Product:
IBM BigFix Compliance
Title:
Updated DISA STIG Checklist for AIX 7.1
Security Benchmark:
UNIX STIG Benchmark, V5, R1.25
Published Site:
DISA STIG Checklist for AIX 7.1, site version 8
(The site version is provided for air-gap customers.)
Changelist:
- GEN001280: On AIX 7.2 this check can return a lot of non-compliant files. It now lists only the first 50 non-compliant files in the analysis.
- GEN002280: For this check the list of users that can write to /dev is now a user changeable parameter.
- GEN003500: Fixed a remediation problem that was incorrectly modifying /etc/security/limits.
- GEN005320a: Exposed CONFIG_FILE as a parameter.GEN005360a: Exposed CONFIG_FILE as a parameter. GEN005360b: Exposed CONFIG_FILE as a parameter. Also exposed VALUE as a parameter since DISA calls for sys and AIX uses system as the group owner.
Details:
· Both analysis and remediation checks are included· Some of the checks allow you to use the parameterized setting to enable customization for compliance evaluation. Note that parameterization and remediation actions require the creation of a custom site.
Actions to take:
-
If you are already subscribed to this site, no action is needed.
-
To subscribe to the above site, you can use the License Overview Dashboard to enable and gather the site. Note that you must be entitled to the BigFix Compliance product and you must be using IBM BigFix version 9.2 and later
More information:
To know more about the IBM BigFix Compliance SCM checklists, please see the following resources:
-
IBM Developer Works:
https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/SCM%20Checklists -
Checklist Release Announcements:
We hope you find this latest release of SCM content useful and effective.
Thank you!
– The IBM BigFix Compliance team