cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

DISA STIG Resources for SolarWinds NCM (Now also for Juniper!)

Level 15

This post compiles all the information you need to know about the support for DISA STIGs compliance reports, in SolarWinds Network Configuration Manager (NCM). Don’t miss this DISA STIG posting about LEM: DISA STIG Compliance with Log & Event Manager.

Bookmark it and use it to remember everything about Solarwind’s NCM capabilities in this area. We will update and maintain it moving forward.

Example of a DISA STIG report checking 150 network configurations in a single click!

image_thumb_0BB31D66.png

How to install DISA STIG reports on my NCM?

With NCM 7.x

Just open your NCM 7.x Web interface, go to the Configs tab / Compliance view / Manage Policy Reports.

Go to the "Shared on Thwack" tab and Search for the DISA STIG reports.

Select and Import what you need. More information about the newest refresh, for V8R16 here: How to use the NCM DISA STIG - Cisco.pdf, How to use the NCM DISA STIG - Juniper.pdf.


[For history tracking purpose only: More information about the newest refresh, for V8R14 here.]

[For history tracking purpose only: More information DISA STIG V8R9 Updates about the recent V8R9 update.]

NCM DISA.PNG

With NCM 6.1

The installation of NCM compliance reports (including DISA STIG) can be done only by the WEB UI of the NPM Integration (this constraint will be removed in the next release of NCM) and requires Internet access and thwack credentials.

If you do not have this integration installed you need to install it before you can import the DISA STIG reports.

If you do not have NPM, you can download for free, an evaluation version of NPM from this page, for the purpose of running the integration module and import the DISA STIG reports.

Once you have NPM and the integration module installed an running:

  1. Navigate to the Configs / Compliance view
  2. Click the Manage Policy Reports
  3. Open the Shared on Thwack tab
  4. Select one or multiple DISA STIG reports (use the Search tool to narrow down the content of the window)
  5. You will be asked for your Thwack credentials
    Looking for more information about the recent V8R16 update? How to use the NCM DISA STIG - Cisco.pdf, How to use the NCM DISA STIG - Juniper.pdf.

image_thumb_578ACCA1.png

And what if you are not connected to the Internet?

From any workstation that has an Internet access, download the DISA STIGS xml reports from thwack Content Exchange and copy them on a memory stick or any media that allows you to copy them easily on the target NCM computer (that does not have Internet access).

More information about the new package for V8R16: How to use the NCM DISA STIG - Cisco.pdf, How to use the NCM DISA STIG - Juniper.pdf.


[For history tracking purpose only: More information about the newest refresh, for V8R14 here.]

[For history tracking purpose only: More information about the recent V8R9 update: DISA STIG V8R9 Updates.]

Then:

  1. Navigate to the Configs / Compliance view of the WEB UI of the NCM integration for NPM.
  2. Click the Manage Policy Reports.
  3. From the Manage Reports tab, select Import and select a DISA STIG XML file.
  4. Repeat the last step for all DISA STIG reports you want to import.

image_thumb_3A54FECA.png

Related Thwack postings

Support of the reports

As any Thwack content, the DISA STIG reports are not supported and maintained by Solarwinds.

As NCM users in the Federal Government (and government IT consultants) configure, modify and update the DISA STIG and FISMA compliance reports so they work better in their unique environments, we hope that changes that would be useful to the community would be uploaded and shared on Thwack.

Miscellaneous

  • Please note that the US Army has granted a Certificate of Networthiness (CoN) to NCM V 6.0. CERT-201109082. CoN has also been granted to NPM, APM, NTA and Engineering Toolset.
  • The following SolarWinds products are Common Criteria EAL 2 certified by the NIAP: NPM, SAM (APM), IPAM, NTA, IPSLAM, NCM, EOC. Our Validation ID is 10453
  • You can also find Federal Information Security Management Act (FISMA) / NIST reports for NCM 6.1, on Thwack.com (same installation procedure applies)
  • Did you know that Gartner positions NCM in their research “MarketScope for Network Configuration and Change Management”, Deb Curtis, David Williams, 31 March 2010, ID Number: G00175140, as follows:
    • NCM is the most widely deployed of the products meeting Gartner’s criteria for evaluation (except CiscoWorks)
    • NCM is rated in the top tier (Positive / Strong positive) with the “Big-4”
  • A reference to SolarWinds (NPM) in the SIGNAL Online article “Marines Revolutionize Network In Southwest Afghanistan
8 Comments
Level 15

More on DISA STIG? Check-out this new Log & Event Manager (LEM) posting: DISA STIG Compliance with Log & Event Manager

This is absolutely rad.  I wish there was an updated version of this!

Level 18

Hi milewideinchdeep,

Have you seen the V8R14 update?

Regards,

Jiri

Nope.  I am brand-spanking new to Thwack.  Thanks kindly!  Bookmarking that search now! 

Level 18

Glad to help

Level 11

Finally found this... This will save lots of time and will provide a comprehensive look at the STIGS. I notice that all the STIGS are separate, has anyone ever zipped it up in a package? I need to move it to another network that doesn't have connectivity to download these.

Thanks again!!!

Level 11

Oops.... Found the complete package. Thanks again.

Level 10

This is very helpful.  I was being steered into using the Nessus vulnerability scanner since it has DISA standards "built in".  I like how NCM works and makes remediation easy.

About the Author
Francois has joined the SW product management team in Dec 2010. He has been in the network management space for about 15 years, first in a startup company, then in one of the big 4 and back to a human-size company. Despite his bizarre accent, he is a decent guy to talk to.