Container Platform Security Requirements Guide STIG #12004
Replies: 1 comment 1 reply
-
|
I recommend starting with the base operating STIG then look at the Container Platform SRG. Security Onion is designed to run as an "appliance" not as a container platform for any workload deployment. The base operating STIG has a lot of similar rules as the Container SRG and may be easier to implement since there is more technical guidance. |
Beta Was this translation helpful? Give feedback.
-
|
We have already applied as much of the Operating System STIG as possible. We couldn't apply FIPS compliance because it broke authentication and those are a few of the Container SRG CAT I STIGs. It only applies it to the docker if it is applied on the OS. I don't believe OS authentication counts for the STIG container. The STIG is so generic that it's hard to see where it applies. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Version
2.4.3
Installation Method
Security Onion ISO image
Description
configuration
Installation Type
Standalone
Location
airgap
Hardware Specs
Exceeds minimum requirements
CPU
24
RAM
1 TB
Storage for /
55 TB
Storage for /nsm
53 TB
Network Traffic Collection
tap
Network Traffic Speeds
Less than 1Gbps
Status
Yes, all services on all nodes are running OK
Salt Status
No, there are no failures
Logs
No, there are no additional clues
Detail
Has anybody tried applying or verifying the Container Platform Security Requirements Guide STIG to Security Onion? I'm not sure how to go about it since it utilizes so many containers. Any help/guidance is appreciated.
Guidelines
Beta Was this translation helpful? Give feedback.
All reactions