Security benchmark tools available

By Diane Frank
Oct 03, 2002

Related Links

"Feds endorse guide for Windows security"

All federal agencies can now freely distribute and use the security configuration tools developed by the independent Center for Internet Security (CIS) and endorsed by federal security experts.

The General Services Administration's Federal Computer Incident Response Center this week announced an agreement signed with CIS for the redistribution licenses, paid for by FedCIRC, the National Security Agency, the Defense Department and other federal organizations.

The downloads are available through a site set up specifically for federal users at www.cisecurity.org/federalcisusers.

The tools offer a high-level security benchmark for commonly used operating systems, applications and appliances, and organizations can use the tools to check configurations. The tools are developed in collaboration with all of the center's members — including experts from government, industry and academia — but the center does not allow the companies that make the products to be members, said Franklin Reeder, chairman of the center.

In July, the center and several federal agencies announced the release of the latest tool, a benchmark for Microsoft Corp.'s Windows 2000 operating system. Tools are also available for other operating systems — including Windows NT, Sun Microsystems Inc.'s Solaris and Linux — and for Cisco Systems Inc.'s IOS routers.

The tools are available for free on the center's site, but unless an agency has signed up as a member, the tools cannot be redistributed throughout the organization for use on multiple systems. The FedCIRC agreement does not provide full membership privileges, but it does allow agency systems administrators to distribute the tools internally, according to a center official.

Membership also allows agencies to participate in the development of new tools and the updates to existing tools, as well as open access to discussions among members.

Several agencies are already full members, including the Justice Department and the Naval Surface Warfare Center.

E-Mail this page

Printable Format

Featured

Cybersecurity

States, experts ask EAC for more flexibility in voting machine standards

There is concern in some quarters that the bureaucratic process outlined by the Election Assistance Commission may prevent voting machine standards from keeping up with the times.
Management

OPM-GSA merger plan detailed in legislative proposal

The White House is proposing legislation for a dramatic overhaul of human resources inside government and wants $50 million to execute the plan.
Cloud

GSA plans civilian DEOS counterpart

GSA is developing a cloud email and enterprise services contract inspired by the single-source vehicle the Department of Defense devised for back-office software.

Advanced Search

Stay Connected

FCW INSIDER

Email Address

Country

Terms and Privacy Policy consent

Yes, I agree No, I don't agree

Select primary job function

Select agency/branch/business type

I agree to this site's Privacy Policy.

Security benchmark tools available

Related Links

Featured

States, experts ask EAC for more flexibility in voting machine standards

OPM-GSA merger plan detailed in legislative proposal

GSA plans civilian DEOS counterpart

Stay Connected

FCW INSIDER

New from FCW

CDM dashboard award will lay the groundwork for AI

Defense Digital hunts tech talent with new recruiting contract

Study: Federal AI is a $1B market

DISA awards $75 million sole-source deal for background check IT

House opposition could sink OPM reorg

FCW Insider: May 22

House opposition could sink OPM reorg

How Lockheed has embraced agile (and learned from DOD)

Coast Guard taps DOD's AI group

TSA turnover alarms lawmakers

How Lockheed has embraced agile (and learned from DOD)

House opposition could sink OPM reorg

Air Force pushes fast-tracked ATOs

Report: U.S. political parties need to shore up cyber