On 7/20/17 4:13 PM, Moessbauer, David wrote: > > All, > > > > Our program is currently working through the architecting of the next > release, and the decision point is upon us WRT OS version - RHEL6 or > RHEL7. One significant factor (at least from a cybersecurity > perspective, is the ability to efficiently / effectively conduct STIG > reviews via the SCAP tools. > > > > This said, is there any place I could ascertain the projected release > of the RHEL 7 Benchmarks? > > > > I apologize if this is not the appropriate venue for such a question, > or if it is so obviously in front of me I should already know, but > honestly I have not closely monitored this feed of late, since I have > been stuck in the RHEL 5 world and trying to keep the system secure in > that context. > > >
RHEL 6.4+ and RHEL7.x ship automation content. It sounds like your systems are very long-lived, given that you're dealing with RHEL5. Note that RHEL6 is has entered "Production Phase 3" which means no new features or hardware enablement [0]. If you're asking for when *DISA* will release automation content: They've stated they have no intention to release automation content for Red Hat STIGs moving forward. This isn't terrible... e.g. why should DISA release automation content when it's delivered natively in the platform (via the SCAP Security Guide)? [0] https://access.redhat.com/support/policy/updates/errata#Production_3_Phase
_______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected]
