cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
31cs.scoi.1
Level 7

Re: Everything DISA STIGs for your Network

Jump to solution

I am having the same issue as Michael.  I have a server with NCM on a non-internet connected system, and I am unable to import the .xml files.

I am an Administrator on the machine as well.  I feel many of the people that will be downloading these STIGs have systems deployed on servers that are either non-internet connecting or their Administrative credentials will prevent them from browsing the Internet.  Can you load the generic NCM exports for the STIGs?

Thanks

0 Kudos
piratemike
Level 7

Re: Everything DISA STIGs for your Network

Jump to solution

i have tried to download them via the shared on thwack site and i get a set of XML errors after i put in my user and PW. other policies DL ok but all of yours error out?

ideas?

EDIT:

also when i pulled all of the files i might be able to use i noticed that your STIG-V8R19-CSCO-OS-L2SW - VTY and Console entry is actually the user access file when you go to download it.

0 Kudos
CourtesyIT
Level 15

Re: Everything DISA STIGs for your Network

Jump to solution

piratemike‌  what is the error you are getting when you attempt to import from Shared on Thwack? 

0 Kudos
CourtesyIT
Level 15

Re: Everything DISA STIGs for your Network

Jump to solution

piratemike‌  is this the error you are seeing (plus or minus numbers)

pastedImage_0.png

If so, I will look into this.  cvachovecj‌ and I will look into this error and adjust. 

Thanks,

CourtesyIT

0 Kudos
CourtesyIT
Level 15

Re: Everything DISA STIGs for your Network

Jump to solution

michael.t.koehler.ctr@mail.mil‌ and 31cs.scoi.1@us.af.mil‌ was the error above the one you were seeing?

I have forwarded and notify the product manager to help investigate this issue.  Thank you for your patience.

V/R

Eric

0 Kudos
piratemike
Level 7

Re: Everything DISA STIGs for your Network

Jump to solution

That's the one!

Thanks again

Sent from my Verizon Wireless 4G LTE smartphone

0 Kudos
cvachovecj
Level 18

Re: Everything DISA STIGs for your Network

Jump to solution

All,

The problem is caused by some extra text that gets appended to the XML when the report is exported from NCM directly to thwack.

Policy-Report-Scrambled.png

Before we find a permanent solution, may I ask CourtesyIT‌ to re-post the reports exported as file?

Whoever needs these reports immediately may download them and delete the extra characters after the </PolicyReport> tag.

Jiri

goodzhere
Level 14

Re: Everything DISA STIGs for your Network

Jump to solution

We would love the ability for a bulk compliance report export/import functionality.  Please vote this up in hopes that it is put on the list for future improvements. 

ecklerwr1
Level 19

Re: Everything DISA STIGs for your Network

Jump to solution

I'm in the same boat with one of my networks completely air gapped PL2...

I wonder what's adding all that text to the xml files???

Perhaps we need a forum for all thinks SW related to dealing with air gapped networks, STIG's, nispom compliance and stuff like that?  It seems like enough of us and even multiple mvp's are all in the same situation... I know it's not so quick and easy if your Orion isn't connected to the internet... it's getting better but we've had to fight with this since version 8 of NPM.  I voted up your bulk import too goodz.

0 Kudos
ecklerwr1
Level 19

Re: Everything DISA STIGs for your Network

Jump to solution

I have a related question... I'm working on a new implementation in a MLS network.  From what I was told applying the STIG to the NPM server broke just about everything... can you peeps give me some insight into how you've handled this?  I mean we all want a functioning Orion and to make our network as audit ready as possible.  Do you have a bunch of exceptions in place?  This setup consists of NPM, NTA, NCM, and EOC.  Everything is windows 2012 R2 Server and SQL Server 2012 if that makes any difference.  Not trying to hijack your thread Eric... I plan to implement your dashboards at some point too... I'm just curious about the problems you've run into with the STIGs and Orion.  Everything is snmpv3 too if that makes any difference.