NIS2 Compliance Checklist for Windows Servers

Release Announcements Compliance (Release Announcements)
1

Hello BigFix Community,

We are pleased to announce the release of a new compliance checklist within BigFix Compliance, designed to support the NIS2 Directive (EU) 2022/2555.

As organizations across the European Union, and those doing business with them, prepare for the heightened cybersecurity requirements of NIS2, we are expanding our library to help you automate and audit technical controls effectively.

What is the NIS2 Compliance Checklist?

The NIS2 Compliance Checklist is a specialized content pack designed to assess compliance against the technical requirements of Directive (EU) 2022/2555 for Windows Servers.

This release aggregates relevant checks from widely recognized benchmarks (CIS) and maps them directly to the specific risk-management measures mandated by Article 21(2). This allows you to enforce security configurations and audit your environment against European cybersecurity standards.

Technical Snapshot

Here is a quick overview of the coverage provided in this release:

Total Fixlets: 464

Fixlets with Remediation: 463

Parameterized Fixlets: 363

Benchmark Sources: CIS

Applies To: Windows Server 2016,2019,2022,2025

Scope of Coverage

The NIS2 Directive is broad, covering organizational and technical measures. This checklist focuses specifically on the technical controls that can be monitored and enforced via BigFix.

We currently support controls across 6 key categories, mapping directly to the following articles:

Incident Handling (Check Count: 72)

(Article 21(2), point (b)) – Monitoring configurations that facilitate accurate logging and incident detection.

Security in Network and Information Systems Acquisition, Development, and Maintenance (Check Count: 181)

(Article 21(2), point (e)) – Ensuring secure configurations and vulnerability management during system lifecycles.

Cryptography (Check Count: 41)

(Article 21(2), point (h)) – Verifying encryption settings and cryptographic protocols.

Access Control (Check Count: 164)

(Article 21(2), points (i) and (j)) – Auditing user rights, authentication policies, and privilege management.

Asset Management (Check Count: 5)

(Article 21(2), point (i)) – Ensuring visibility and control over hardware and software assets.

Business Continuity and Crisis Management (Check Count: 1)

(Article 21(2), point (c)) – Verifying backup configurations, system restore settings, and recovery mechanisms to support operational continuity.

How to Get Started

The NIS2 Checklist for Windows Server is available now. To get started, please subscribe to the content from the NIS2 Checklist for Windows Server external site and deploy it to your desired endpoints.

To get started:

  1. Enable and gather the NIS2 Checklist for Windows Server external site from the License Overview Dashboard.

  2. Create a custom site using Create Custom Checks wizard.

  3. Change the default parameters if required.

  4. If you use custom sites, update your custom sites accordingly to use the latest content. You can synchronize your content by using the Synchronize Custom Checks wizard. For more information, see Using the Synchronize Custom Checks wizard

  5. Subscribe all the relevant Windows Server (2016/2019/2022/2025) endpoints.

  6. Run SCA import to get the compliance status reports.

More information:
To know more about the BigFix Compliance SCM checklists, please see the following resources:

● BigFix Forum:
https://forum.bigfix.com/c/release-announcements/compliance

● BigFix Compliance SCM Checklists:
https://bigfix-wiki.hcltechsw.com/wikis/home?lang=en-us#!/wiki/BigFix%20Wiki/page/SCM%20Checklists

We are committed to helping you stay compliant with the latest regulatory frameworks. If you have questions regarding specific checks or need assistance with implementation, please feel free to reply to this thread

.
– The BigFix Compliance team

1 Like