This image of Red Hat Enterprise Linux 7 is preconfigured by CIS to the recommendations in the associated CIS Benchmark and STIG. CIS Benchmarks are vendor agnostic, consensus-based security configuration guides both developed and accepted by government, business, industry, and academia. The STIG is the configuration standards for DOD IA and IA-enabled devices or systems. Cloud environments and operating systems are not secure by default. Launching an image hardened according to the CIS STIG Benchmark baselines provides that added security when an organization has to align with those standards. This image has been hardened by CIS and is configured with the majority of the recommendations included in the free PDF version of the CIS STIG Benchmark. The existing consensus-based CIS RHEL 7 Benchmark Level 1 and Level 2 profiles mapped to applicable STIG recommendations have been applied. A new Level 3 profile applied extends the additional requirements from the STIG not covered in the Level 1 and Level 2 profiles. When users are applying CIS Benchmarks and need to be STIG compliant, they will be able to apply all 3 profiles and quickly address the gaps between the original CIS Benchmark and the STIG.
To learn more or access the corresponding CIS STIG Benchmark, please visit the Center for Internet Security website or visit our community platform, CIS WorkBench.
The Benchmark that is the basis for this image was developed for secure solutions that need to incorporate CIS and STIG security for Red Hat Enterprise Linux 7. CIS Benchmarks are developed in a unique consensus-based process comprised of hundreds of security professionals worldwide as de facto, best-practice configuration standards.