[BESAdmin-Announcements] IBM BigFix Compliance PCI Add-on: Updated PCI DSS Checklists for RHEL 5, RHEL 6, CentOS 6, AIX 7, and IIS 7 published 2017-01-31
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Tue Jan 31 21:58:16 PST 2017
Product:
IBM BigFix Compliance PCI Add-on
Title:
Updated PCI DSS Checklists for RHEL 5, RHEL 6, CentOS 6, AIX 7, and IIS 7
with environment task verification and other enhancements
Category:
Updated PCI DSS checklist
Published Benchmark:
Payment Card Industry Data Security Standard v3.2
Details:
Several enhancements to improve accuracy and relevancy of the checks were
made to the following checklists:
PCI DSS Checklists for AIX 7, IIS 7, and RHEL 5 Updates
A new check “Verify that Environment Setup Task is executed for current
site” is added to help ensure the correctness of the compliance data in
the reports used by the Compliance Manager.
PCI DSS Checklist for RHEL 6 and CentOS 6 Updates
A new check “Verify that Environment Setup Task is executed for current
site” is added to help ensure the correctness of the compliance data in
the reports used by the Compliance Manager.
The Applicability Fixlet called “Applicability Fixlet - PCI-DSS - RHEL 6"
is updated to limit the scope to RHEL 6 systems only.
A new Applicability Fixlet called “Applicability Fixlet for RHEL 6, CentOS
6” is added for both RHEL 6 and CentOS 6 systems. This Fixlet excludes the
"Verify that "rhnsd" daemon is disabled" check (pcidss-2.2.d_13.9), which
is not applicable to CentOS 6 systems.
Published Site:
PCI DSS Checklist for AIX 7, version 4
PCI DSS Checklist for MS IIS, version 7
PCI DSS Checklist for RHEL 5, version 6
PCI DSS Checklist for RHEL 6, version 7
NOTE: The PCI DSS Checklist for RHEL 6 site contains checks for both RHEL
6 and CentOS 6. It is listed as PCI DSS Checklist for RHEL 6, CentOS 6 in
the License Overview dashboard. The site display name might not be
correctly reflected once the site is enabled. However, this does not
affect the support coverage of the site.
*The site version is provided for air-gap customers.
Actions to Take:
If you have already enabled the updated PCI DSS Checklist for RHEL 6 site,
gather the site changes and extend the site’s computer subscription to
CentOS systems.
If you have not enabled the updated site, enable it from the License
Overview dashboard. Note that it is listed as PCI DSS Checklist for RHEL
6, CentOS 6 in the dashboard.
If you use custom sites, update your custom sites accordingly to use the
latest content. You can synchronize your content by using the Synchronize
Custom Checks wizard. For more information, see https://ibm.biz/Bd4LBt.
More information:
To know more information about the IBM BigFix Compliance PCI DSS
checklists, see:
IBM BigFix Compliance PCI Add-on User's Guide in Knowledge Center:
https://ibm.biz/BdrWCq
IBM BigFix Wiki: https://ibm.biz/BdrBtk
Release Announcements in the IBM BigFix Forum: https://ibm.biz/Bdsspw
We hope you find this latest release of PCI DSS content useful and
effective.
Thank you!
-- The IBM BigFix Compliance PCI Add-on team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20170201/23770f3c/attachment.html>
More information about the Besadmin-announcements
mailing list