Forum Discussion
5 Replies
- TechgeeegNimbostratus
Hi Tabish,
First of all there is no such thing as best practice every environment can be different and can have its own pros n cons plus there is no such tool which checks this all.
Regards,
- amolariCirrus
Have you configured the machines? If the customer asks for an assessment of machine that you/your company configured, normally it should be a 3rd party doing that. F5 professional services would be happy to "help" I guess ;-)
More seriously.. have you checked the LTM Operation guide? Not really best practice guide but some inputs. Otherwise there is no such document (except what F5 calls "Best practice" SOLs on AskF5).
- datago_205305Nimbostratus
Yes, there is a reference guide available at [http://iase.disa.mil/stigs/net_perimeter/network-infrastructure/Pages/other.aspx]. Security Technical Implementation Guides (STIGs) are published by the US military to promote hardening. The page is publicly accessible.
After unzipping, find the XML file and open it in a browser that supports XML viewing. You will see segmented rule titles that clarify vulnerability to evaluate for, procedure to check for content and how to fix/harden the gap if necessary.
- datago_205305NimbostratusTabish - did you look at the reference guide I posted?
- Lawrence_53682Nimbostratus
After you download the zip file from IASE, follow the guide below to learn how to read it. You can make use of Winword to open the XML XCCDF file and convert it into a winword document which you can read easily.
[http://iasecontent.disa.mil/stigs/doc/HOW_TO_VIEW_SRGs_and_STIGs.docx]
Alternatively, download the jar file here http://iasecontent.disa.mil/stigs/zip/U_STIGViewer-2.5.4.zip
Unzip the file and run the jar file and then open the XML XCCDF file.