Any system implemented by the US Department of Defense (DoD) must meet the DISA Secure Technical Implementation Guidelines (STIG). The STIGs are publicly available and may also be implemented by organizations with particular security requirements. Information on Red Hat products compliance with US government certifications can be found on the Red Hat website.
Red Hat Enterprise Linux (RHEL) 6 and 7, and the included Apache (Apache HTTP Server) 2.2 installation can be configured to meet their respective STIG. For more information, see the following pages from the Information Assurance Support Environment (IASE) website:
New installations of BMC Discovery 11.3 run on CentOS 7. The upgrade to BMC Discovery 11.3 from 11.1 and earlier versions replaces RHEL 6 with CentOS 6. As CentOS is derived from, and aims to be functionally compatible with its upstream source, RHEL, BMC performs the same testing against the Red Hat 6 or 7 STIGs as appropriate.
BMC Discovery is compliant with the following STIG rule versions:
STIG rule version
Red Hat Enterprise Linux 6
|Red Hat Enterprise Linux 7||v1r4|
Apache (Apache HTTP Server)
If an issue arises on an appliance that has been customized to meet the STIG, you might need to reproduce the issue on an unmodified appliance to seek BMC Customer Support assistance.
Changes to meet the RHEL 6 and 7, and Apache 2.2 (Apache HTTP Server) STIG in BMC Discovery
The following sections list the changes that have been made in BMC Discovery to comply with STIG rules. Sections are provided listing STIG rules that you must apply at your discretion. Sections are also provided listing those rules that are not applicable to BMC Discovery, and the reason for non-applicability.