Windows Server 2008

General support questions for the Secutor Prime product.
Nathan_Hale
Contributor
Posts: 5
Joined: Mon Mar 08, 2010 10:34 am

Windows Server 2008

Postby Nathan_Hale » Thu Feb 17, 2011 9:51 am

When will the Windows Server 2008 profile be released?

gunnar
Site Admin
Posts: 81
Joined: Fri Feb 23, 2007 8:08 pm
Contact:

Postby gunnar » Thu Feb 17, 2011 1:07 pm

Right now NVD only has a prose guide for the Windows Server 2008 benchmark:

http://web.nvd.nist.gov/view/ncp/reposi ... ail?id=264

To the best of my knowledge NIST has been focused lately on Windows 7 and RHEL benchmarks as part of the initial USGCB with no focus yet on Server 2008. Nor am I aware of anybody in the broader community actively working on Server 2008 content (OSX and AIX seems to be more the focus of the SCAP community).

With all that in mind, Server 2008 seems to be a fairly obvious gap. I will check around to see if anybody authoritative is working on that, but we may just take it on ourselves if there's no indication of anything being available in a timely manner.

tegist
Contributor
Posts: 14
Joined: Thu Jul 22, 2010 1:20 pm

Postby tegist » Mon Feb 28, 2011 6:51 pm

Although we're not at all "authoritative", we're having some success using Microsoft's Security Compliance Manager to produce SCAP files. SCM lets us start with the MS guidelines for 2008 R2, make modifications to fit our local environment, and then generate the SCAP files.
Doesn't work perfectly, but it beats the heck out of checking configurations manually.

gunnar
Site Admin
Posts: 81
Joined: Fri Feb 23, 2007 8:08 pm
Contact:

Postby gunnar » Thu Mar 24, 2011 10:33 am

Just as a general FYI, the SCAP content currently produced by the MS SCM tool has a couple of minor issues that, strictly speaking, make the content not quite SCAP compliant.

NIST is aware of this and is currently working to correct that. No estimates yet on how long that might take, but as you've found the current SCM output does produce pretty good results in Secutor Prime.

We also realize that installing SCM and the cabinet files as a process to get SCAP content is tedious and are working on other ways to make server 2008 content available. We should be in a position to distribute this as part of a Secutor Prime update very soon.

As a final note, Secutor Prime contains a tool in the Tools menu called "Remove Old Content" that removes every benchmark that is not part of the current Secutor Prime release. So if you use SCM to produce content, author any of your own, etc, store those benchmarks in a directory called "user-content" under the Prime install directory -- do not put them in either the "oem-content" or "vulnerability-content" directories as those will be deleted when the "Remove Old Content" tool is used.


Return to “Secutor Prime Support”

Who is online

Users browsing this forum: No registered users and 1 guest