DISA STIG for MS SQL Server

system · December 3, 2009, 7:17pm

Hi all - apologies if these are basic questions - I couldn’t find easy answers in the docs or on this forum.

I’m looking to compare a ‘vanilla’ build of a server with MS SQL installed to our standard internal build of such servers, and then to see what remaining vulnerabilities exist in our standard internal build. So, two questions:

Is there a simple way to compare one machine to another? Perhaps setting one machine as a baseline and then measuring the other machine against that?

I’ve found the DISA STIG checklist for MS SQL Server 2005 here: http://iase.disa.mil/stigs/checklist/unclassified_db_srrchklst_sqlserver_v8r1.3.pdf but can’t find a corresponding masthead - can anyone advise on what I can do to evaluate this checklist, if anything?

Any help much appreciated.

BenKus · September 18, 2011, 2:39am

(imported comment written by BenKus)

Hi im,

You can open one computer in the console, then click the button in the top-right to pop it out to a separate window and then compare side by side with another computer.
If you dont already have the site available to “enable” in the BigFix Management domain > License Overview, then you should contact your salesperson to get info on how to evaluate the Security Configuration Manager offering.

Ben

system · September 19, 2011, 9:06pm

(imported comment written by SystemAdmin)

Regarding question #2, the list of Security Configuration Management sites we provide is here:

https://www.ibm.com/developerworks/mydeveloperworks/wikis/home?lang=en#/wiki/Tivoli%20Endpoint%20Manager/page/SCM%20Checklists

We don’t currently have TEM content for the SQL checklist.

– Jeff