i want to apply STIG to my Netwitness 11.3. And i found that there is no guide line.
Please refer to "DISA STIG" section in 11.3 System Maintenance Guide.
18.104.22.168 supports all Audit Rules in the DISA STIG Control Group as you can confirm from /etc/audit/rules.d/nw-stig.rules.
STIG will be supported from 22.214.171.124 which is expected to be released in July, 2019.
The 11.3 System Maintenance Guide has been updated to remove the reference to STIG as it was incorrectly added.
The documentation for 126.96.36.199 will list the Exceptions (False positives, future release, etc.) in addition to the OpenSCAP report instructions and the manage_stig_controls script instructions that help you evaluate and address security issues.
As per the guide, "RSA will expand its support of STIG rules in future NetWitness Platform versions".
So how should i apply STIG to my Netwitness 11.3? Which file should i run?
Is it out-of-box support?
Yes, /etc/audit/rules.d/nw-stig.rules should contain the required Audit Rules out-of-box.
I am currently working with the Documentation team to confirm the required steps to install OpenSCAP on 188.8.131.52 as it is mentioned in the guide but appears to be missing from the 11.3 ISO.
I will provide further update once more detail becomes available.
Thanks very much !
After verifying with the Documentation team, it has been confirmed that STIG will be supported from 184.108.40.206 which is expected to be released in July, 2019.
I have updated my original response as well. I am sorry for the confusion.
That will be great! Thanks!
By the way, can you ask the Documentation team to create an KB(knowledge base) also? It could help me get a better understanding of STIG hardening. Thanks.
I expect the 220.127.116.11 System Maintenance Guide to provide the detailed instruction to follow but if anything is lacking, I will create a KB on that and post the link in this thread.
Sure. That is great! Thank you very much!
11.3.1 is now available and please find the instruction on STIG from System Maintenance Guide for RSA NetWitness Platform 11.3 or Sys Maintenance: DISA STIG.
I have seen the document.
Retrieving data ...