DISA: Red Hat Enterprise Linux 6

This document provides information about the hotfix containing Red Hat Linux 6 Benchmark Version 2 Release 2 published on 22 January 2021. This template contains implementation for 283 rules that can be installed on  TrueSight Server Automation 21.x Onward.

Important

  • On the file server, check the value of the featureDisaRedhat6Template key in the content.version file, located in the %FILESERVER%\BladeLogic\storage\Content directory. Depending on the value, do one of the following:
    • If the value is 22.2.00.000, you don’t need to perform the steps mentioned in this topic, as these templates are deployed as part of the 22.2 installation process.
    • If the value is lower than 22.2.00.000, perform the steps mentioned in this topic to deploy these templates.
  • If existing template is customized, make sure to rename it before importing new one and performing below steps.
  • Ensure to review Template's local and global properties default values to match with organization standards

Before you begin

Before you install this hotfix, ensure that you perform the following:

  • Save backup copies of the sensors folders, which are present on all Application Servers in your environment. The sensors folders contain extended object scripts and is located at the following path on an Application Server:
    <Application_Server_installation_directory >/share/sensors

Step 1: Downloading and installing the files

Download the DISA_Template_and_EO package from the EPD location and extract its contents to a temporary location on the file server.

You must log in or register to view this page


Click here to expand checksum related infromation

 Verify the downloaded content by using the following check sums.

S.No

File Name

MD5SUM

1

DISA - RedHat 6.zip

6cd4cee1cef737e5fa457bbfb0e3cb65

2

extended_objects.zip

7256bc7b8b0b5bf57424524aa7c7d4db

  1. Move the DISA-RedHat6 package to your RCP client server.
  2. Extract the contents from the extended_objects package and move them to a temporary location on all Application Servers.

Step 2: Replacing the extended object scripts on all Application Servers

Ensure that you perform the following steps on all the Application Servers in your environment:

Navigate to the extended objects script files on your Application Server: <Application_Server_installation_directory >/share/sensors/

Step 3: Importing the Compliance Content

  1. Log on the Console.
  2. Right-click on Component Templates and click Import
  3. Select the Import (Version-neutral) option.
  4. Select the DISA - RedHat 6.zip package and click Next.
    image2022-5-17_22-58-17.png

  5. The DISA STIG template for RHEL 6 is available in the DISA - RedHat 6.zip package. To import the templates, select the templates:

    image2022-5-18_10-18-34.png

  6. Ensure that you select the Use existing object and Preserve template group path options before you click Next.
  7. Navigate to the last screen of the wizard and click Finish.
    The templates are imported.

         image2022-6-9_11-32-30.png

Special issues for rules within the template

The following are the details of the 269 rules provided in the zip package. It contains the following types of rules:

  • Rules that check for compliance and provides remediation - 173
  • Rules that check for compliance but do not provide remediation - 76
  • Rules that do not check for compliance and do not provide remediation - 20

The following are the details of the rules that are divided into parts:

  • Rules not divided into parts - 247
  • Rules Divided into two parts - (18 Rules divided into 2 parts) so (18 * 2) = 36

So, the current rule count as per DISA - Red Hat Enterprise Linux 6 template after running the compliance job is 283 (247+ 36)

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*