On Monday, 02/10/2020 at 08:59 GMT, ITschak Mugzach <[email protected]> wrote: > As you may know, DISA has release, long ago, a zLinux STIG. I wonder ow do you > assess these guests. You may answer privately. > > Full disclosure: As may seen on my signature, we are makers of DISA STIG ISCM > (Information Security Continuous Monitoring) product for IBM legacy system > operating systems.
Eh? The Linux STIGs at DISA are current for: - Ubuntu 16.04 - RHEL 6 - RHEL 7 - SLES 12 See https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux What they don't have is a current z/VM STIG. While a new one from z/VM Development is about to undergo internal review within IBM, until it's published I think the best choice for z/VM security configuration is the one I provide to my clients as part of a security assessment. I say that because I haven't seen anyone else pushing theirs as an alternative, and "I know a thing or two because I've seen a thing or two." (Let's consolidate any z/VM discussion on IBMVM since it's n/a to Linux.) Alan Altmark Senior Managing z/VM and Linux Consultant IBM Systems Lab Services IBM Z Delivery Practice ibm.com/systems/services/labservices office: 607.429.3323 mobile; 607.321.7556 [email protected] IBM Endicott ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www2.marist.edu/htbin/wlvindex?LINUX-390
