[BESAdmin-Announcements] NIS2 Compliance Checklist for RHEL

Announcements for BES Administrators besadmin-announcements at bigmail.bigfix.com
Fri Mar 27 06:00:08 PDT 2026 

Hello BigFix Community,

We are pleased to announce the release of a new compliance checklist
within *BigFix
Compliance*, designed to support the *NIS2 Directive (EU) 2022/2555*.

As organizations across the European Union, and those doing business with
them, prepare for the heightened cybersecurity requirements of NIS2, we are
expanding our library to help you automate and audit technical controls
effectively.
*What is the NIS2 Compliance Checklist?*

The NIS2 Compliance Checklist is a specialized content pack designed to
assess compliance against the technical requirements of *Directive (EU)
2022/2555* for RHEL.

This release consolidates relevant security checks from widely recognized
benchmarks such as CIS and DISA, aligning them directly with the risk
management measures outlined in *Article 21(2).* It enables organizations
to enforce standardized security configurations while auditing their
environments against established European cybersecurity requirements.
*Technical Snapshot*

Here is a quick overview of the coverage provided in this release:

●       *Total Fixlets:* 669

●       *Fixlets with Remediation:* 575

●       *Benchmark Sources:* CIS and DISA

●       *Applies To:* RHEL 7, 8, 9 and 10
*Scope of Coverage*

The NIS2 Directive is broad, covering organizational and technical
measures. This checklist focuses specifically on the *technical controls*
that can be monitored and enforced via BigFix.

We currently support controls across *6 key categories*, mapping directly
to the following articles:

●       *Incident Handling *(Check Count: 195)

○       *(Article 21(2), point (b))* – Monitoring configurations that
facilitate accurate logging and incident detection.

●       *Security in Network and Information Systems Acquisition,
Development, and Maintenance *(Check Count: 257)

○       *(Article 21(2), point (e))* – Ensuring secure configurations and
vulnerability management during system lifecycles.

●       *Cryptography *(Check Count: 30)

○       *(Article 21(2), point (h))* – Verifying encryption settings and
cryptographic protocols.

●       *Access Control *(Check Count: 179)

○       *(Article 21(2), points (i) and (j))* – Auditing user rights,
authentication policies, and privilege management.

●       *Asset Management *(Check Count: 8)

○       *(Article 21(2), point (i))* – Ensuring visibility and control over
hardware and software assets.
*How to Get Started*

The NIS2 Checklist for RHEL is available now. To get started, please
subscribe to the content from the NIS2 Checklist for RHEL external site and
deploy it to your desired endpoints.

To get started:

   1. Enable and gather the NIS2 Checklist for RHEL external site from the
   License Overview Dashboard.
   2. Create a custom site using Create Custom Checks wizard.
   3. Change the default parameters if required.
   4. If you use custom sites, update your custom sites accordingly to use
   the latest content. You can synchronize your content by using the
   Synchronize Custom Checks wizard. For more information, see Using the
   Synchronize Custom Checks wizard
   <https://help.hcltechsw.com/bigfix/11.0/compliance/Compliance/SCM_Users_Guide/c_using_synchronize_custom_checks_wiz.html>
   5. Subscribe all the relevant RHEL (7/8/910) endpoints.
   6. Run the Deploy and Run Task.
   7. Run SCA import to get compliance status reports.


*More information:*
To know more about the BigFix Compliance SCM checklists, please see the
following resources:

● BigFix Forum:
https://forum.bigfix.com/c/release-announcements/compliance

● BigFix Compliance SCM Checklists:
https://bigfix-wiki.hcltechsw.com/wikis/home?lang=en-us#!/wiki/BigFix%20Wiki/page/SCM%20Checklists

We are committed to helping you stay compliant with the latest regulatory
frameworks. If you have questions regarding specific checks or need
assistance with implementation, please feel free to reply to this thread

.
*– The BigFix Compliance team*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20260327/de92a9e8/attachment.html>

More information about the Besadmin-announcements mailing list