IBM BigFix Compliance PCI Add-on
Security Configuration Management (SCM)
The IBM BigFix Compliance team has updated the content for the Payment Card Industry Data Security Standard (PCI DSS) checklist for RHEL 5 to support remediation and provide other enhancements.
Updated Site:
PCI DSS Checklist for RHEL 5, version 3
*The site version is provided for air-gap customers.
Changelist:
- Remediation is supported for the PCI DSS Checklist for RHEL 5 site.
- The measured values for each RHEL 5 check, which can be viewed in the BigFix console, analyses, and SCA reports are formatted for enhanced readability. The results now clearly present the desired system configuration setting, as specified by a check, against the actual setting on the endpoint.
- The check named “Verify that Strong Password Creation Policy is set using appropriate pam module” (pcidss-8.2.3_a.5.9), which verifies password libraries, is added into the RHEL 5 checklist.
- The check named “Verify that log files for syslog exists with correct permissions” (pcidss-7.2.2.3.9) is a duplicate of another check and is removed from the checklist.
Actions to Take:
- If you use custom sites, update your custom sites accordingly to use the latest content. You can synchronize your content by using the Synchronize Custom Checks wizard. For more information, see https://ibm.biz/Bd4LBt.
- If you have not subscribed to the site above, you can use the License Overview dashboard to enable and gather the sites. Note that you must be entitled to the new content and you are using IBM BigFix version 9.0 and later.
- If you were involved in the Early Access Program for IBM BigFix Compliance PCI Add-on, unsubscribe from the beta sites to avoid any conflicting issues with the production sites. If you do not unsubscribe from the beta sites, the content in the production sites will fail.
We hope you find this latest release of SCM content useful and effective. Thank you!
– The IBM BigFix Compliance team