IBM BigFix Compliance PCI Add-on: Updated PCI DSS Checklists for RHEL 5, RHEL 6, CentOS 6, AIX 7, and IIS 7 published 2017-01-31

Product:
IBM BigFix Compliance PCI Add-on

Title:
Updated PCI DSS Checklists for RHEL 5, RHEL 6, CentOS 6, AIX 7, and IIS 7 with environment task verification and other enhancements

Category:
Updated PCI DSS checklist

Published Benchmark:
Payment Card Industry Data Security Standard v3.2

Details:
Several enhancements to improve accuracy and relevancy of the checks were made to the following checklists:
PCI DSS Checklists for AIX 7, IIS 7, and RHEL 5 Updates

  • A new check “Verify that Environment Setup Task is executed for current site” is added to help ensure the correctness of the compliance data in the reports used by the Compliance Manager.

PCI DSS Checklist for RHEL 6 and CentOS 6 Updates

  • A new check “Verify that Environment Setup Task is executed for current site” is added to help ensure the correctness of the compliance data in the reports used by the Compliance Manager.
  • The Applicability Fixlet called “Applicability Fixlet - PCI-DSS - RHEL 6" is updated to limit the scope to RHEL 6 systems only.
  • A new Applicability Fixlet called “Applicability Fixlet for RHEL 6, CentOS 6” is added for both RHEL 6 and CentOS 6 systems. This Fixlet excludes the “Verify that “rhnsd” daemon is disabled” check (pcidss-2.2.d_13.9), which is not applicable to CentOS 6 systems.

Published Site:
PCI DSS Checklist for AIX 7, version 4
PCI DSS Checklist for MS IIS, version 7
PCI DSS Checklist for RHEL 5, version 6
PCI DSS Checklist for RHEL 6, version 7

NOTE: The PCI DSS Checklist for RHEL 6 site contains checks for both RHEL 6 and CentOS 6. It is listed as PCI DSS Checklist for RHEL 6, CentOS 6 in the License Overview dashboard. The site display name might not be correctly reflected once the site is enabled. However, this does not affect the support coverage of the site.

*The site version is provided for air-gap customers.

Actions to Take:

  • If you have already enabled the updated PCI DSS Checklist for RHEL 6 site, gather the site changes and extend the site’s computer subscription to CentOS systems.
  • If you have not enabled the updated site, enable it from the License Overview dashboard. Note that it is listed as PCI DSS Checklist for RHEL 6, CentOS 6 in the dashboard.
  • If you use custom sites, update your custom sites accordingly to use the latest content. You can synchronize your content by using the Synchronize Custom Checks wizard. For more information, see https://ibm.biz/Bd4LBt.

More information:

To know more information about the IBM BigFix Compliance PCI DSS checklists, see:

We hope you find this latest release of PCI DSS content useful and effective.

Thank you!

– The IBM BigFix Compliance PCI Add-on team