cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

Everything DISA STIGs for your Network

Jump to solution

Introduction

This page will be the Main Page for all DISA STIG information provided by CourtesyIT.  The intent is to follow this page to alert you to new content and discussions about being DISA STIG Compliant. Please feel free to message me if you would like any STIG\Vendors packages developed that are not listed here.

This page is not endorsed by DISA or Solarwinds, but merely one interpretation of the requirements.  Community involvement is encouraged.

Directory

1. Getting Started

This link will be to discuss ways to get started and how this process and capability can work for you..

How to Use the Compliance Feature in Solarwinds.pdf

How to Create a Policy Report.pdf

2.  How to Create a STIG Dashboard and View

This link will provide a document for you to download and build a Dashboard to show your success with the NCM Compliance feature.

DISA STIG Dashboard

3.  Reports by Vendor

These links will be based on Vendor STIGs.  For best results, please download these reports through NCM.  Navigate via Configs Tab > Compliance > Manage Policy Reports > Shared on Thwack Tab.

Cisco Systems

Juniper Networks

Brocade

Dell Switches

Palo Alto

F5

A10 Networks

Arista Networks

Riverbed

HP FlexFabric

4. Master List (A-Z)

      DISA STIG Master List (A-Z)

        5. Other Customization's

This link is a random sampling of various customization's I found through some Thwackers Content pages. 

How to do various customizations with your Solarwinds

6. Need Help? 

          Option 1.  If you organization is interested in short/long term engagements, you can contact me on Thwack or Solarwinds@CourtesyIT.com

          Option 2.  If you are a DoD Organization you can reach me on any of the email systems or through your Solarwinds Federal Sales Representative.

          Option 3.  If you are interested in NCM Compliance Training.  Please contact Loop 1 Systems for course details.

          Option 4.  If you would help in getting started, send me a configuration (minus key, hashes, and strings) and I can help get you started.

..........................................................................

.........................................................................

..........................................................................

.Living Document. Please Bookmark.

Labels (1)
1 Solution

For best results, please download these reports through NCM.  Navigate via Configs Tab > Compliance > Manage Policy Reports > Shared on Thwack Tab.

View solution in original post

42 Replies

feel free to contact me at solarwinds@courtesyit.com and I can help you with your solution.

0 Kudos
Level 9

I'm setting up the DISA STIG dashboard according to the demo document.  I can setup the view, but my Layer 2 Switches policy violation box list all reports currently configured.  I do not get a list of individual policy reports that I can choose from.  When I edit the box, I only have Title, Sub-title and the Submit button.  Nothing else.  Anyone else seen this?

I've inherited a STIG Compliance setup in Solarwinds from previous employees who "attempted" to create Rules, Policies and Reports in 2017. In trying to use the existing data I have encountered many issues. I would like to start fresh and remove all the old data and start over. Can anyone provide pointers or guidance on how to do this. Also...If I do start over will Importing STIGS from Thwack provide me the most current STIGS?

Good information and providing all the links makes it very thorough.

Level 14

Awesome thread!  As always, keep up the good work CourtesyIT​!

dassey​  please refer to this thread to clear the issue.  I am not sure when you downloaded the STIGs but the Cisco ones should be good as I fixed several issues a couple weeks ago. 

Compliance report stuck in cashing

This compliance reports getting stuck in caching really irritates me... I have to go into the database and change the status to get ANY compliance reports to run... this isn't a great design I don't think.  Also not making it so an admin can fix the problem from the web interface makes it even worse!

Which one did you import? 

All of them. I have let it set over a weekend too, to see if that helps. I did one at a time as well to see if that would make a difference.

Level 8

When I import these from Thwack or via xml import and then update cache, it never stops caching. Anyone seen this?

All,

I have made some corrections and additions to the Cisco STIG Page.  I have added a report that will evaluate all physical ports on your network for the various stigs and requirements.  Please feel free to download, modify for you, and let me know about any changes.  Enjoy.

ecklerwr1​, You are correct when apply DISA STIGs to the server.  Most of the issue is focused around .NET and IIS.  I always request a phased approcach to application of Server STIGs to my servers.  I have them do a small batch 5-15 at a time so we can go back and fix if needed.  I do not have a list of exceptions to give but I would split the list and take it slow.

Thanks.  The good news is I think since this is a new IS that everything can be installed without the STIG in effect first...  I just don't want to break it all because looking at notes from another installers notes they stated they applied the STIG and it broke NPM so badly they ended up having to completely rebuild the servers again and re-installing the software to get it working again.

Level 20

I have a related question... I'm working on a new implementation in a MLS network.  From what I was told applying the STIG to the NPM server broke just about everything... can you peeps give me some insight into how you've handled this?  I mean we all want a functioning Orion and to make our network as audit ready as possible.  Do you have a bunch of exceptions in place?  This setup consists of NPM, NTA, NCM, and EOC.  Everything is windows 2012 R2 Server and SQL Server 2012 if that makes any difference.  Not trying to hijack your thread Eric... I plan to implement your dashboards at some point too... I'm just curious about the problems you've run into with the STIGs and Orion.  Everything is snmpv3 too if that makes any difference.

Level 20

I'm in the same boat with one of my networks completely air gapped PL2...

I wonder what's adding all that text to the xml files???

Perhaps we need a forum for all thinks SW related to dealing with air gapped networks, STIG's, nispom compliance and stuff like that?  It seems like enough of us and even multiple mvp's are all in the same situation... I know it's not so quick and easy if your Orion isn't connected to the internet... it's getting better but we've had to fight with this since version 8 of NPM.  I voted up your bulk import too goodz.

0 Kudos
Level 14

We would love the ability for a bulk compliance report export/import functionality.  Please vote this up in hopes that it is put on the list for future improvements. 

piratemike‌  what is the error you are getting when you attempt to import from Shared on Thwack? 

0 Kudos

piratemike‌  is this the error you are seeing (plus or minus numbers)

pastedImage_0.png

If so, I will look into this.  cvachovecj‌ and I will look into this error and adjust. 

Thanks,

CourtesyIT

0 Kudos

That's the one!

Thanks again

Sent from my Verizon Wireless 4G LTE smartphone

0 Kudos

michael.t.koehler.ctr@mail.mil‌ and 31cs.scoi.1@us.af.mil‌ was the error above the one you were seeing?

I have forwarded and notify the product manager to help investigate this issue.  Thank you for your patience.

V/R

Eric

0 Kudos