This image of Microsoft Windows Server 2019 is pre-configured by CIS to the recommendations in the associated CIS Benchmark and DoD Security Technical Implementation Guide (STIG). CIS Benchmarks are vendor agnostic, consensus-based security configuration guides both developed and accepted by government, business, industry, and academia. The STIG is the configuration standard for DoD IA and IA-enabled devices or systems. Cloud environments and operating systems are not secure by default. Launching an image hardened according to the CIS Microsoft Windows Server 2019 STIG Benchmark baselines provides added security when an organization has to align with those standards. This image is hardened by CIS and is configured with the majority of the recommendations included in the free PDF version of the CIS Microsoft Windows Server 2019 STIG Benchmark. The existing consensus-based CIS Microsoft Windows Server 2019 Benchmark Level 1 and Level 2 profiles mapped to applicable STIG recommendations are applied. A new STIG profile applied extends the additional requirements from the STIG not covered in the Level 1 and Level 2 profiles. When users are applying CIS Benchmarks and need to be STIG compliant, they will be able to apply the STIG profile which compiles those Level 1 and Level 2 recommendations along with the new STIG recommendations into a single profile. Due to the impact of applying all of the Level 2 recommendations to the STIG profile, only the Level 2 recommendations that directly map to the STIG are included. All of the Level 1 and Level 2 recommendations not included in the STIG profile will need to be applied and assessed separately.
To learn more or access the corresponding CIS Microsoft Windows Server 2019 STIG Benchmark, please visit cisecurity.org. The Benchmark that is the basis for this image was developed for secure solutions that need to incorporate CIS and STIG security for Microsoft Windows Server 2019.