Home > Blogs > VMware Security & Compliance Blog


VMware CP&C releases Major Updates to DISA STIG *NIX Compliance toolkit in VCM!

CPC LogoThe VMware Center for Policy & Compliance (CP&C) is pleased to announce the updated DISA STIG compliance toolkit for UNIX and Linux based environments in VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite (vC Ops). This is a major update release to prior released DISA Compliance Toolkits for UNIX and Linux based environments. The compliance toolkit product data sheet can be found here.

This toolkit contains below DISA STIGs:

  • DISA AIX 6.1 V1R2
  • DISA HP-UX V1R4
  • DISA RH-5 V1R6
  • DISA RH-6 V1R3
  • DISA Solaris 10 V1R6

You can download the packages using VCM Content Wizard and begin to use it.

Compliance Rule Groups and Templates for DISA STIG for *NIX:
1_Disa Unix Rule Groups and Templates 1

One-Click Collection Filter Set to collect all data needed for Compliance assessment:
3_Collection Filters

New Custom Information Types to parse even the weirdly structured files and command output for compliance:
5_CITs

Track your compliance posture using these great dashboards:
4_Dashboard

From there, you can see the individual rules behind the content that is surfaced in the dashboards:
2_Disa Unix Template Results
Start nailing down the most critical ones first and then the rest. You can just drag n drop the template results and group them by severity to make it easy for your infrastructure admin to fix the infractions. Isn’t that cool!

Keep in mind that VCM manages not only virtual environments, but covers physical as well. It is the market leader in Configuration Audit, Change Detection, Patch Management and COMPLIANCE content. With new additions such as Scripted Remediation Framework, high level of OS patch automation with auto deploy functionality, Easy install and setup and a new look and feel, it is better than ever before!

Come, join the journey to Start Green Stay Green!

Thanks and regards,

Pravin Goyal
RHCE | HP-UX CSA | VCP | MBA | CISSP | GISP | CCSK | CloudU | CompTIA CE | ITIL-F | ITSM-F | CWNA | CWSP | Mobility+

This entry was posted in Uncategorized and tagged , , , , , , , , on by .
Pravin Goyal

About Pravin Goyal

Pravin Goyal is an information security and regulatory compliance expert in CMBU. He delivers and also leads various security projects such as security and compliance policies for PCI DSS 3.1, HIPAA, IRS, DISA, CIS, vSphere hardening guides and NSX hardening guides He loves to keep abreast of latest developments in the field and find compelling ideas to bring some additional business and profitability to VMware. Additionally, he believes in collaborating across BUs and Companies to deliver customer-facing solutions. Off late, he has authored CIS Docker 1.6 and CIS Docker 1.11.0 Security Configuration Benchmark, NSX-v 6.1 hardening guide and is a co-author of vSphere hardening guide. He is leading the STIG compliance project from CMBU. https://www.linkedin.com/in/pravin-goyal-b7299b33