Friday, September 23, 2011

September 2011 STIG updates - IIS 7 and IAVM benchmarks

I was cruising through DISA's site looking for a particular STIG when I noticed the announcement on the top of their STIG page.  DISA has released a couple of STIGs and benchmarks:

IIS 7.0 Server STIG - Version 1, Release 1 - Updated September 20, 2011
IIS 7.0 Site STIG - Version 1, Release 1 - Updated September 20, 2011
Web Policy - Manual STIG, Version 7, Release 1 - Updated September 20, 2011
IAVM 2009 Benchmarks - Updated September 7, 2011
IAVM 2010 Benchmarks - Updated September 7, 2011
IAVM 2011 Benchmarks - Updated September 7, 2011

It appears that the IAVM benchmark files are for HBSS only and they are intended for the HBSS Policy Auditor tool only.  The IAVM benchmark files are contained in the PKI-enabled repository.  It's nice to see the IIS 7.0 STIG officially released.  The note I received from DISA stated:  "The requirements of the STIG become effective immediately."

No comments:

Post a Comment