<font size=2 face="sans-serif">Dear BESAdmin Community,</font>
<br>
<br>
<br><font size=2 face="sans-serif"><b><u>**NEW Release**<br>
</u></b></font>
<br><font size=2 face="sans-serif">IBM is pleased to announce the availability
of the new security configuration management checklists for Tivoli Endpoint
Manager for Security and Compliance. The new checklists, based on guidance
provided by NIST through the United States Government Configuration Baseline
(USGCB), is:</font>
<br>
<br><font size=2 face="sans-serif"><b>- USGCB Checklist for Windows 7</b></font>
<br>
<br><font size=2 face="sans-serif">This content site provides specific
OS checks in addition to the previously released USGCB checklists for:</font>
<br>
<br><font size=2 face="sans-serif">- USGCB Checklist for Internet Explorer
8</font>
<br><font size=2 face="sans-serif">- USGCB Checklist for Windows 7 Energy</font>
<br><font size=2 face="sans-serif">- USGCB Checklist for Windows 7 Firewall</font>
<br><font size=2 face="sans-serif"> </font>
<br><font size=2 face="sans-serif">This content contains security configuration
checks that evaluate and, if desired, remediate the security settings of
your endpoints according the USGCB configuration baselines designed "to
improve and maintain effective configuration settings focusing primarily
on security" (</font><a href=http://usgcb.nist.gov/><font size=2 face="sans-serif">http://usgcb.nist.gov/</font></a><font size=2 face="sans-serif">).
As with most of the existing SCM content in the Tivoli Endpoint Manager
for Security and Compliance library, most checks include a corresponding
analysis property to report actual values (not just pass/fail), and most
checks have a parameterized setting enabling simple customization for compliance
evaluation and remediation.</font>
<br>
<br><font size=2 face="sans-serif">In addition to the new sites, the following
existing sites have been updated to be compatible with the new content:</font>
<br><font size=2 face="sans-serif">- BES Support</font>
<br>
<br><font size=2 face="sans-serif">ACTIONS TO TAKE</font>
<br><font size=2 face="sans-serif">All customers that currently license
the Tivoli Endpoint Manager for Security and Compliance product, the BigFix
SCMv3 solution module, the BigFix SCVM solution pack, or the BigFix SLM+SCVM
solution bundle are entitled to the new content. If you are using BES 8.0
or Tivoli Endpoint Manager 8.1 and you are entitled to the new content,
you may use the License Overview dashboard to enable and gather the sites.
If you are running BES 7.x and you are currently licensed for Tivoli Endpoint
Manager for Security and Compliance, BigFix SCVM, BigFix SLM+SCVM, or BigFix
SCM v3, please contact ibmtemlicensing@lotus.com for access to the new
mastheads.</font>
<br>
<br><font size=2 face="sans-serif"><b><u>**PATCH Release**</u></b></font>
<br>
<br><font size=2 face="sans-serif">The Security and Compliance team at
IBM has modified the content within the UNIX System checklists to enable
parameterization for GEN000540a in the RHEL Sites:<br>
</font>
<br><font size=2 face="sans-serif">- DISA STIG Checklist for RHEL 3</font>
<br><font size=2 face="sans-serif">- DISA STIG Checklist for RHEL 4</font>
<br><font size=2 face="sans-serif">- DISA STIG Checklist for RHEL 5</font>
<br><font size=2 face="sans-serif">- SCM Checklist DISA STIG on Redhat
3</font>
<br><font size=2 face="sans-serif">- SCM Checklist DISA STIG on Redhat
4</font>
<br><font size=2 face="sans-serif">- SCM Checklist DISA STIG on Redhat
5</font>
<br>
<br>
<br>
<br><font size=2 face="sans-serif">BigFix has modified the content within
the FDCC Security Configuration Management checklist sites. </font>
<br>
<br><font size=2 face="sans-serif"><b>SCM Checklist for FDCC on Windows
XP</b></font>
<br><font size=2 face="sans-serif"> * ID: 9000
Security Patches Up-To-Date – Updated to reflect the SCAP-expressed
data stream updated by NIST on 7.5.2011.</font>
<br>
<br><font size=2 face="sans-serif"><b>SCM Checklist for FDCC on Internet
Explorer 7</b></font>
<br><font size=2 face="sans-serif">* ID: 9000
Security Patches Up-to-Date – Updated to reflect the SCAP-expressed
data stream updated by NIST on 7.5.2011.</font>
<br><font size=2 face="sans-serif"> </font>
<br><font size=2 face="sans-serif"><b>SCM Checklist for FDCC on Windows
Vista</b></font>
<br><font size=2 face="sans-serif">* ID: 9000
Security Patches Up-to-Date – Updated to reflect the SCAP-expressed
data stream updated by NIST on 7.5.2011.</font>
<br>
<br><font size=2 face="sans-serif">Although unlikely that baselines are
being used with Security Configuration Management content BES administrators
are encouraged to verify open actions and synchronize baselines that contain
the modified content. Instructions for synchronizing baselines can
be found here: </font><a href="http://support.bigfix.com/cgi-bin/kbdirect.pl?id=401"><font size=2 face="sans-serif">http://support.bigfix.com/cgi-bin/kbdirect.pl?id=401</font></a><font size=2 face="sans-serif">.
Please contact BigFix Technical Support if you have any questions
regarding this change.</font>
<br>
<br>
<br>
<br><font size=2 face="sans-serif">We hope you find this latest release
of SCM content useful and effective. Thank you!</font>
<br>
<br><font size=2 face="sans-serif"> -- The Tivoli Endpoint Manager
for Security and Compliance product team</font>
<br>
<br>
<br>
<br>
<br>