Compliance Content support and requirements

This topic describes the installation requirements for Compliance Content, and also lists the policies that are supported by TrueSight Server Automation.

The topic includes the following sections:

Before you begin
Compliance Content installation requirements
Best practices for running Compliance Content templates
Policy standards supported by out-of-the-box component templates

Before you begin

If you are installing TrueSight Server Automation for the first time, you can load the compliance content by using one of the following methods:

Install manually. For information about how to install compliance content manually, see Walkthrough-Loading-compliance-content.
Through the Auto Content Import Job. After TrueSight Server Automation is installed successfully, the Auto Content Import Job is started in the background. You can also check the status of this job.

If you are upgrading TrueSight Server Automation, compliance content is not upgraded automatically. You can upgrade the compliance content by using one of the following methods:

Through the Auto Content Import Job. During upgrade, the Network Shell script of this job is updated. After you upgrade TrueSight Server Automation, execute this job to obtain the latest compliance content.
Install manually. Ensure that you use the content installer of the same version as the Application Server version. For information about how to install the compliance content manually, see Walkthrough-Loading-compliance-content.

The back up of the compliance content installer is also stored in the <FileServerPath>\storage\installer_bundle\<operatingsystem>\files\compliance_content directory in the file server. For example:

Windows file server	C:\Program Files\BMC Software\BladeLogic\storage\installer_bundle\windows\files\compliance_content
Linux file server	/opt/bmc/bladelogic/storage/installer_bundle/linux/files/compliance_content

Compliance Content installation requirements

Before beginning the installation of Compliance Content libraries for TrueSight Server Automation, verify that the requirements listed in the following table are met on the TrueSight Server Automation Application Server.

Notes

Perform this installation only on the Application Server of TrueSight Server Automation. Installation will not complete successfully if you attempt to install on any other host computer.

The installer for TrueSight Server Automation Compliance Content does not support installation in non-GUI mode (Console mode). It will need GUI access (X server) to complete the installation.

If you are running the installation process for the purpose of upgrading or repairing previously installed component templates, ensure that all existing Compliance Content component templates are closed (that is, not open for editing) in the TrueSight Server Automation Console.

Best practices for running Compliance Content templates

BMC recommends the following best practices for running Compliance Content templates:

Run a single Compliance Job against a particular target, because compliance jobs are Application Server centric with high CPU utilization.
Limit the number of targets to be processed in parallel by the number of work item threads (WIT) available to execute jobs.
The CIS RHEL 6 and CIS Windows 2008 R2 out-of-the-box templates are tested against number of targets per Compliance Job. These two templates were shown to run successfully against 3000 targets, with job level parallelism equal to 100.
Run the BLPackages created as part of remediation job sequentially, rather than in parallel. Note that running the BLPackges sequentially requires more time. If multiple BLPackages are trying to access or modify the same file that is a part of remediation, then running multiple Deploy Jobs in parallel may lead to a deadlock.
It is recommended that you do not run multiple Compliance Jobs with the same set of targets at any given time.
Compliance Jobs can successfully run in parallel with a NSH Script Job. File Deploy Jobs and USP Jobs can also run in parallel, but this will affect the performance of Compliance Jobs.

Policy standards supported by out-of-the-box component templates

The following series of tables list the operating systems supported by Compliance Content component templates for the various types of policies, as targets for compliance analysis. For each relevant Compliance Content template, benchmark details (version/release and update) are provided. The versions of TrueSight Server Automation that support each policy and OS are indicated, with a clear indication of when each component template was introduced in the product.

Center for Internet Security (CIS)

Operating System	Supported TrueSight Server Automation versions / Benchmark details
	8.9.04	8.9.04.001	8.9.04.003	20.02	20.02.01	21.02	21.02.01	21.3	22.2	23.1	23.2
Amazon Linux 2	❌️	❌️	❌️	❌️	❌️	❌️	❌️	✅️	✅️	✅️	✅️
Amazon Linux 2	✅️							Version 1.0 as of September, 2021
CentOS Linux 7	❌️	❌️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
CentOS Linux 7			Version 2.2.0 as of December, 2017
CentOS 8	❌️	❌️	❌️	❌️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
CentOS 8					Version 1.0.0 as of October, 2019
Oracle Linux 6	❌️	❌️	❌️	❌️	❌️	✅️	✅️	✅️	✅️	✅️	✅️
Oracle Linux 6			Version 1.1.0 as of December, 2017
Oracle Linux 7	❌️	❌️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Oracle Linux 7			Version 2.1.0 as of December, 2017			Version 3.0.0 as of June, 2020
Oracle Linux 8	❌️	❌️	❌️	❌️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Oracle Linux 8					Version 1.0.0 as of November, 2019			Version 1.0.1 as of September, 2021
Ubuntu Linux 18.04	❌️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Ubuntu Linux 18.04		Version 1.0.0 as of August, 2018
Ubuntu Linux 20.04									✅️	✅️	✅️
									Version 1.1.0 as of March 2021
Red Hat Enterprise Linux 6.x	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Red Hat Enterprise Linux 6.x	Version 2.1.0 as of December, 2017
Red Hat Enterprise Linux 7.x	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Red Hat Enterprise Linux 7.x	Version 2.2.0 as of December, 2017					Version 3.0.1 as of September, 2020
Red Hat Enterprise 8.x	❌️	❌️	❌️	❌️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Red Hat Enterprise 8.x					Version 1.0.0 as of September, 2019					Version 2.0.0 as of February, 2022
Red Hat Enterprise 9.x	❌️	❌️	❌️	❌️	❌️	❌️	❌️	❌️	❌️	❌️	✅️
											Version 1.0.0 as of November, 2022
Windows Server 2008	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2008	Version 3.1.0 as of March, 2018
Windows Server 2008 R2	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2008 R2	Version 3.1.0 as of March, 2018
Windows Server 2012	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2012	Version 2.1.0 as of March, 2018
Windows Server 2012 R2	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2012 R2	Version 2.3.0 as of March, 2018
Windows Server 2016	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2016	Version 1.1.0 as of October, 2018					Version 1.2.0 as of May, 2020
Windows Server 2019	❌️	❌️	❌️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2019				Version 1.1.0 as of January, 2020						Version 1.3.0 as of March, 2022
Windows Server 2022									✅️	✅️	✅️
									Version 1.0.0 as of February 2022
IBM AIX 6.1/5.3	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
IBM AIX 6.1/5.3	Version 1.1.0 of September, 2012
IBM AIX 7.1	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
IBM AIX 7.1	Version 1.1.0 of as September, 2013
Oracle Solaris 11.1	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Oracle Solaris 11.1	Version 1.0.0 of as October, 2013
SuSE Linux Enterprise Server 10	❌️	❌️	❌️	❌️	❌️	✅️	❌️	❌️	❌️	❌️	❌️
SuSE Linux Enterprise Server 10	Version 1.0.0 of September, 2013
SuSE Linux Enterprise Server 11	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
SuSE Linux Enterprise Server 11	Version 2.1.0 as of December, 2017
SuSE Linux Enterprise Server 12	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
SuSE Linux Enterprise Server 12	Version 2.1.0 as of December, 2017

Defense Information Systems Agency (DISA)

Operating System	Supported TrueSight Server Automation versions / Benchmark details
Operating System	8.9.04	8.9.04.001	8.9.04.002	8.9.04.003	20.02	20.02.01	21.02	21.02.01	21.3	22.2	23.1	23.2
Windows Server 2008 DC	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2008 DC	Version 6/Release 1.32 of April, 2016
Windows Server 2008 MS	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2008 MS	Version 6/Release 1.32 of April, 2016
Windows Server 2008 R2 DC	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2008 R2 DC	Version 1/Release 28 of October, 2018		Version 1/Release 31 of July, 2019
Windows Server 2008 R2 MS	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2008 R2 MS	Version 1/Release 28 of October, 2018		Version 1/Release 30 of July, 2019
Windows Server 2012 and 2012 R2 DC	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2012 and 2012 R2 DC	Version 2/Release 14 of October, 2018		Version 2/Release 18 of October, 2019		Version 2/Release 18 of October 2019	Version 2/Release 19 of January, 2020				Version 3/Release 2 of 4th May, 2021
Windows Server 2012 and 2012 R2 MS	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2012 and 2012 R2 MS	Version 2/Release 14 of October, 2018		Version 2/Release 16 of July, 2019		Version 2/Release 17 of October 2019					Version 3/Release 2 of 4th May, 2021
Windows Server 2016	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2016	Version 1/Release 6 of October, 2018		Version 1/Release 9 of July, 2019			Version 1/Release 10 of January, 2020				Version 2/Release 2 of 4th May, 2021
Windows Server 2019	❌️	❌️	❌️	❌️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2019					Version 1/Release 3 of January, 2020					Version 2/Release 2 of 4th May, 2021	Version 2/Release 2 of May, 2022
Red Hat Enterprise Linux 6	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Red Hat Enterprise Linux 6	Version 1/ Release 20 of October, 2018	Version 1/ Release 21 of January, 2019	Version 1/ Release 23 of July, 2019		Version 1/Release 24 of October, 2019					Version 2/Release 2 of 22nd January, 2021
Red Hat Enterprise Linux 7	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Red Hat Enterprise Linux 7	Version 2/ Release 1 of July, 2018	Version 2/ Release 2 of January, 2019	Version 1/ Release 23 of July, 2019		Version 2/Release 5 of October, 2019	Version 2/Release 7 of April, 2020				Version 3/Release 6 of 27th January , 2022
Red Hat Enterprise Linux 8	❌️	❌️	❌️	❌️	❌️	❌️	✅️	✅️	✅️	✅️	✅️	✅️
Red Hat Enterprise Linux 8							Version 1/Release 0.1, May 2020
IBM AIX 6.1	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
IBM AIX 6.1	Version 1/Release 3 of October, 2014
HP-UX 11.23	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
HP-UX 11.23	Version 1/Release 4 of January, 2015
HP-UX 11.31	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
HP-UX 11.31	Version 1/Release 6 of April, 2015
Oracle Solaris 10 x86	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Oracle Solaris 10 x86	Version 1/Release 9 of January, 2015
Oracle Solaris 10 SPARC	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Oracle Solaris 10 SPARC	Version 1/Release 9 of January, 2015
Oracle Solaris 11 x86	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Oracle Solaris 11 x86	Version 1/Release 2 of January, 2015	Version 1/Release 17 of April, 2019
Oracle Solaris 11 SPARC	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Oracle Solaris 11 SPARC	Version 1/Release 2 of January, 2015

Payment Card Industry (PCI)

Operating System	Benchmark details	Supported TrueSight Server Automation versions
Operating System	Benchmark details	8.9.04	8.9.04.001	8.9.04.002	8.9.04.003	20.02	20.02.01	21.02	21.02.01	21.3	22.2	23.1	23.2
PCIv3.2.1
Windows Server 2016	3.2.1 as of May 2018	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Red Hat Enterprise Linux 6.x	3.2.1 as of May 2018	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Red Hat Enterprise Linux 7.x	3.2.1 as of May 2018	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
PCIv3
Windows Server 2012	3.0 as of November 2013	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2012 R2	3.0 as of November 2013	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2008 R2	3.0 as of November 2013	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Red Hat Enterprise Linux 6.x	3.0 as of November 2013	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Red Hat Enterprise Linux 7.x	3.0 as of November 2013	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
IBM AIX 6.1/5.3	3.0 as of November 2013	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
IBM AIX 7.1	3.0 as of November 2013	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
SuSE Linux Enterprise Server 11	3.0 as of November 2013	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
PCIv2
Red Hat Enterprise Linux 5.x	2.0 as of October, 2010	❌️	❌️	❌️	❌️	❌️	❌️	❌️	❌️	❌️	❌️	❌️	❌️
Windows Server 2008	2.0 as of October, 2010	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
PCI
HPUX 11i	1.2 as of October, 2008	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Oracle Solaris 10	1.2 as of October, 2008	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️

Sarbanes-Oxley (SOX) Act

Operating System	Supported TrueSight Server Automation versions
Operating System	8.9.04	8.9.04.001	8.9.04.002	8.9.04.003	20.02	20.02.01	21.02	21.02.01	21.3	22.2	23.1	23.2
HP-UX 11i	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Oracle Solaris 10	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️

Health Insurance Portability and Accountability Act (HIPAA)

Operating System	Supported TrueSight Server Automation versions
Operating System	8.9.04	8.9.04.001	8.9.04.002	8.9.04.003	20.02	20.02.01	21.02	21.02.01	21.3	22.2	23.1	23.2
IBM AIX 7.1	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
HPUX 11i	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Red Hat Enterprise Linux 6	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Red Hat Enterprise Linux 7	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Oracle Solaris 10	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2008	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️
Windows Server 2012	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️	✅️