Hey,
I’m want to hardening BigFix server 2016 according CIS Benchmark.
Is anyone here tried it?
There is impact? or some hardening clauses that can be a problem?
I’m talking about --> This benchmark
Thanks
Hey,
I’m want to hardening BigFix server 2016 according CIS Benchmark.
Is anyone here tried it?
There is impact? or some hardening clauses that can be a problem?
I’m talking about --> This benchmark
Thanks
Bigfix does provide CIS Checklists that you can subscribe to.
Hey,
Thank you for the response.
I’m not ask about the checklist. I was asked about if there any issue to apply CIS on BigFix server.
Bigfix does provide CIS Checklists that you can subscribe to.
How can I apply it?
On you console go to Bigfix Management -> License overview. Check if you can see CIS checklists in your license. You can subscribe from there and then assign computers.
You need Bigfix Compliance deployed as well.
That’s actually reminds me - wouldn’t it be neat if there was an actual “BigFix Security Checklists” that actually checks whether recommended security settings on both clients/relays/root server/copliance server/BFI server/plugin server/webui server/etc are being checked against “recommended” security configurations? Stuff like:
All-in-all, how secure are BigFix products themselves… As a tool of such power and ability to track compliance for everything else, the fact that there is no easy way to keep track of its internal one, especially with the amount of new functionality/security settings/etc (several “warning fixlets” from a lot of years ago do not seem enough to me).
absolutely and not have the feature tied to anything but initial license for bigfix server.
Please submit as an enhancement request / idea, i am sure a number of us would vote for it