STIG for QRadar installations

This Security Technical Implementation Guide (STIG) provides the configuration standards and steps that are required for IBM® QRadar® deployments to achieve the level of security that is required to operate in US Department of Defense (DoD) computer networks.

This STIG implementation follows IBM secure engineering practices.

What systems can you run STIG scripts on?

You can run STIG scripts on QRadar All-in-One consoles. You can also run STIG scripts on Event Processors and Flow Processors, but you must use the expert guidance of your IBM QRadar Client Technical Professional (CTP) or IBM QRadar Product Professional Services to complete the task.

IBM QRadar is working to support running STIG scripts on the following products, but they are not currently supported:

IBM QRadar Network Insights
IBM QRadar Incident Forensics
IBM QRadar Network Packet Capture
Data Nodes
IBM QRadar Risk Manager
IBM QRadar Master Console
App Nodes

STIG is not supported in QRadar high-availability (HA) deployments.