The Security Configuration Benchmarks below are distributed free of charge to propagate their worldwide use and adoption as user originated, de facto standards.
The CIS Benchmarks are the ONLY consensus best practice security configuration standards both developed and accepted by government, business, industry, and academia.
The Benchmarks are:
- Recommended technical control rules/values for hardening operating systems, middleware and software applications, and network devices;
- Unique, because the recommendations are defined via consensus among hundreds of security professionals worldwide;
- Downloaded approximately 1 million times per year;
- Distributed freely by CIS in .PDF format (some are available to CIS Members only in XML format via the CIS Members web site);
- Used by thousands of enterprises as the basis for security configuration policies and the de facto standard against which to compare them.
| Type | Benchmark | Version | Updated |
| Mobile Devices | Apple iPhone OS 2.2.1 | 1.0.0 | 03/27/2009 |
| Applications | ISC BIND 9.0-9.5 | 2.0.0 | 05/05/2009 |
| Network Devices | Multi-Function Devices | 1.0.0 | 04/24/2009 |
| Applications | MySQL Database 4.1/5.0/5.1 | 1.0.2 | 04/09/2009 |
| Operating Systems | Red Hat Linux 5 (for RHEL 5) | 1.1.1 | 05/29/2009 |
| Applications | SQL Server 2005 | 1.1.1 | 02/20/2009 |
| Applications | Apache Web Server | 2.2.0 | 11/10/2008 |
| Operating Systems | HP-UX | 1.4.2 | 06/03/2008 |
| Operating Systems | Mac OS X 10.5 (Leopard) | 1.0 | 05/21/2008 |
| Applications | Oracle Database 11g | 1.0.0 | 09/12/2008 |
| Operating Systems | SUSE Linux | 2.0 | 05/21/2008 |
| Applications | Xen Server | 3.2 | 05/16/2008 |
| Network Devices | Check Point Firewall | 1.0 | 12/11/2007 |
| Network Devices | Cisco ASA, FWSM, and PIX | 2.0 | 11/20/2007 |
| Network Devices | Cisco IOS Router | 2.2 | 11/20/2007 |
| Operating Systems | Debian Linux | 1.0 | 08/17/2007 |
| Applications | Exchange Server 2007 | 1.0 | 12/31/2007 |
| Applications | FreeRADIUS | 1.0 | 08/16/2007 |
| Applications | IIS | 1.0 | 08/16/2007 |
| Applications | OpenLDAP | 1.0 | 08/16/2007 |
| Operating Systems | Solaris 10 11/06 and 8/07 | 4.0 | 11/01/2007 |
| Applications | Virtual Machine | 1.0 | 10/18/2007 |
| Applications | VMWare ESX Server | 1.0 | 10/18/2007 |
| Operating Systems | Windows Server 2003 | 2.0 | 11/21/2007 |
| Operating Systems | Mac OS X 10.4 (Tiger) | 2.0 | 10/16/2006 |
| Applications | Novell eDirectory | 1.0 | 06/12/2006 |
| Operating Systems | Novell OES:NetWare | 1.0 | 08/14/2006 |
| Applications | Oracle Database 9i/10g | 2.01 | 08/14/2006 |
| Operating Systems | Red Hat Linux 4 (for RHEL 2.1, 3.0, 4.0 and Fedora Core 1,2,3,4, & 5) | 1.0.5 | 10/01/2006 |
| Operating Systems | Slackware Linux | 1.1 | 06/16/2006 |
| Operating Systems | AIX | 1.01 | 10/21/2005 |
| Applications | Exchange Server 2003 | 1.0 | 08/15/2005 |
| Operating Systems | FreeBSD | 1.0.5 | 10/21/2005 |
| Applications | Oracle Database 8i | 1.2 | 04/06/2005 |
| Applications | SQL Server 2000 | 1.0 | 12/15/2005 |
| Operating Systems | Windows 2000 | 1.2.2 | 02/04/2005 |
| Operating Systems | Windows NT | 1.05 | 03/04/2005 |
| Operating Systems | Windows XP Professional SP1/SP2 | 2.01 | 09/09/2005 |
| Network Devices | Wireless Networks | 1.0 | 04/14/2005 |
| Operating Systems | Solaris 2.5.1 - 9.0 | 1.3 | 08/11/2004 |
| Operating Systems | Windows 2000 Professional | 2.2.1 | 12/17/2004 |
| Operating Systems | Windows 2000 Server | 2.2.1 | 12/17/2004 |
Center for Internet Security
www.cisecurity.org
No hay comentarios:
Publicar un comentario