Author name: Bruce

STIG Update - DISA has released the following updated Security Guidance, Security Readiness Review Scripts and Benchmarks DISA has released the following updated Security Guidance, Security Readiness Review Scripts and Benchmarks: Unclassified SRGs: http://iase.disa.mil/stigs/Pages/a-z.aspx Network Device Management SRG – Ver 2, Rel 12 Voice Video Endpoint SRG – Ver 1, Rel 6 Unclassified Application STIGs: http://iase.disa.mil/stigs/app-security/Pages/index.aspx Apache 2.2 STIG Windows – Ver 1, Rel 12 Apache 2.2 STIG UNIX – Ver 1, Rel 9 Application Security and Development STIG – Ver 4, Rel 4 Google Chrome Browser STIG – Ver 1, Rel 10 IIS 7.0 STIG – Ver 1, Rel 15 McAfee Virus Scan Enterprise for Linux 1.2x/2.0x Managed Client STIG – Ver 1, Rel 3 Microsoft Excel 2016 STIG – Ver 1, Rel 2 Microsoft Outlook 2013 STIG – Ver 1, Rel 11 Oracle HTTP Server 12.1.3 STIG – Ver 1, Rel 2 Oracle JRE 8 UNIX STIG – Ver 1, Rel 3 Oracle WebLogic Server 12c STIG – Ver 1, Rel 3 Unclassified Mobility STIG: http://iase.disa.mil/stigs/mobility/Pages/index.aspx Microsoft Windows 10 Mobile STIG – Ver 1, Rel 3 Unclassified Network STIGs and Overviews: http://iase.disa.mil/stigs/net_perimeter/Pages/index.aspx Cisco IOS XE Release 3 Router Overview – Ver 1, Rel 3 Cisco IOS XE Release 3 NDM STG – Ver 1, Rel 3 DNS Policy STIG – Ver 4, Rel 1.21 IBM DataPower NDM STIG – Ver 1, Rel 2 IPSEC VPN Gateway STIG – Ver 1, Rel 13 Juniper SRX Services Gateway (SG) Virtual Private Network (VPN) STIG – Ver 1, Rel 2 Network Firewall STIG – Ver 8, Rel 24 Network Infrastructure Policy STIG – Ver 9, Rel 4 Network Infrastruture Router L3 Switch STIG – Ver 8, Rel 24 Network L2 Switch STIG – Ver 8, Rel 22 Network Perimeter Router L3 Switch STIG – Ver 8, Rel 27 Removable Storage STIG – Ver 1, Rel 7 Unclassified HBSS STIGs: https://iase.disa.mil/stigs/hbss/Pages/index.aspx McAfee Application Control STIG – Ver 1, Rel 2 Unclassified Operating System STIGs: http://iase.disa.mil/stigs/os/Pages/index.aspx AIX 6.1 STIG – Ver 1, Rel 11 HP-UX 11.31 Manual STIG – Ver 1, Rel 15 IBM Hardware Management Console (HMC) STIG – Ver 1, Rel 5 Microsoft Windows 2008 DC STIG – Ver 6, Rel 38 Microsoft Windows 2008 MS STIG – Ver 6, Rel 38 Microsoft Windows 2008 R2 DC STIG – Ver 1, Rel 24 Microsoft Windows 2008 R2 MS STIG – Ver 1, Rel 24 Microsoft Windows 2012 and 2012 R2 DC STIG – Ver 2, Rel 10 Microsoft Windows 2012 and 2012 R2 MS STIG – Ver 2, Rel 10 Microsoft Windows 7 STIG – Ver 1, Rel 28 Microsoft Windows 8/8.1 STIG – Ver 1, Rel 19 Oracle Linux 6 Manual STIG – Ver 1, Rel 11 Red Hat 6 STIG – Ver 1, Rel 17 Red Hat 7 STIG – Ver 1, Rel 3 Solaris 10 SPARC Manual STIG – Ver 1, Rel 20 Solaris 10 x86 Manual STIG – Ver 1, Rel 20 Solaris 11 SPARC Manual STIG – Ver 1, Rel 13 Solaris 11 x86 Manual STIG – Ver 1, Rel 13 SUSE Linux Enterprise Server (SLES) v11 for System z STIG – Ver 1, Rel 11 zOS ACF2 STIG – Ver 6, Rel 33 zOS RACF STIG – Ver 6, Rel 33 zOS TSS STIG – Ver 6, Rel 33 FOUO Network STIGs: http://iase.disa.mil/stigs/net_perimeter/Pages/index.aspx NOTE: DoD PKI Certificate Required JIE Core Data Center (CDC) STIG – Ver 2, Rel 3 JIE Installation Processing Node (IPN) STIG – Ver 2, Rel 3 Benchmarks: http://iase.disa.mil/stigs/scap/Pages/index.aspx Google Chrome for Windows STIG Benchmark Ver 1, Rel 5 HP-UX 11.31 STIG Benchmark – Ver 1, Rel 15 Microsoft Excel 2016 STIG Benchmark – Ver 1, Rel 2 (SCC tool use only) Microsoft Outlook 2013 STIG Benchmark – Ver 1, Rel 6 (SCC tool use only) Microsoft Outlook 2016 STIG Benchmark – Ver 1, Rel 3 (SCC tool use only) Microsoft Windows 2008 DC STIG Benchmark – Ver 6, Rel 40 Microsoft Windows 2008 MS STIG Benchmark – Ver 6, Rel 40 Microsoft Windows 2008 R2 DC STIG Benchmark – Ver 1, Rel 26 Microsoft Windows 2008 R2 MS STIG Benchmark – Ver 1, Rel 27 Microsoft Windows 2012 and 2012 R2 DC STIG Benchmark – Ver 2, Rel 10 Microsoft Windows 2012 and 2012 R2 MS STIG Benchmark – Ver 2, Rel 10 Microsoft Windows 7 STIG Benchmark – Ver 1, Rel 34 Microsoft Windows 8/8.1 STIG Benchmark – Ver 1, Rel 20 Microsoft Windows Server 2016 STIG Benchmark – Ver 1, Rel 3 Red Hat 5 STIG Benchmark – Ver 1, Rel 19 Red Hat 6 STIG Benchmark – Ver 1, Rel 17 Solaris 10 SPARC STIG Benchmark – Ver 1, Rel 19 Solaris 10 x86 STIG Benchmark – Ver 1, Rel 19 Solaris 11 SPARC STIG Benchmark – Ver 1, Rel 8 Solaris 11 x86 STIG Benchmark – Ver 1, Rel 8 No Longer Supported: http://iase.disa.mil/stigs/sunset/Pages/index.aspx BlackBerry for the OS 7 STIG – Ver 2, Rel 11 Good for Enterprise 8.x STIG – Ver 1, Rel 2 Microsoft Access 2007 STIG – Ver 4, Rel 15 Microsoft Excel 2007 STIG – Ver 4, Rel 13 Microsoft Infopath 2007 STIG – Ver 4, Rel 13 Microsoft Office System 2007 STIG – Ver 4, Rel 16 Microsoft Outlook 2007 STIG – Ver 4, Rel 16 Microsoft PowerPoint 2007 STIG – Ver 4, Rel 16 Microsoft Word 2007 STIG – Ver 4, Rel 15  

STIG Update - DISA will no longer support the following Security Guidance The following STIGs are no longer supported as of 27 Oct 2017 and have been removed from their existing page. They now can be found at: https://iase.disa.mil/stigs/sunset/Pages/index.aspx: BlackBerry for the OS 7 STIG – Ver 2, Rel 11 Good for Enterprise 8.x STIG – Ver 1, Rel 2 Microsoft Access 2007 STIG – Ver 4, Rel 15 Microsoft Excel 2007 STIG – Ver 4, Rel 13 Microsoft Infopath 2007 STIG – Ver 4, Rel 13 Microsoft Office System 2007 STIG – Ver 4, Rel 16 Microsoft Outlook 2007 STIG – Ver 4, Rel 16 Microsoft PowerPoint 2007 STIG – Ver 4, Rel 16 Microsoft Word 2007 STIG – Ver 4, Rel 15 For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

STIG Update – Quarterly release: SRG-STIG_Library.zip DISA has released updates to the SRG/STIG Library Compilations in .ZIP format to correspond with the latest quarterly SRG/STIG update cycle. This release also includes newly released SRGs and STIGs published since the last quarterly release of the SRG/STIG Library Compilations. The SRG/STIG_Library.zip is a compilation of DoD Security Requirements Guides (SRGs), DoD Security Technical Implementation Guides (STIGs) (provided in XCCDF or .pdf format), Checklists, Security Readiness Review (SRR) Tools that are available through the IASE web site’s STIG pages. Two versions of the compilation are produced, an FOUO version and a NON-FOUO version entitled U_SRG-STIG_Library.zip and FOUO _SRG-STIG_Library.zip.  The file name preceded by FOUO_ contains STIGs and related content that has been designated as FOUO. As such a DoD PKI certificate is required to download it. The file name preceded by U_ is the NON-FOUO version which does not contain FOUO. It is therefore downloadable by the general public. These compilations may be used and distributed in the same manner as the individually downloaded documents. The FOUO compilation as a whole and any separated FOUO content must be handled in accordance with customary FOUO handling and dissemination guidelines. Please see “SRG/STIG Library Compilation READ ME” for additional information to include download / extraction instructions and a FAQ. All related files are available on IASE at: https://iase.disa.mil/stigs/compilations/Pages/index.aspx.

STIG Update - DISA has released the Akamai Kona Site Defender (KSD) Impact Level 2 (IL2) STIG Version 1 DISA has released the Akamai Kona Site Defender (KSD) Service Impact Level 2 (IL2) Security Technical Implementation Guide (STIG) Version 1. The requirements of the STIG become effective immediately. The STIG is available at https://iase.disa.mil/stigs/Pages/index.aspx. For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

STIG Update - Adobe Acrobat Pro XI STIG V1R1 DISA Risk Management Executive has released the Adobe Acrobat Pro XI Security Technical Implementation Guide (STIG) Version 1 Release 1. The requirements of the STIG become effective immediately. The STIG is available on IASE at https://iase.disa.mil/stigs/app-security/desktop/Pages/acrobat-pro.aspx. For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil Update your subscriptions, modify your password or e-mail address, or stop subscriptions at any time on your Subscriber Preferences Page. You will need to use your email address to log in. If you have questions or problems with the subscription service, please visit subscriberhelp.govdelivery.com. All other inquiries can be directed to subscriptions@disa.mil.

STIG Update - DISA has released the JIE Enterprise Remote Access STIG, Version 1 DISA has released the JIE Enterprise Remote Access STIG, Version 1. The requirements become effective immediately. The STIG is available at http://iase.disa.mil/stigs/net_perimeter/jie_network/Pages/jie_network.aspx. For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

STIG Update - Apple OS X 10.12 (Sierra) STIG V1R1 DISA Risk Management Executive has released the Apple OS X 10.12 (Sierra) Security Technical Implementation Guide (STIG) Version 1 Release 1. The requirements of the STIG become effective immediately. The STIG is available on IASE at https://iase.disa.mil/stigs/os/mac/Pages/mac-os.aspx.   For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

STIG Update – Microsoft Windows Defender Antivirus STIG V1R1 DISA Risk Management Executive has released the Microsoft Windows Defender Antivirus Security Technical Implementation Guide (STIG) Version 1 Release 1. The requirements of the STIG become effective immediately. The STIG is available on IASE at https://iase.disa.mil/stigs/app-security/antivirus/Pages/index.aspx.   For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

STIG Update - Windows 10 Support Dates and Information Every Windows product has a lifecycle. The lifecycle begins when a product is released and ends when it’s no longer supported. Knowing key dates in this lifecycle helps you make informed decisions about when to upgrade or make other changes to your software. Below are the dates for Windows 10 lifecycle support: Windows 10 version 1507  – May 9, 2017 Windows 10 version 1511 - October 10, 2017 Windows 10 version 1607  – Tentatively March 2018 Windows 10 version 1703  – Tentatively September 2018 Windows 10 Version v1511 will become unsupported on 10 October 2017 at which time it will become a CAT I severity to have it installed.  Organizations must upgrade to at least v1607 by that time. It is recommended upgrading to the latest released version. Refer to this link for additional information: https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet.   For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

STIG Update - DISA has released the HBSS McAfee Agent STIG DISA has released an update to the HBSS McAfee Agent STIG Version 4 Release 15.  The requirements of the STIG become effective immediately. The STIG is available at https://iase.disa.mil/stigs/hbss/Pages/index.aspx.     For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil