DISA STIG Updates - 8 February 2017

Dave_Signori
Dave_Signori
in NetMRI Configuration Policy Service

Install.txt, README.txt, policy files and hash verification for DISA STIG update for 8 February, 2017.

 

This package will update the DISA STIG Policies and Policy Rules on a given
NetMRI to the STIG libraries released on 8 February 2017. These STIG libraries
are:
STIG Firewall Version 8 Release 21
STIG Infrastructure Layer 2 Switch Version 8 Release 20
STIG Infrastructure Layer 3 Switch Version 8 Release 21
STIG Infrastructure Router Version 8 Release 21
STIG Network Devices Version 8 Release 20
STIG Perimeter Layer 3 Switch Version 8 Release 24
STIG Perimeter Router Version 8 Release 24

 

The installation program will update existing rules on the device based on the
title of the existing rules; if the program cannot find the rule that is being
updated, it will create the new rule(s) from the latest STIG libraries. It will
also prune rules that are no longer needed that have been found on the device.

 

INSTALLATION
============
See the file INSTALL.

 

CHANGES SINCE 20170208
======================
CAT II and III STIGs have been updated for F5 and Juniper devices.

 

NET0162
Check Content in description has been updated.

NET0164
Check Content in description has been updated.

NET0166
Check Content in description has been updated.

NET0167
Check Content in description has been updated.

NET0378
Rule created. The Policy Rule will fail if a given Firewall is listening
on port 23 or 1467.

NET0710
Rule has been updated to check if LLDP is included in the global
configuration and as such is no-longer a Cisco-only Policy Rule. Cisco devices
should still check to ensure that they are not using CDP globally as well as
LLDP.

 

Updated Policy Rule Names
-------------------------
NET-IPV6-004
NET-IPV6-005
NET-IPV6-006
NET-IPV6-008
NET-IPV6-010
NET-IPV6-011
NET-IPV6-016
NET-IPV6-017
NET-IPV6-024
NET-IPV6-025
NET-IPV6-026
NET-IPV6-027
NET-IPV6-028
NET-IPV6-029
NET-IPV6-030
NET-IPV6-031
NET-IPV6-032
NET-IPV6-033
NET-IPV6-034
NET-IPV6-035
NET-IPV6-047
NET-IPV6-048
NET-IPV6-060
NET-IPV6-061
NET-IPV6-062
NET-IPV6-063
NET-IPV6-064
NET-TUNL-001
NET-TUNL-002
NET-TUNL-003
NET-TUNL-004
NET-TUNL-006
NET-TUNL-007
NET-TUNL-019
NET-TUNL020E
NET-TUNL020I
NET0366
NET0375
NET0377
NET0379
NET0380
NET0386
NET0388
NET0390
NET0391
NET0392
NET0395
NET0396
NET0398
NET0410
NET0412
NET0422
NET0728
NET0745
NET0780
NET0800
NET0892
NET0910
NET0911
NET0912
NET0918
NET0920
NET0921
NET0923
NET0924
NET0926
NET0927
NET0950
NET0960
NET0993
NET1001
NET1006
NET1288
NET1289
NET1300
NET1780
NET1807
NET1808
NET1970
NETMCAST009

Categories