Announcements
For our latest Member Updates, click here (CIS Membership and forum registration required).
Juniper JunOS Benchmark v1.0.0 Released (July 26, 2010)
The new Security Configuration Benchmark for Juniper J, M, MX and T Series Routers, provides prescriptive guidance for establishing a secure configuration posture for Juniper J,M, MX, and T Series Routers versions JUNOS 8.x, 9.x, and 10.x. The guide was tested against J-Series and MX Series running 8.1R3, 9.2R1 and 10R2.
The guide may also be relevant to other versions of JUNOS on these platforms, such as JUNOS Enhanced Service, and to other platforms running JUNOS such as EX series switches or SRX series Service Gateways; however these systems are not specifically addressed in the guide at the present time.
The guide does not address other Juniper platforms such as ScreenOS Firewalls or Secure Access Instant Virtual Extranet’s (IVE’s).
Authors
Martin White, aUseful.com
Contributors and Reviewers
Sergey Gordeychik, Positive Technologies, Bill Shelton, Juniper Networks, Andrew Weck, JNCIE, HIC Network Security Solutions, LLC
To download the new benchmark, please go here: http://cisecurity.org/en-us/?route=downloads.show.single.junos.100
Solaris 10 Benchmark v5.0.0 Released (July 16, 2010)
The benchmark addresses recommended security settings included in Solaris 10 11/06 (Update 3) through Solaris 10 10/09 (Update 8) running on x86 or SPARC platforms. The Solaris 10 operating system (Solaris 10 OS) was originally released in March 2005 and has since undergone several updates. While many of the controls discussed in this document were available in earlier versions of the Solaris OS, some of the functionality discussed may not be present in those older versions. This guide was tested against Solaris 10 10/09 as installed using the SUNWCXall “Entire Distribution Plus OEM” software installation cluster.
Authors
Carole Fennelly, Jonathan Klein
Maintainers
Carole Fennelly
Contributors and Reviewers
Wilfred Artman, Independent Contractor, Mike Bamford, Nelson Benitez, Vladimir Bogodist, IT Security Specialist, Glenn Brunette, Oracle Corporation, Chris Cook, CISSP, Cable & Wireless Worldwide, Blake Frantz, Center for Internet Security, Filip Francis, Ian J Hunt, Global Crossing, GCTO, John Jenkinson, Jason Mackanick, DISA FSO, David Pollard, NASA DFRC, Douglas J. Schmidt, and Damian Southard.
The CIS community also extends thanks to the Defense Information Systems Agency (DISA) Field Security Office (FSO) for contributing their Solaris 10 Update 7 configuration baseline for use in the development of this benchmark.
The CIS community also extends thanks to those that contributed to previous versions of this Benchmark: Adam Montville, Andrew Gilmore, John Banghart, Christopher Calabrese, Dave Shackleford, David A. Kennel, Glenn Brunette, Hal Pomeranz, Hoang Truong Dinh, Jason Mackanick, Jay Beale, Joel Kirch, Joe Wulf, John Traenkenschuh, Keith Buck, Larry Cole, Mark Phillips, Nancy Whitney, Ralph Durkee, Randy Young, Timothy Wood, Tom Maloy, Tom Rhodes, Zack Yang.
To download the benchmark, please go here: https://community.cisecurity.org/~jbennett/en-us/?route=downloads.show.single.solaris10.500
Microsoft Exchange 2007 Benchmark Update v1.1.0 Released (July 16, 2010)
This document is a general guide for securing Microsoft Exchange Server 2007 (Exchange) hosted on the Windows Server 2003 platform. The first section contains general advice for installing Exchange. The document also prescribes security recommendations for each of the five 5 roles Exchange 2007 can perform. This benchmark represents an industry consensus of "best practices" listing steps to be taken as well as rationale for their recommendation.
Authors
Adam Cecchetti, Leviathan Security Group
Contributors and Reviewers
Chris Ahlers, Susan Bradley, Gary Gapinski, Michael Nelte, Paul E. Robichaux, Miles Stevenson, Charles Schmidt, Nguyen Tuan Trung, Tripwire, Inc.
To download the benchmark, please go here: https://community.cisecurity.org/~jbennett/en-us/?route=downloads.show.single.exchange2007.110
Call For Participation
The Center for Internet Security welcomes your participation in the Consensus Security Configuration Benchmarks process. If you or others in your organization are interested in participating, please send an email requesting participation to feedback@cisecurity.org. We also encourage you to forward this call for participation to any subject matter experts or customers who may have the expertise willingness to participate.