[BESAdmin-Announcements] BigFix Compliance: Updated DISA STIG Checklist for Solaris 10 published 2019-12-08
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Thu Dec 12 12:23:55 PST 2019
Product:
BigFix Compliance
Title:
Updated DISA STIG Checklist for Solaris 10 with a few bugfixes
Security Benchmark:
Solaris 10 Manual STIG Version 1, Release 23
Published Sites:
DISA STIG Checklist for Solaris 10 RG03, site version 13
(The site version is provided for air-gap customers.)
Release Notes:
* GEN000380 - Now looks at correct field for GID.
* GEN000452 - Check for PrintLastLog no for noncompliance and allow default of yes for compliance.
* GEN000585 - Bypass locked accounts.
* GEN001160 - Allow accounts starting with a number.
* GEN001475 - Properly look for password hashes.
* GEN002640 - Properly check locked accounts.
* GEN002700 - Properly checks directory permissions.
* GEN003060 - Allow root in the file.
* GEN003320 - Allow root in the file.
* GEN003502 - Look at process core directory instead of using the file pattern as the directory.
* GEN003503 - look at process core directory instead of using the file pattern as the directory.
* GEN003504 - Look at process core directory instead of using the file pattern as the directory.
* GEN003505 - Look at process core directory instead of using the file pattern as the directory.
* GEN003620 - Added tab as whitespace separator.
* GEN003624 - Added tab as whitespace separator.
* GEN004560 - Space or no space is now allowed after equals sign.
* GEN003060 - Now ignores root account
* GEN003540 - Allow set keyword
* GEN003640 - Properly check for logging of root filesystems
* Fixed missing site level site relevance
Details:
* Both analysis and remediation checks are included
* Some of the checks allow you to use the parameterized setting to enable customization for compliance evaluation. Note that parameterization and remediation actions require the creation of a custom site.
Actions to take:
* To subscribe to the above site, you can use the License Overview Dashboard to enable and gather the site. Note that you must be entitled to the BigFix Compliance product and you must be using BigFix version 9.2 and later.
* If you use custom sites, update your custom sites accordingly to use the latest content. You can synchronize your content by using the Synchronize Custom Checks wizard. For more information, see https://ibm.biz/Bd4LBt.
More information:
To know more about the BigFix Compliance SCM checklists, please see the following resources:
* Developer Works:
https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/SCM%20Checklists
* BigFix Forum:
https://forum.bigfix.com/c/release-announcements/compliance
We hope you find this latest release of SCM content useful and effective. Thank you!
-- The BigFix Compliance team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20191212/1e507090/attachment.html>
More information about the Besadmin-announcements
mailing list