This topic explains STIG compliance security standards and measures.
STIG compliance demands high security standards and measures for servers and other network appliances. Most STIG-compliant configurations are not visible during normal server operation. However, there are three areas in which STIG-compliant changes are visible and affect the operation of the server:
- User account passwords and usage
- Direct login to the root account
- Kernel audit loggingNote: To maintain backward functional compatibility with previous BlueCat releases, BlueCat appliances and VMs ship with these three STIG features disabled. You must enable STIG compliance in order to activate these STIG features.
User account passwords and usage
Direct login to the root account
Logging in to the root account on the console or through an SSH session has been disabled. When this restriction is enabled, a non-privileged log in account (bluecat is the user name and the password) is created automatically to allow you log in to the server. To gain root access to the server, you must login as bluecat and use the su – command to gain access to the root shell.
Kernel audit logging
Audit logging of file access and other kernel services is enabled. Currently, the default audit rules required by the DISA SRR scanning scripts create a significant performance slowdown owing to extensive diagnostic logging. BlueCat recommends you define the set of auditing rules that will meet your audit logging requirements while minimizing the impact on the system. For more information, refer to Knowledge Base article 5472 on BlueCat Customer Care.