ now site version 20
28.   SCM Checklist DISA STIG on Solaris 9 ------ now site version 20
29.   SCM Checklist DISA STIG on Solaris 10 ---- now site version 26
30.   SCM Checklist DISA STIG on SUSE 9 -------- now site version 5
31.   SCM Checklist DISA STIG on SUSE 10 ------ now site version 7
32.   SCM Checklist DISA STIG on SUSE 11 ------ now site version 5 


For a complete list of SCM Checklists included in the product, please see: 
http://ibmurl.hursley.ibm.com/2DD2

Please contact IBM Tivoli Endpoint Manager Technical Support if you have 
any questions regarding this update.

We hope you find this latest release of SCM content useful and effective. 
Thank you!

  -- The Tivoli Endpoint Manager for Security and Compliance product team


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20120315/b295afdc/attachment.html