Product :
BigFix Compliance
Title :
New CIS Checklist for Windows 2025.
Security Benchmark:
CIS Microsoft Windows Server 2025 Benchmark, V1.0.0
Published Sites:
CIS Checklist for Windows 2025 DC, site version 1.
CIS Checklist for Windows 2025 MS, site version 1.
(The site version is provided for air-gap customers.)
Details:
‘Deploy and Run’ task has been implemented to validate compliance for the following rules:
(L1) Ensure ‘Network access: Allow anonymous SID/Name translation’ is set to ‘Disabled’
(L1) Ensure ‘Password must meet complexity requirements’ is set to ‘Enabled’
(L1) Ensure ‘Store passwords using reversible encryption’ is set to ‘Disabled’
Note: This task has to be run periodically.
Both analysis and remediation checks are included
Some of the checks allow you to use the parameterized setting to enable customization for compliance evaluation. Note that parameterization and remediation actions require the creation of a custom site.
Actions to take:
To subscribe to the above site, you can use the License Overview Dashboard to enable and gather the site. Note that you must be entitled to the BigFix Compliance product, and you must be using BigFix version 11.0.3 and later.
If you use custom sites, update your custom sites accordingly to use the latest content. You can synchronize your content by using the Synchronize Custom Checks wizard. For more information, see Using the Synchronize Custom Checks wizard
More information:
To know more about the BigFix Compliance SCM checklists, please see the following resources:
BigFix Forum:
BigFix Compliance SCM Checklists:
Welcome to Wikis
We hope you find this latest release of SCM content useful and effective. Thank you!
– The BigFix Compliance team.