Allow for Server Configuration Monitor in HCO to import from NIST instead of having to create custom YAML ones

This will allow us to directly import the STIGs from NIST website rather than having to convert XSL/XML to YAML.

By having NIST do the heavy lifting, this cuts the time to deployment of a configuration profile down significantly.

By doing this, it will ensure that we have the latest security advice and help to secure our environments more effectively.

As an example, there are 236 rules in the only windows server policy Windows Server 2016 version 1, release 10 and the latest on NIST website is Version 2, release 6 -> https://ncp.nist.gov/checklist/753

This would mean just to update the policy to the latest, I would have to run through all of the rules to make sure they show the correct information.

There is only a few years left until 2016 goes EOL, we need to have more up to date OSs readily available to everyone.

Find more posts tagged with

scm

Hybrid Cloud Observability

server configuration monitor

HCO

Status: None

Comments

aldo.lopez

This is totally needed. I do support this feature

kenlacrosse

I would also like to see imports for CIS and STIG benchmarks as well.

ethankaiser

This would be massively helpful to the environment I am in as well. Unfortunately we're now in newer versions of Windows Server and IIS so the yaml files that currently exist don't really provide value to us. This was a major reason we procured SCM.

kenlacrosse

We're currently looking at a tool from CIMTrak from CIMCOR which looks promising. We have a PIC running currently.

jdbrp

This would be very helpful. I agree.

m_roberts

What you are looking for here seems to be more in line with the NCM Compliance Policy Reporting feature. Where that is looking at the configuration of a network device to highlight where compliance is missing. Note that there are a large number of DISA STIG policy reports out the box for that tool.

Where the various features in SolarWinds, especially HCO such as the SAM Asset management collection, SCM for configuration data retrieval, much of the data is being captured to support such a feature to look at such aspects as 'is TFTP Client installed'. Currently SCM for example is focused on collection of the information and then doing a diff on that to identify change. This feature request is wanting to extract data from the various pieces of data SCM can retrieve and perform inclusion/exclusion analysis on this as well.

This would be a good natural extension to this capability, with then the ability to support such data sources such as NIST to automate the policy definitions making everyone's lives much easier, as a capable body has already performed the "Do and Do Not Do's" for us.

jdacus

This would be most helpful, since the STIG cycle is a quarterly update, plus ad-hoc updates thereafter.

lufffunk

Yes, CIS Benchmark imports as well please! @bmrad

ecklerwr1

We need STIG support quarterly. We have had community support for NCM. It's a lot of work to maintain for users though.