CIS: SuSE Linux Enterprise Server 12

The Center for Internet Security (CIS) template for SuSE Linux Enterprise Server 12, Version 3.1.0 was published on January 24, 2022. This template contains implementation for 267 rules that can be installed on TrueSight Server Automation 20.x or later.

  • The existing customized template is renamed before you import the new one (by performing the steps given below).

Determine whether you need to install the template

If you are installing TrueSight Server Automation version 24.2 for the first time (fresh installation), no action is required because this template is installed as a part of the 24.2 installation process.

If you have upgraded to 24.2 or later, this template is not installed automatically. To install this template, do one of the following actions:

  • Perform the steps mentioned in this topic.
    Through this method, the CIS template for SuSE Linux Enterprise Server 12 is installed.

  • Upgrade the compliance content by using one of the following methods:

    Important

    Rename any existing customized template before you run the Auto Content Import Job or install the template manually. 

    • Through the Auto Content Import Job after the upgrade. During the Application Server upgrade, the Network Shell script of this job is updated. After you upgrade TrueSight Server Automation , execute this job to obtain the latest compliance content.
      Through this method, the latest version of all the templates that are available in version 24.2 are installed. For the complete list of supported templates and their versions, see Compliance-Content-support-and-requirements.
    • Install manually by using the content installer. Ensure that you use the content installer of the same version as the Application Server version. For information about how to install the compliance content manually, see Walkthrough-Loading-compliance-content
      When you use this method, you have the flexibility to choose the template that you want to install from the set of templates that are available in version 24.2.

Before you begin

Before you import this template, make sure that the following requirements are met:

  • Rename any existing customized template before you import the latest template.
  • Back up the extended_objects folder located in the <APPRSERVER_INSTALL_DIR>/share/sensors directory on all the Application Servers in a multiple Application Server environment. This folder contains the extended object scripts.

Step 1: Download the files

  1. Access the following EPD link and click TSSA 23.4.00 CIS Updates for CIS - SUSE Linux Enterprise Server 12 to download the CIS - SUSE Linux Enterprise Server 12 package:
    You must log in or register to view this page
  2. Expand to view the checksum-related information

    Verify the downloaded content by using checksums:

    S.No

    File Name

    MD5SUM

    1

    CIS - SUSE Linux Enterprise Server 12.zip

    ea7081c1b28734b82dddf4bbd3536905

    2

    ExtendedObjects.zip

    747d8ec27d102419ef17b1c906d9afd2

  3. Extract the contents of ExtendedObjects.zip to a temporary directory and copy the extracted files to the existing <APPRSERVER_INSTALL_DIR>/share/sensors directory on all the Application Servers.
  4. Move the CIS - SUSE Linux Enterprise Server 12.zip file to the server where the TrueSight Server Automation console is installed.
  5. Import blpackages.zip into the server where the TrueSight Server Automation console is installed:
    1. Extract blpackages.zip to a temporary directory.
    2. In the console, navigate to Depot -> CIS Compliance Content > Remediation Packages > CIS - SUSE Linux Enterprise Server 12.
    3. Right-click SUSE Linux Enterprise Server 12 and select Import.
    4. Select the package zip from the extracted folder.
    5. Click Finish.

Step 2: Import the compliance content

  1. Log in to the TrueSight Server Automation console.
  2. Right-click Component Templates and select Import.
    component_template.png
  3. Select the Import (Version-neutral) option and click OK.
    version neutral.png

  4. Select the CIS - SUSE Linux Enterprise Server 12.zip package from the temporary location and click Next.
    The CIS template for CIS - SUSE Linux Enterprise Server 12 is available in the CIS - SUSE Linux Enterprise Server 12.zip  package.

    zip.png

  5. Select the Use existing objects and Preserve template group path options, and click Next.
    template_selection.png
  6. Navigate to the last screen of the wizard and then click Finish.
    finish.png

  7. After the template is imported successfully, Click OK.
    The imported template is displayed under CIS Compliance Content  >  CIS .
    successful.png

    Important

    After you have sucessfully imported the template, check the default values for the template's local and global properties and make sure that they meet the organization standards.

Rules within the template

The 267 rules provided in the zip package contain the following types of rules:

  • Rules that check for compliance (audit) and provide remediation—205
  • Rules that check for compliance (audit) but do not provide remediation—51
  • Rules that do not check for compliance and do not provide remediation—11

The following are the details of the rules that are divided into parts:

  • Rules not divided into parts = 188
  • Rules divided into two parts (16 Rules) so (16* 2) = 32
  • Rules divided into three parts (9 Rules) so (9* 3) = 27
  • Rules divided into four parts (2 Rules) so (2* 4) = 8
  • Rules divided into six parts (2 Rule) so (2* 6) = 12

The current rule count according to CIS SUSE Linux Enterprise 12 template after running the compliance job is 267 (188+ 32+27+8+12).

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*