[BESAdmin-Announcements] IBM BigFix Compliance PCI Add-on: Updated PCI DSS Checklist for Solaris 11 published 2017-05-30
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Tue May 30 03:13:33 PDT 2017
Product:
IBM BigFix Compliance PCI Add-on
Title:
Updated PCI DSS Checklist for Solaris 11 site for various enhancements
Category:
Updated PCI DSS checklist
Published Benchmark:
Payment Card Industry Data Security Standard v3.2
Details:
The IBM BigFix Compliance PCI Add-on team has updated the PCI DSS
Checklist for Solaris 11 for the following enhancements:
* Improved accuracy and correctness of the manual remediation steps for
the following checks:
- Verify that "Ignore ICMP Redirect Messages" is set to enabled
(pcidss-1.4.b.1)
- Verify that "Strict Multihoming" is set to enabled (pcidss-1.4.b.2)
- Verify that "ICMP Redirect Messages" is set to disabled (pcidss-1.4.b.3)
- Verify that "Stack Protection" is enabled (pcidss-2.2.4.c.2)
- Verify that password expiration parameters on active accounts is
configured (pcidss-8.2.4.a)
* Improved relevancy to enable correct compliance reporting for the
following checks:
- Verify that home directories defined in /etc/passwd exists
(pcidss-2.2.2.a.12)
- Verify that "SSH MaxAuthTries" is set to 4 or less (pcidss-2.2.4.c.5)
* Corrected the action that automatically remediates a noncompliant
setting for the Fixlet "Verify that warning banner is set for SSH service"
(pcidss-6.5.5.2).
Published Sites:
PCI DSS Checklist for Solaris 11 site, version 2
*The site version is provided for air-gap customers
Actions to Take:
If you use custom sites, update your custom sites accordingly to use the
latest content. You can synchronize your content by using the Synchronize
Custom Checks wizard. For more information, see https://ibm.biz/Bd4LBt.
More information:
To know more information about the IBM BigFix Compliance PCI DSS
checklists, see:
* IBM BigFix Compliance PCI Add-on User's Guide in Knowledge Center:
https://ibm.biz/BdrWCq
* IBM BigFix Wiki: https://ibm.biz/BdrBtk
* Release Announcements in the IBM BigFix Forum: https://ibm.biz/Bdsspw
We hope you find this latest release of PCI DSS content useful and
effective.
Thank you!
-- The IBM BigFix Compliance PCI Add-on team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20170530/5c0738c4/attachment.html>
More information about the Besadmin-announcements
mailing list