cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

Cisco STIGs

This page was developed to track all the current DISA STIGs for Cisco Devices.  All new revisions of the content within will be noted here.  I do apologize for the multiple downloads.  It is a recommended process for those new to this customization to help alleviate any "cacheing" issues when attempting to "Update Reports" within NCM.  Also, many users have requested certain parts of the STIGs they would like to check for and does not burden them with "All" STIGs. 

 

Please feel free to contact me if you need assistance. 

Cisco-IOS-Switch-NDM-Security-Technical-Implementation-Guide 

Cisco-IOS-Switch-L2S-Security-Technical-Implementation-Guide 

Cisco-IOS-Switch-RTR-Security-Technical-Implementation-Guide 

Cisco-IOS-Router-NDM-Security-Technical-Implementation-Guide 

Cisco-IOS-XE-Switch-RTR-Security-Technical-Implementation-Guide 

Cisco-IOS-Switch-L2S-Security-Technical-Implementation-Guide 

Cisco-IOS-Router-RTR-Security-Technical-Implementation-Guide 

Cisco-IOS-XE-Switch-RTR-Security-Technical-Implementation-Guide 

Cisco-IOS-XE-Router-RTR-Security-Technical-Implementation-Guide 

Cisco-IOS-XE-Router-NDM-Security-Technical-Implementation-Guide 

Cisco-IOS-XE-Router-NDM-Security-Technical-Implementation-Guide 

Cisco-IOS-XR-Router-RTR-Security-Technical-Implementation-Guide 

Cisco-IOS-XR-Router-NDM-Security-Technical-Implementation-Guide 

Cisco-NX-OS-Switch-NDM-Security-Technical-Implementation-Guide 

Cisco-NX-OS-Switch-L2S-Security-Technical-Implementation-Guide 

 

 

 

 

 

Firewall Security Technical Implementation Guide - Cisco Version: 8:  Release: 25:  26 Jan 2018

 

 

 

Criteria:    Port Management running IOS, IOS-XE, and NX-OS

STIG-V8R19-CSCO-Port Management

 

 

-------------------------------------------------------------------------------------------------------------------------

Everything DISA STIGs for your Network

 

DISA STIG Master List (A-Z)

Labels (2)
Comments

Any chance that you can bundle these into one download per group? My NCM server does not have Internet access so I have to air-gap these. I can do them one at a time, but it sure would be nice to be able to download one zip file for each category!

Thanks,

Jon

Since these are created using separate reports, each report contains policies and rule sets.  All of this is stored in the actual database (in 6+ tables) and is not stored locally in the SolarWinds server.  To do a bulk import, a SQL query would need to be developed to place all of these reports, rules and policies in the appropriate locations.  I want to do this myself, but it is very time consuming and I have not yet had the chance.  An alternate solution would be a possible feature request for bulk report import and export, so I am now requesting it.  Please vote here: 

The long-term plan is to include these out of the box in NCM.

This sounds even better Jiri!  Quite a few of us deal with totally isolated networks.  I have to admit it's much easier with an internet connection as I have some like that as well.

Wow--and I thought you were looking for Network "Stigs", as in folks who drive the network amazingly like a certain race car driver from Top Gear!

Now that I think about it, that WOULD be interesting . . .  How would one qualify as a Network Stig?

Hehe lololol I wish it was only about race car driving :^}

Security Technical Implementation Guides

Apparently there is also an IKEA chair called STIG:  STIG Bar stool with backrest - 24 3/4 " - IKEA

You are really rolling this stuff out CourtesyIT​.  Good job!  I know you are helping a lot of people with this.

I always think oft Stig from The Beatles Parody/tribute band, The Rutles. But I'm happily senile.

The Rutles - Wikipedia, the free encyclopedia

Stig is the guy in the 2nd row of photos from the top on this vid:

The Rutles - A Hard Day's Rut - Full Album (Part 1) - YouTube

But there are rumors that he's dead:

Stig is dead - The Rutles Wiki - Wikia

Some say he is the one true font of knowledge for all search engines,

and that electrons are actually shaped like his head.

All we know is, he's not the Stig but the Stig's uber-geek cousin, Network Stig.

Whoever starts his/her post with "Some say ..." has my attention .

Great Comments! Always enjoy your expertise and information goodzhere!

Great Information...thank you very much for posting this for everyone!

When will the new 27 Jul 2018 L2 and L3 Cisco STIGs be available for download?

I need help downloading the STIGS into my server! I can go through the THWACK community to the server because its is blocked.  Can I download from a commercial source and import to the SolarWinds server?

You are awesome!

Thanks for updating! I have to work with Solarwinds support to fix this issue I'm having now... I'm getting a "Error occurred during compliance cache generation"...

Been driving myself mad over trying to figure out a solution. Google hasn't been any help.

EDIT! FIGURED IT OUT. The XML files are looking for C1_DeviceType NOT C1_Device_Type

Please refer to the following link for these STIGs.  They all been updated to current levels.  If there is an error please advise.

Cisco STIGs

How did you change it from C1_DeviceType to C1_Device_Type. I created the custom property as C1_Device_Type but the L2 Switch uses Device_Type.

@CourtesyIT  Good Morning - I am trying to find an updated listing for 2020 CISCO STIGs I may use for SOLARWINDS.  Is there a mechanism in place where SOLARWINDS updates the STIGS soon after DISA updates?  I work on a DOD network and need to stay current.

Thanks

 

updated links and reports

Good stuff, I'll upload into my lab to see details. Mahalo

Thanks @CourtesyIT !

Looks like 'STIG-V8R19-CSCO-Port Management​' is a dead link.  Should it be pointed to this https://thwack.solarwinds.com/docs/DOC-202425 ?

Also, you got 'Cisco-IOS-XE-Router-NDM-Security-Technical-Implementation-Guide' listed twice -- appears to just be a duplicate as the URL is the same.

Version history
Revision #:
3 of 3
Last update:
‎07-05-2020 05:16 PM
Updated by: