STIG compliance

Starting with version 1.0.11.1, you can make IAS fully STIG compliant.

The Security Technical Implementation Guides (STIGs) are the configuration standards created by created by the Defense Information Systems Agency (DISA) for Department of Defence systems. The STIGs contain technical guidance to lock down information, systems, and software, which might otherwise be vulnerable to a malicious computer attack by limiting account access to a system. IAS has been designed and configured to conform to most of the STIG rules during manufacturing and install process. If you want to make IAS fully STIG compliant, you can use a tool called security_compliance_manager that is provided in the system.

Note:

IBM® follows and supports DISA standards for STIG. Nessus scanner by Tenable is used for scanning. CAT I & II compliance issues reported by the scanner are prioritized.