https://store-images.s-microsoft.com/image/apps.19394.d7338c39-0219-4dc7-a06f-a03fc8d2ce9c.7e1b0775-9038-4e2c-8f1e-0299ea6abc0c.287df04e-8b06-4148-8c19-83c035d32c61

CIS Red Hat Enterprise Linux 8 STIG Benchmark

Center For Internet Security, Inc. 

CIS Red Hat Enterprise Linux 8 STIG Benchmark

Center For Internet Security, Inc. 

Hardened according to a CIS Benchmark - the consensus-based best practice for secure configuration.

CIS Red Hat Enterprise Linux 8 STIG Hardened Image is a pre-configured image built by the Center for Internet Security (CIS) for use on Azure Virtual Machines. It is built to offer an image secured to industry-recognized security guidance running on Azure Virtual Machines.

This image of Red Hat Enterprise Linux 8 STIG is pre-hardened to CIS Benchmarks guidance and patched monthly. No packages are installed on or removed from this image outside of those already present on the base image or as recommended in alignment with the corresponding CIS Benchmark recommendations.

Guidance from the DoD Cloud Computing SRG indicates that CIS Benchmarks are an acceptable alternative in place of DISA STIGs - configuration standards for DoD Information Assurance (IA) and IA-enabled devices/systems. Launching an image that is hardened according to the CIS STIG Benchmark recommendations provides the ability to easily implement CIS guidance and DISA STIG at once.

To demonstrate conformance to the CIS Red Hat Enterprise Linux 8 STIG Benchmark, industry-recognized hardening guidance, each image includes an HTML report from CIS Configuration Assessment Tool (CIS-CAT Pro). Each CIS Hardened Image contains the following files:

  • Base_CIS-CAT_Report.html - this provides a report of CIS-CAT Pro run against the instance before any change is made by CIS (e.g., software updates, CIS hardening).
  • basevm.txt - this provides a list of the packages resident on the instance prior to any change being made by CIS (e.g., software updates, CIS hardening).
  • CIS-CAT_Report.html - this provides a report of CIS-CAT Pro run against the instance after the corresponding CIS Benchmark was applied to the image.
  • Exceptions.txt - this provides a list of recommendations that are not applied because the configuration of those recommendations may inhibit the use of this image in this CSP, require environment-specific expertise, or hinder the integration of this image with CSP services or extensions.
  • afterhardening.txt - this provides a list of packages resident on the instance after the corresponding CIS Benchmark was applied to the image.

    These reports are located in /home/CIS_Hardened_Reports.

    To speak with us about additional pricing options and private offers, please contact us at cloudsecurity@cisecurity.org.

    To learn more or access the corresponding CIS Benchmark, please visit https://www.cisecurity.org/cis-benchmarks or sign up for a free account on our community platform, CIS WorkBench, https://workbench.cisecurity.org/.

  • https://store-images.s-microsoft.com/image/apps.16437.d7338c39-0219-4dc7-a06f-a03fc8d2ce9c.7e1b0775-9038-4e2c-8f1e-0299ea6abc0c.1f7153b6-7487-4980-a158-7a4da54e4858
    /staticstorage/b139d09/assets/videoOverlay_7299e00c2e43a32cf9fa.png
    https://store-images.s-microsoft.com/image/apps.16437.d7338c39-0219-4dc7-a06f-a03fc8d2ce9c.7e1b0775-9038-4e2c-8f1e-0299ea6abc0c.1f7153b6-7487-4980-a158-7a4da54e4858
    /staticstorage/b139d09/assets/videoOverlay_7299e00c2e43a32cf9fa.png
    https://store-images.s-microsoft.com/image/apps.31332.d7338c39-0219-4dc7-a06f-a03fc8d2ce9c.7e1b0775-9038-4e2c-8f1e-0299ea6abc0c.7f4976e1-f2bf-49ce-854e-99d8ee70f869
    https://store-images.s-microsoft.com/image/apps.48469.d7338c39-0219-4dc7-a06f-a03fc8d2ce9c.7e1b0775-9038-4e2c-8f1e-0299ea6abc0c.10820e2b-5205-4af3-a3bd-0cf60ca187a4
    https://store-images.s-microsoft.com/image/apps.31065.d7338c39-0219-4dc7-a06f-a03fc8d2ce9c.7e1b0775-9038-4e2c-8f1e-0299ea6abc0c.51e96858-0568-4822-b45f-91b537581abd