Red Hat Bugzilla – Bug 1284048
Request for port of existing (CNSSI) No. 1253 (nist-CL-IL-AL) profile from RHEL-6 to RHEL-7
Last modified: 2016-11-04 03:32:49 EDT
Description of problem:
The current version of the SCAP Security Guide does not include the CNSS No. 1253 Profile. Upstream does have the profile available for RHEL 6, but not 7. This bug is intended to confirm customer interest (at least Los Alamos National Laboratory) in this feature.
Upstream tracking of this issue is at
Proposed upstream patch:
List of profiles in version scap-security-guide-0.1.30-1.el7
C2S for Red Hat Enterprise Linux 7
CNSSI 1253 Low/Low/Low Control Baseline for Red Hat Enterprise Linux 7
Common Profile for General-Purpose Systems
Criminal Justice Information Services (CJIS) Security Policy
Documentation to Support C2S/CIS Mapping
Documentation to Support DISA OS SRG Mapping
PCI-DSS v3 Control Baseline for Red Hat Enterprise Linux 7
Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)
Remediation functions used by the SCAP Security Guide Project
Standard System Security Profile
STIG for Red Hat Enterprise Linux 7 Server
STIG for Red Hat Enterprise Linux 7 Server Running GUIs
STIG for Red Hat Enterprise Linux 7 Workstation
United States Government Configuration Baseline (USGCB / STIG)
Profile CNSSI 1253 Low/Low/Low Control Baseline for Red Hat Enterprise Linux 7 contains sane rules.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.