[BESAdmin-Announcements] IBM BigFix Compliance PCI Add-on: Updated Content: PCI DSS Checklist for RHEL 7 (v4) published 2016-06-29

Announcements for BES Administrators besadmin-announcements at bigmail.bigfix.com
Wed Jun 29 09:53:41 PDT 2016

IBM BigFix Compliance PCI Add-on


Updated Security Configuration Management (SCM) PCI DSS Checklist for RHEL


Updated SCM checklist

Published Benchmark:

Payment Card Industry Data Security Standard v3.1


The IBM BigFix Compliance PCI Add-on team has updated the content for the
Payment Card Industry Data Security Standard (PCI DSS) checklist for RHEL 7
to support remediation and provide other enhancements. Details are as

      Remediation is supported for the PCI DSS Checklist for RHEL 7 site.
      This feature allows console operators to resolve a vulnerability
      issue with a single action.
      The measured values for each RHEL 7 check, which can be viewed in the
      BigFix console, analyses, and SCA reports are formatted for enhanced
      readability. The results now clearly present the desired system
      configuration setting, as specified by a check, against the actual
      setting on the endpoint.
      The checks named “Verify that the "xfs" service is Disabled”
      (pcidss-2.2.2.a.30.6) and “Verify User/group owner and permissions
      are set on /etc/anacrontab” (pcidss- are removed from the
      checklist because they are not applicable.
      The check named “Create and Set Permissions on rsyslog Log Files”
      (pcidss- is a duplicate of another check and is removed
      from the checklist.

Published Site:
PCI DSS Checklist for RHEL 7, version 4
*The site version is provided for air-gap customers.

Actions to Take:

      If you use custom sites, update your custom sites accordingly to use
      the latest content. You can synchronize your content by using the
      Synchronize Custom Checks wizard. For more information, see
      If you have not subscribed to the site above, you can use the License
      Overview dashboard to enable and gather the sites. Note that you must
      be entitled to the new content and you are using IBM BigFix version
      9.0 and later.
      If you were involved in the Early Access Program for IBM BigFix
      Compliance PCI Add-on, unsubscribe from the beta sites to avoid any
      conflicting issues with the production sites. If you do not
      unsubscribe from the beta sites, the content in the production sites
      will fail.

More information:
To know more about IBM BigFix Compliance PCI Add-on, see the IBM BigFix
Compliance PCI Add-on User's Guide in the BigFix developerWorks wiki:

To know more information about the IBM BigFix Compliance SCM checklists,

IBM Developer Works: https://ibm.biz/BdFiGQ

SCM Checklist Deployment: https://ibm.biz/BdrBtU

IBM Blog for Checklist Release Announcement: https://ibm.biz/BdrBt5

Bigfix forums: https://forum.bigfix.com/

We hope you find this latest release of SCM content useful and effective.
Thank you!

 -- The IBM BigFix Compliance PCI Add-on team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20160629/3365b446/attachment.html>

More information about the Besadmin-announcements mailing list