cancel
Showing results for 
Search instead for 
Did you mean: 
CourtesyIT
Level 15

Re: Everything DISA STIGs for your Network

Jump to solution

ecklerwr1​, You are correct when apply DISA STIGs to the server.  Most of the issue is focused around .NET and IIS.  I always request a phased approcach to application of Server STIGs to my servers.  I have them do a small batch 5-15 at a time so we can go back and fix if needed.  I do not have a list of exceptions to give but I would split the list and take it slow.

ecklerwr1
Level 19

Re: Everything DISA STIGs for your Network

Jump to solution

Thanks.  The good news is I think since this is a new IS that everything can be installed without the STIG in effect first...  I just don't want to break it all because looking at notes from another installers notes they stated they applied the STIG and it broke NPM so badly they ended up having to completely rebuild the servers again and re-installing the software to get it working again.

CourtesyIT
Level 15

Re: Everything DISA STIGs for your Network

Jump to solution

All,

I have made some corrections and additions to the Cisco STIG Page.  I have added a report that will evaluate all physical ports on your network for the various stigs and requirements.  Please feel free to download, modify for you, and let me know about any changes.  Enjoy.

dassey
Level 8

Re: Everything DISA STIGs for your Network

Jump to solution

When I import these from Thwack or via xml import and then update cache, it never stops caching. Anyone seen this?

CourtesyIT
Level 15

Re: Everything DISA STIGs for your Network

Jump to solution

Which one did you import? 

dassey
Level 8

Re: Everything DISA STIGs for your Network

Jump to solution

All of them. I have let it set over a weekend too, to see if that helps. I did one at a time as well to see if that would make a difference.

CourtesyIT
Level 15

Re: Everything DISA STIGs for your Network

Jump to solution

dassey​  please refer to this thread to clear the issue.  I am not sure when you downloaded the STIGs but the Cisco ones should be good as I fixed several issues a couple weeks ago. 

Compliance report stuck in cashing

Highlighted
goodzhere
Level 14

Re: Everything DISA STIGs for your Network

Jump to solution

Awesome thread!  As always, keep up the good work CourtesyIT​!

tallyrich
Level 15

Re: Everything DISA STIGs for your Network

Jump to solution

Good information and providing all the links makes it very thorough.

ecklerwr1
Level 19

Re: Everything DISA STIGs for your Network

Jump to solution

This compliance reports getting stuck in caching really irritates me... I have to go into the database and change the status to get ANY compliance reports to run... this isn't a great design I don't think.  Also not making it so an admin can fix the problem from the web interface makes it even worse!