Home > Blogs > VMware Security & Compliance Blog > Tag Archives: DISA

Tag Archives: DISA

VMware CP&C releases Major Updates to DISA STIG Windows Compliance toolkit in VCM!

CPC Logo

The VMware Center for Policy & Compliance (CP&C) is pleased to announce the updated DISA STIG compliance toolkit for Windows based environments in VMware vCenter Configuration Manager (VCM), a key component in the VMware vRealize Operations (vR Ops). This is a major update release to prior released DISA Compliance Toolkits for Windows based environments. The compliance toolkit product data sheet can be found here.

This toolkit contains below DISA STIGs:

  • Windows Server 2012 / R2 – DC and MS – STIG Version V1R4
  • Windows Server 2008 R2 – DC and MS – STIG Version V1R12
  • Windows Server 2008 – DC and MS – STIG Version V6R1.26
  • Windows Server 2003 / R2 – DC and MS – STIG Version V6R1.33
  • Windows 7 – STIG Version V1R16
  • Windows 8 / 8.1 – STIG Version V1R6

DC = Domain Controllers
MS = Member Servers
Continue reading

Verify Roles and Features using VCM

CPC LogoToday, I show you how you can ensure you comply to DISA  recommendations to have only needed roles and features enabled on various Windows machines using VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite (vC Ops).

 

For this example, DISA STIG for Windows 7 Version:1 Release:16 released on 25 Jul 2014 is taken.

Below are the DISA recommendations:

  • 5.016 – IIS or its subcomponents must not be installed on a workstation
  • 5.260 – Games must not be installed on the system
  • 5.260 – Simple TCPIP Services must not be installed on the system
  • 5.260 – Telnet Server must not be installed on the system
  • 5.260 – The Telnet Client must not be installed on the system
  • 5.260 – The TFTP Client must not be installed on the system
  • 5.260 – Windows Media Center must not be installed on the system

Continue reading

Ensure DISA Certificate Compliance using VCM

CPC LogoToday, I show you how you can ensure you comply to DISA mandates to have DoD certificates on each Microsoft Windows machine using VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite (vC Ops).

For this example, DISA STIG for Windows 8 / 8.1 Version: 1  Release: 6 released on 25 Jul 2014 is taken.

Below are the DISA requirements for certificates:

  • WN08-PK-000001 – The DoD Root Certificate must be installed into the Trusted Root Store
  • WN08-PK-000002 – The External CA Root Certificate must be installed into the Trusted Root Store
  • WN08-PK-000003 – The DoD Interoperability Root CA 1 to DoD Root CA 2 cross certificate must be installed into the Untrusted Certificates Store
  • WN08-PK-000004 – The US DoD CCEB Interoperability Root CA 1 to DoD Root CA 2 cross-certificate must be installed into the Untrusted Certificates Store

Continue reading

VMware CP&C releases Major Updates to DISA STIG *NIX Compliance toolkit in VCM!

CPC LogoThe VMware Center for Policy & Compliance (CP&C) is pleased to announce the updated DISA STIG compliance toolkit for UNIX and Linux based environments in VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite (vC Ops). This is a major update release to prior released DISA Compliance Toolkits for UNIX and Linux based environments. The compliance toolkit product data sheet can be found here.

This toolkit contains below DISA STIGs:

  • DISA AIX 6.1 V1R2
  • DISA HP-UX V1R4
  • DISA RH-5 V1R6
  • DISA RH-6 V1R3
  • DISA Solaris 10 V1R6

Continue reading

VMware CP&C releases DISA vSphere 5.0 Compliance toolkit for VCM!

The VMware Center for Policy & Compliance (CP&C) is pleased to announce the availability of The Defense Information Systems Agency (DISA) VMware vSphere 5.0 compliance toolkit for VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite. (vC Ops). The benchmark availability announcement was made on 09-Aug-2013 and we churned it pretty quickly!

 

Continue reading

CIS and DISA CP&C toolkit update

Hi All,

The VMware Center for Policy & Compliance (CP&C) is pleased to announce the availability of latest Center for Internet Security (CIS) and Defense Information Security Agency (DISA) Compliance toolkit packages for VMware vCenter Configuration Manager (VCM).

The highlights of this release are as below:

  1. CIS has new content for
    • AIX 5.3-6.1 and
    • RHEL 6
  2. DISA has new content for
    • HP-UX 11.23 and 11.31
    • Solaris 10
    • AIX 6.1 and
    • RHEL 5

Continue reading