Oracle Linux 5 STIG V1R1

DISA Field Security Operations (FSO) has released the Oracle Linux 5 STIG Version 1. The requirements of the STIG become effective immediately.

Oracle Linux 5 Overview:

image: bestconnected.enterprise-ireland.com

DoD Instruction (DoDI) 8500.01 requires that “all IT that receives, processes, stores, displays, or transmits DoD information will be […] configured […] consistent with applicable DoD cybersecurity policies, standards, and architectures” and tasks that Defense Information Systems Agency (DISA) “develops and maintains control correlation identifiers (CCIs), security requirements guides (SRGs), security technical implementation guides (STIGs), and mobile code risk categories and usage guides that implement and are consistent with DoD cybersecurity policies, standards, architectures, security controls, and validation procedures, with the support of the NSA/CSS, using input from stakeholders, and using automation whenever possible.” This document is provided under the authority of DoDI 8500.01. – Oracle Linux V V1R1

 

Although the use of the principles and guidelines in these SRGs/STIGs provide an environment that contributes to the security requirements of DoD systems, applicable NIST SP 800-53 cybersecurity controls need to be applied to all systems and architectures based on the Committee on National Security Systems (CNSS) Instruction (CNSSI) 1253.

The STIG is available on IASE at http://iase.disa.mil/stigs/os/unix/oracle_linux.html.

The post Oracle Linux 5 STIG V1R1 appeared first on RMF for DoD IT.

DISA has released the Apple OS X 10.9 (Mavericks) Workstation STIG Version
1.   The requirements of the STIG become effective immediately.

The STIG is available on IASE at
http://iase.disa.mil/stigs/os/mac/Pages/mac-os.aspx.

DoD Instruction 8500.01 tasks DISA “develops and maintains control correlation identifiers (CCIs), security requirements guides (SRGs), security technical implementation guides (STIGs), and mobile code risk categories and usage guides that implement and are consistent with DoD cybersecurity policies, standards, architectures, security controls, and validation procedures, with the support of the NSA/CSS, using input from stakeholders” and DoD Component heads “ensure that all DoD IT under their purview complies with applicable STIGs, security configuration guides, and SRGs.” DISA considered all the applicable technical NIST SP 800-53 requirements while developing this STIG. Requirements which are applicable and configurable are included in the final STIG. DoD information systems require password complexity and account management for authentication and confidentiality.

STIG OSX Mavericks MAC

Apple OS X 10.9 natively does not provide these capabilities. In order for systems to meet these requirements, they must be connected to an Active Directory infrastructure or similar LDAP solution. A report marked For Official Use Only (FOUO) is available for further items that did not meet requirements. The compliance report is available to component Authorizing Official (AO) personnel for use in their certification and risk assessment. AO requests for the compliance report may be sent via email to disa.stig_spt@mail.mil. In accordance with DoD Instruction 8500.01, the Apple OS X 10.9 (Mavericks) Workstation STIG Version 1 is released for immediate use. The document is available on http://iase.disa.mil.

The post Apple OS X 10.9 (Mavericks) Workstation STIG, V1R1 appeared first on RMF for DoD IT.

DISA has developed the Draft DoD Internet-NIPRNet DMZ STIG Version 3.

The draft STIG and spreadsheet are available at:
http://iase.disa.mil/stigs/net_perimeter/enclave-dmzs/Pages/dmz-imp.aspx

Please provide comments, recommended changes, and/or additions to the draft STIG by 20 March 2015 on the Comment Matrix spreadsheet.

Comments should be sent via NIPRNet email to:  disa.stig_spt@mail.mil.
Include the title and version of the STIG in the subject line of your email.

The post Draft DoD Internet-NIPRNet DMZ STIG Version 3 appeared first on RMF for DoD IT.

SRG/STIG Applicability Guide and Collection Tool Update

DISA has released an update to the Security Requirements Guide (SRG) and Security Technical Implementation Guide (STIG) Applicability Guide and Applicable SRG/STIG Collection Tool.

The purpose of the SRG/STIG Applicability Guide and Collection Tool is to assist the SRG/STIG user community in determining what SRGs and/or STIGs apply to a particular situation or Information System (IS) and to create a fully formatted document containing a “Collection” of SRGs and STIGs applicable to the situation being addressed.

The SRG/STIG Applicability Guide and Collection Tool is available for download from the Information Assurance Support Environment (IASE) web site at: http://iase.disa.mil/stigs/agct/Pages/index.aspx

The post SRG/STIG Applicability Guide and Collection Tool Update appeared first on RMF for DoD IT.

DISA has released the Windows Server 2012 DNS STIG Version 1. The
requirements of the STIG become effective immediately. The STIG is available
on IASE at:
http://iase.disa.mil/stigs/net_perimeter/network-other/Pages/network-other.a
spx.

VMS Users: The Windows 2012 Server DNS STIG requirements will need to be
manually applied to an asset in VMS by adding the “Windows 2012 DNS” element
(found under Computing>Application>DNS Applications) to the asset’s posture.

The “Windows DNS” element from the previous version DNS STIG will still
remain applied to the asset’s posture, along with the requirements related
to the previous version. That previous version element should be manually
removed from an asset’s posture once the assessment results from the
previous version are no longer needed.

The post Windows Server 2012 Domain Name System (DNS) Security Technical Implementation Guide (STIG) Version 1 appeared first on RMF for DoD IT.

DISA has released the following updated Security Guidance, Security
Readiness Review Scripts and Benchmarks:

Unclassified SRGs:  http://iase.disa.mil/stigs/srgs/Pages/index.aspx

Unclassified Application STIGs:
http://iase.disa.mil/stigs/app-security/Pages/index.aspx

Apache 2.0 UNIX STIG Ver 1, Rel 4
Apache 2.0 Windows STIG Ver 1, Rel 4
Apache 2.2 UNIX STIG Ver 1, Rel 7
Apache 2.2 Windows STIG Ver 1, Rel 7
Email Services Policy STIG Ver 2, Rel 5
Excel 2013 STIG Ver 1, Rel 4
Exchange 2010 Overview Ver 1, Rel 5
Exchange 2010 Client Access STIG Ver 1, Rel 7
Exchange 2010 Edge STG Ver 1, Rel 9
Exchange 2010 Hub STIG Ver 1, Rel 9
Exchange 2010 Mailbox STIG Ver 1, Rel 6
IIS 7.0 STIG Ver 1, Rel 8
InfoPath 2013 STIG Ver 1, Rel 3
Internet Explorer 7 STIG Ver 1 Rel 19
Internet Explorer 8 STIG Ver 1 Rel 19
Internet Explorer 9 STIG Ver 1 Rel 14
Internet Explorer 10 STIG Ver 4 Rel 10
Internet Explorer 11 STIG Ver 1 Rel 6
McAfee Virus Scan 8.8 Overview Ver 5, Rel 7
McAfee Virus Scan 8.8 Local Client STIG Ver 5, Rel 6
McAfee Virus Scan 8.8 Managed Client STIG Ver 5, Rel 7
Mozilla Firefox STIG Ver 4, Rel 12
Office 2007 Overview Ver 4, Rel 14
Office 2010 Overview Ver 4, Rel 14
Office 2013 Overview Ver 1, Rel 5
Office System 2010 STIG Ver 1, Rel 9
Office System 2013 STIG Ver 1, Rel 3
Oracle 11.2g Database STIG Ver 1, Rel 4
Oracle 11g Database STIG Ver 8, Rel 1.14
Outlook 2007 STIG Ver 4, Rel 14
Outlook 2013 STIG Ver 1, Rel 4
Office System 2010 STIG Ver 1, Rel 9
Publisher 2010 STIG Ver 1, Rel 9
Publisher 2013 STIG Ver 1, Rel 3
SQL Server 2012 STIG Ver 1 Rel 7
Symantec Endpoint Protection 12.1 Local Client STIG Ver 1, Rel 3
Symantec Endpoint Protection 12.1 Managed Client STIG Ver 1, Rel 4
Symantec Endpoint Protection 12.1 Overview Ver 1, Rel 1

The post updated Security Guidance, Security Readiness Review Scripts and Benchmarks appeared first on RMF for DoD IT.

google appliance disa stig

Defense Information Security Agency has released Google Search Appliance Security Technical Implementation Guide Version 1.   The requirements of the STIG become effective immediately.

The STIG is available on IASE at:

http://iase.disa.mil/stigs/app-security/Google-Search/Pages/index.aspx

The post DISA Google Search Appliance STIG Version 1 appeared first on RMF for DoD IT.

disa cloud computing

DISA has developed the following DRAFT documents related to Cloud Computing
Security and the use/integration of Cloud Computing in DoD which are available
for community review and feedback/comments:
. Draft Cloud Computing Security Requirements Guide (SRG), Version 1 Release 2
. Draft Cloud Access Point (CAP) Functional Requirements Document (FRD) V2.2
. Draft Concept of Operations (CONOPS) for Cloud Computer Network Defense
(CND) v1

The Draft documents and a Comment Matrix for each (in a .zip file) are
available at:
http://iase.disa.mil/cloud_security/Pages/index.aspx.

Please provide comments by [DATE TBD 3 WEEKS after posting] on the Comment
Matrix associated with each document via one unclassified email for each
comment matrix to:
disa.letterkenny.re.mbx.stig-info@mail.mil

Please Note: It is critical that each comment matrix is returned in a separate
email with the subject line stating “[Your organization] Comments for
[document title]” so we can distribute the comment matrices to the appropriate
team for each document and easily identify the source.

The post DISA Cloud Computing Documents released for comment appeared first on RMF for DoD IT.

disa palo alto networks

Defense Information System Agency has released a draft for Palo Alto Networks Security Technical Implementation Guide Version 1.

The Draft STIG is available at
http://iase.disa.mil/stigs/net_perimeter/network-infrastructure/Pages/firewa
ll.aspx for review and comment.

Please provide comments, recommended changes, and/or additions to the draft
STIG by 12 August 2015 on the Comment Matrix spreadsheet located at
http://iase.disa.mil/stigs/net_perimeter/network-infrastructure/Pages/firewa
ll.aspx.  Comments should be sent via NIPRNet email to:
disa.stig_spt@mail.mil.  Include the title and version of the STIG in the
subject line of your email.

The post DISA Draft Palo Alto Networks STIG Version 1 appeared first on RMF for DoD IT.

Defense Information System Agency has developed the Draft for Voice Video Session Management Security Requirement Guidance Version 1.

The Draft SRG is available at
http://iase.disa.mil/stigs/net_perimeter/telecommunications/Pages/voip.aspx
for review and comment. Please provide comments, recommended changes, and/or
additions to the draft SRG by 12 August 2015 on the Comment Matrix
spreadsheet located at
http://iase.disa.mil/stigs/net_perimeter/telecommunications/Pages/voip.aspx.
Comments should be sent via NIPRNet email to:  disa.stig_spt@mail.mil.
Include the title and version of the SRG in the subject line of your email.

The post DISA Draft Voice Video Session Management appeared first on RMF for DoD IT.

Draft Microsoft Windows 10 Security Technical Implementation Guide (STIG)

Defense Information Systems Agency Risk Management Executive office has released the draft Windows 10 STIG Version 1.  Please provide comments, recommended changes, and/or additions
to the draft STIG by 23 October 2015 on the Comment Matrix spreadsheet.  The draft STIG and spreadsheet are available at:
http://iase.disa.mil/stigs/os/windows/Pages/win10.aspx.

The post Draft Microsoft Windows 10 Security Technical Implementation Guide (STIG) appeared first on RMF for DoD IT.

DISA has released the Apple iOS9 Draft Configuration Table. Until an iOS9 STIG can be posted, the iOS 9 Configuration Table can be used as Interim guidance to secure iOS 9. The document is available on http://iase.disa.mil.

The post DISA has released the Apple iOS9 Draft Configuration Table appeared first on RMF for DoD IT.

DISA has released the following IAVM packages:
http://iase.disa.mil/stigs/Pages/iavm.aspx

AIX 6.1 Ver 1, Rel 14
Apple OS 10.10 Workstation Ver 1, Rel 3
Apple OS 10.8 Workstation Ver 1, Rel 7
Apple OS X 10.9 Workstation Ver 1, Rel 4
BlackBerry 10 OS Ver 1, Rel 5
Cisco IOS Ver 1, Rel 6
HP-UX 11.23 Ver 1, Rel 14
HP-UX 11.31 Ver 1, Rel 14
MAC OS X 10.6 Ver 1, Rel 14
Oracle Linux 5 Ver 1, Rel 7
Oracle Linux 6 Ver 1, Rel 7
RHEL 5 Ver 1, Rel 14
RHEL 6 Ver 1, Rel 12
Solaris 10 SPARC Ver 1, Rel 14
Solaris 10 x86 Ver 1, Rel 14
Solaris 11 SPARC Ver 1, Rel 7
Solaris 11 x86 Ver 1, Rel 7
Solaris 9 SPARC Ver 1, Rel 14
Solaris 9 x86 Ver 1, Rel 14
Windows 2008 Ver 1, Rel 12
Windows 2008 R2 Ver 1, Rel 12
Windows 2012 and 2012 R2 Ver 1, Rel 10
windows 8 and 8-1 Ver 1, Rel 12
Windows Vista Ver 1, Rel 12

The post DISA has released the following IAVM packages appeared first on RMF for DoD IT.

DISA has developed the Draft Authentication Brokerage Services STIG, Version
1. The Draft STIG is available at http://iase.disa.mil/stigs/app-security/app-servers/Pages/idam.aspx  for
review and comment.

Please provide comments, recommended changes, and/or additions to the draft
STIG by 9 November 2015 on the Comment Matrix spreadsheet, and send comments
via NIPRNet email to:  disa.stig_spt@mail.mil.  Include the title and
version of the STIG in the subject line of your email.

The post DISA Draft Authentication Brokerage Services STIG, Version 1 appeared first on RMF for DoD IT.

DISA has released the Oracle 12c Database STIG Version 1.  The requirements of this STIG become effective immediately.  The STIG is available on IASE
at: http://iase.disa.mil/stigs/app-security/database/Pages/oracle.aspx.

The post Oracle 12c Database STIG Version 1 appeared first on RMF for DoD IT.

DISA has released the following updated Security Guidance, Security Readiness Review Scripts and Benchmarks:

Unclassified SRGs:  http://iase.disa.mil/stigs/srgs/Pages/index.aspx

Application Server SRG Ver 2, Rel 2
Domain Name System (DNS) SRG Ver 2, Rel 4 Network Device Management SRG Ver 2, Rel 3 Router SRG – Ver 2, Rel 2 Web Server SRG Ver 2, Rel 2

Unclassified Application STIGs/SRGs:  http://iase.disa.mil/stigs/app-security/Pages/index.aspx

Access 2007 STIG – Ver 4, Rel 12
Apache 2.2 UNIX STIG Ver 1, Rel 8
Apache 2.2 Windows STIG Ver 1, Rel 8
Email Services Policy STIG Ver 2, Rel 6
Excel 2007 STIG Ver 4, Rel 12
Exchange 2010 Edge STIG Ver 1, Rel 10
Exchange 2010 Hub STIG Ver 1, Rel 10
Google Chrome Browser STIG for Windows Ver 1, Rel 3 IIS 7 STIG Ver 1, Rel 9 Infopath 2007 STIG Ver 4, Rel 12 Internet Explorer 10 STIG Ver 1, Rel 11 McAfee Virus Scan 8.8 Local Client STIG Ver 5, Rel 7 Mcafee Virus Scan 8.8 Managed Client STIG Ver 5, Rel 8 Microsoft Sharepoint 2010 STIG Ver 1, Rel 7 Mcrosoft Sharepoint 2013 STIG Ver 1, Rel 2 Mozilla Firefox STIG Ver 4, Rel 13 Office 2010 Overview Ver 1, Rel 12 Office System 2007 STIG Ver 4, Rel 14 Oracle 11.2g Database STIG Ver 1, Rel 5 Oracle Database 11g Database STIG Ver 8, Rel 15 Outlook 2007 STIG Ver 4, Rel 15 Outlook 2010 STIG Ver 1, Rel 11 Outlook 2013 STIG Ver 1, Rel 5 PowerPoint 2007 STIG Ver 4, Rel 14 SQL Server 2012 STIG Ver 1, Rel 8 Word 2007 STIG Ver 4, Rel 14

Unclassified Network STIGs:  http://iase.disa.mil/stigs/net_perimeter/Pages/index.aspx

Bind DNS STIG Ver 4, Rel 1.19
Defense Switched Network (DSN) STIG Ver 2, Rel 7 Enclave Test and Development STIG Ver 1, Rel 2
F5 BIG_IP Device Mangement 11.x STIG Ver 1, Rel 2 IPSEC VPN Gateway STIG Ver 1, Rel 10 MultiFunction Device and Network Printers STIG Ver 2, Rel 7 Network Firewall STIG Ver 8, Rel 19 Network Infrastructure Router L3 Switch STIG Ver 8, Rel 19 Network L2 Switch STIG Ver 8, Rel 19 Network Other Devices STIG Ver 8, Rel 19 Network Perimeter Router L3 Switch STIG Ver 8, Rel 21 Network WLAN STIG Ver 6, Rel 10 Remote Access Policy STIG Ver 2, Rel 10 Voice and Video over Internet Protocol (VVoIP) Policy STIG Ver 3, Rel 7 Voice and Video over Internet Protocol (VVoIP) STIG Ver 3, Rel 7 Windows Server 2012 DNS STIG Ver 1, Rel 2

Unclassified Mobility STIGs:  http://iase.disa.mil/stigs/mobility/Pages/index.aspx

BlackBerry Enterprise Service 10.2.x BlackBerry Device Service STIG Ver 1, Rel 4 BlackBerry OS 7 STIG Ver 2, Rel 9

Unclassified Operating System STIGs: http://iase.disa.mil/stigs/os/Pages/index.aspx

Apple OS X 10.10 Workstation STIG Ver 1, Rel 2 AIX 6.1 STIG Ver 1 Rel 5
ESXi5 Server Ver 1, Rel 8
HP UX 11.23 Manual STIG Ver 1, Rel 7
HP UX 11.31 Manual STIG Ver 1, Rel 8
Oracle Linux 5 Manual STIG Ver 1, Rel 4
Oracle Linux 6 Manual STIG Ver 1, Rel 4
Red Hat 5 Manual STIG Ver 1 Rel 12
Red Hat 6 STIG Ver 1 Rel 9
Solaris 10 SPARC Manual STIG Ver 1, Rel 12 Solaris 10 x86 Manual STIG Ver 1 Rel 12 Solaris 11 SPARC Manual STIG Ver 1, Rel 5 Solaris 11 x86 Manual STIG Ver 1, Rel 5 Windows 2008 DC STIG Ver 6, Rel 31 Windows 2008 MS STIG Ver 6, Rel 31 Windows 2008 R2 DC STIG VER 1, Rel 17 Windows 2008 R2 MS STIG Ver 1, Rel 17 Windows 2012 and 2012 DC STIG Ver 2, Rel 3 Windows 2012 and 2012 MS STIG Ver 2, Rel 3 Windows Vista STIG Ver 6, Rel 38 Windows 7 STIG Ver 1, Rel 21 Windows 8/8.1 STIG Ver 1, Rel 11 zOS ACF2 STIG Ver 6, Rel 25 zOS RACF STIG Ver 6, Rel 25 zOS TSS STIG Ver 6, Rel 25

FOUO HBSS: http://iase.disa.mil/stigs/hbss/Pages/index.aspx
NOTE: DoD PKI Certificate Required

HBSS Agent Handler STIG  Ver 1, Rel 6
HBSS Asset Baseline Monitor STIG Ver 4, Rel 8 HBSS ePO 4.5 Rollup STIG Ver 4, Rel 12 HBSS ePO 4.5 Site STIG Ver 4, Rel 14 HBSS ePO 4.6 STIG Ver 4, Rel 15 HBSS ePO 5.1 STIG Ver 1, Rel 6 HBSS HIP 8 Firewall STIG Ver 1, Rel 5 HBSS HIP 8 STIG Ver 4, Rel 13 HBSS Remote Console STIG Ver 4, Rel 11 McAfee MOVE STIG Overview – Ver 1, Rel 1 McAfee MOVE Agentless 3.0 SVA STIG Ver 1, Rel 2 McAfee MOVE Agentless 3.0 VSEL for SVA STIG Ver 1, Rel 2 McAfee MOVE Multi-Platform 2.6 Client STIG Ver 1, Rel 3 McAfee MOVE Multi-Platform 2.6 OSS STIG Ver 1, Rel 3

FOUO Network Perimeter:  http://iase.disa.mil/stigs/net_perimeter/Pages/index.aspx
NOTE:  DoD PKI Certificate Required

DoD Secure Telecommunications and DRSN STIG Ver 1, Rel 6 REL LAN STIG Ver 1, Rel 8

Benchmarks: http://iase.disa.mil/stigs/scap/Pages/index.aspx

AIX 6.1 STIG Benchmark Ver 1, Rel 5
HP-UX 11.23 STIG Benchmark Ver 1 Rel 8
HP-UX 11.31 STIG Benchmark Ver 1 Rel 9
Internet Explorer 10 STIG Benchmark Ver 1, Rel 6 Microsoft .NET Framework 4 STIG Benchmark Ver 1, Rel 3 Outlook 2010 STIG Benchmark Ver 1, Rel 2 Red Hat 5 STIG Benchmark Ver 1, Rel 13 Red Hat 6 STIG Benchmark Ver 1, Rel 9 Solaris 10 SPARC STIG Benchmark Ver 1, Rel 12 Solaris 10 x86 STIG Benchmark Ver 1, Rel 12 Solaris 9 SPARC STIG Benchmark Ver 1, Rel 12 Windows 2008 DC STIG Benchmark Ver 6, Rel 33 Windows 2008 MS STIG Benchmark Ver 6, Rel 33 Windows 2008 R2 DC STIG Benchmark Ver 1, Rel 19 Windows 2008 R2 MS STIG Benchmark Ver 1, Rel 19 Windows 2012 and 2012 R2 DC STIG Benchmark Ver 2, Rel 3 Windows 2012 and 2012 R2 MS STIG Benchmark Ver 2, Rel 3 Windows 7 STIG Benchmark Ver 1, Rel 27 Windows 8/8.1 Benchmark Ver 1, Rel 12 Windows Vista Benchmark Ver 6, Rel 41

STIGs no longer supported:  http://iase.disa.mil/stigs/sunset/Pages/index.aspx

Apache 2.0 UNIX STIG Ver 1, Rel 5
Apache 2.0 Windows STIG Ver 1, Rel 5
Solaris 9 SPARC Manual STIG Ver 1, Rel 9 Solaris 9 x86 Manual STIG Ver 1, Rel 9 Symantec Endpoint Protection 12.1 Local Client STIG Ver 1, Rel 3 Symantec Endpoint Protection 12.1 Managed Client STIG Ver 1, Rel 4 Symantec Endpoint Protection 12.1 Overview Ver 1, Rel 1

The post Security Guidance, Security Readiness Review Scripts and Benchmarks appeared first on RMF for DoD IT.

DISA has released updates to the SRG/STIG Library Compilations in .ZIP format to correspond with the latest quarterly SRG/STIG update cycle. This release also includes newly released SRGs and STIGs published since the last quarterly release of the SRG/STIG Library Compilations.

The SRG/STIG_Library.zip is a compilation of DoD Security Requirements Guides (SRGs), DoD Security Technical Implementation Guides (STIGs) (provided in XCCDF or .pdf format), Checklists, Security Readiness Review (SRR) Tools that are available through the IASE web site’s STIG pages.

Two versions of the compilation are produced, an FOUO version and a NON-FOUO version entitled U_SRG-STIG_Library.zip and FOUO _SRG-STIG_Library.zip.  The file name preceded by FOUO_ contains STIGs and related content that has been designated as FOUO. As such a DoD PKI certificate is required to download it. The file name preceded by U_ is the NON-FOUO version which does not contain FOUO. It is therefore downloadable by the general public. These compilations may be used and distributed in the same manner as the individually downloaded documents. The FOUO compilation as a whole and any separated FOUO content must be handled in accordance with customary FOUO handling and dissemination guidelines.

Please see “SRG/STIG Library Compilation READ ME” for additional information to include download / extraction instructions and a FAQ.

All related files are available on IASE at: http://iase.disa.mil/stigs/dod-purpose-tool/Pages/index.aspx

The post Quarterly release: SRG-STIG_Library.zip appeared first on RMF for DoD IT.

DISA has developed the Draft Network Infrastructure Policy STIG Version 9.

The Draft STIG is available at http://iase.disa.mil/stigs/net_perimeter/network-infrastructure/Pages/policy.aspx for review and comment.

Please provide comments, recommended changes, and/or additions to the draft STIG by 29 December 2015 on the Comment Matrix spreadsheet located at http://iase.disa.mil/stigs/net_perimeter/network-infrastructure/Pages/policy.aspx.  Comments should be sent via NIPRNet email to:  disa.stig_spt@mail.mil.  Include the title and version of the STIG in the subject line of your email.

The post DISA has developed the Draft Network Infrastructure Policy STIG Version 9 appeared first on RMF for DoD IT.

DISA has released the McAfee VirusScan Enterprise for Linux (VSEL) 1.9x/2.0x STIGs Version 1.

The requirements of the STIGs become effective immediately.  The STIGs are available on IASE at http://iase.disa.mil/stigs/app-security/antivirus/Pages/antivirus.aspx.

The post McAfee VirusScan Enterprise for Linux (VSEL) 1.9x/2.0x STIGs, V1R1 appeared first on RMF for DoD IT.

DISA has released the Palo Alto Networks STIG Version 1.

The requirements of the STIG become effective immediately.  The STIG is available at http://iase.disa.mil/stigs/net_perimeter/network-infrastructure/Pages/firewall.aspx.

The post DISA has released the Palo Alto Networks STIG Version 1 appeared first on RMF for DoD IT.