|
 |
7629ac |
diff --git a/rhel7/profiles/ospp.profile b/rhel7/profiles/ospp.profile
|
|
|
7629ac |
index 09136fb5ce..e0d9b02c38 100644
|
|
|
7629ac |
--- a/rhel7/profiles/ospp.profile
|
|
|
7629ac |
+++ b/rhel7/profiles/ospp.profile
|
|
|
7629ac |
@@ -2,34 +2,35 @@ documentation_complete: true
|
|
|
7629ac |
|
|
|
7629ac |
title: 'United States Government Configuration Baseline'
|
|
|
7629ac |
|
|
|
7629ac |
-description: "This compliance profile reflects the core set of security \n
|
|
|
7629ac |
- \ related configuration settings for deployment of Red Hat Enterprise \n
|
|
|
7629ac |
- \ Linux 7.x into U.S. Defense, Intelligence, and Civilian agencies. \n
|
|
|
7629ac |
- \ Development partners and sponsors include the U.S. National Institute \n
|
|
|
7629ac |
- \ of Standards and Technology (NIST), U.S. Department of Defense, \n
|
|
|
7629ac |
- \ the National Security Agency, and Red Hat. \n
|
|
|
7629ac |
- \ \n
|
|
|
7629ac |
- \ This baseline implements configuration requirements from the following \n
|
|
|
7629ac |
- \ sources: \n
|
|
|
7629ac |
- \ \n
|
|
|
7629ac |
- \ - Committee on National Security Systems Instruction No. 1253 (CNSSI 1253) \n
|
|
|
7629ac |
- \ - NIST Controlled Unclassified Information (NIST 800-171) \n
|
|
|
7629ac |
- \ - NIST 800-53 control selections for MODERATE impact systems (NIST 800-53) \n
|
|
|
7629ac |
- \ - U.S. Government Configuration Baseline (USGCB) \n
|
|
|
7629ac |
- \ - NIAP Protection Profile for General Purpose Operating Systems v4.0 (OSPP v4.0) \n
|
|
|
7629ac |
- \ - DISA Operating System Security Requirements Guide (OS SRG) \n
|
|
|
7629ac |
- \ \n
|
|
|
7629ac |
- \ For any differing configuration requirements, e.g. password lengths, the stricter \n
|
|
|
7629ac |
- \ security setting was chosen. Security Requirement Traceability Guides (RTMs) and \n
|
|
|
7629ac |
- \ sample System Security Configuration Guides are provided via the \n
|
|
|
7629ac |
- \ scap-security-guide-docs package. \n
|
|
|
7629ac |
- \ \n
|
|
|
7629ac |
- \ This profile reflects U.S. Government consensus content and is developed through \n
|
|
|
7629ac |
- \ the OpenSCAP/SCAP Security Guide initiative, championed by the National \n
|
|
|
7629ac |
- \ Security Agency. Except for differences in formatting to accommodate \n
|
|
|
7629ac |
- \ publishing processes, this profile mirrors OpenSCAP/SCAP Security Guide \n
|
|
|
7629ac |
- \ content as minor divergences, such as bugfixes, work through the \n
|
|
|
7629ac |
- \ consensus and release processes."
|
|
|
7629ac |
+description: |-
|
|
|
7629ac |
+ This compliance profile reflects the core set of security
|
|
|
7629ac |
+ related configuration settings for deployment of Red Hat Enterprise
|
|
|
7629ac |
+ Linux 7.x into U.S. Defense, Intelligence, and Civilian agencies.
|
|
|
7629ac |
+ Development partners and sponsors include the U.S. National Institute
|
|
|
7629ac |
+ of Standards and Technology (NIST), U.S. Department of Defense,
|
|
|
7629ac |
+ the National Security Agency, and Red Hat.
|
|
|
7629ac |
+
|
|
|
7629ac |
+ This baseline implements configuration requirements from the following
|
|
|
7629ac |
+ sources:
|
|
|
7629ac |
+
|
|
|
7629ac |
+ - Committee on National Security Systems Instruction No. 1253 (CNSSI 1253)
|
|
|
7629ac |
+ - NIST Controlled Unclassified Information (NIST 800-171)
|
|
|
7629ac |
+ - NIST 800-53 control selections for MODERATE impact systems (NIST 800-53)
|
|
|
7629ac |
+ - U.S. Government Configuration Baseline (USGCB)
|
|
|
7629ac |
+ - NIAP Protection Profile for General Purpose Operating Systems v4.0 (OSPP v4.0)
|
|
|
7629ac |
+ - DISA Operating System Security Requirements Guide (OS SRG)
|
|
|
7629ac |
+
|
|
|
7629ac |
+ For any differing configuration requirements, e.g. password lengths, the stricter
|
|
|
7629ac |
+ security setting was chosen. Security Requirement Traceability Guides (RTMs) and
|
|
|
7629ac |
+ sample System Security Configuration Guides are provided via the
|
|
|
7629ac |
+ scap-security-guide-docs package.
|
|
|
7629ac |
+
|
|
|
7629ac |
+ This profile reflects U.S. Government consensus content and is developed through
|
|
|
7629ac |
+ the OpenSCAP/SCAP Security Guide initiative, championed by the National
|
|
|
7629ac |
+ Security Agency. Except for differences in formatting to accommodate
|
|
|
7629ac |
+ publishing processes, this profile mirrors OpenSCAP/SCAP Security Guide
|
|
|
7629ac |
+ content as minor divergences, such as bugfixes, work through the
|
|
|
7629ac |
+ consensus and release processes.
|
|
|
7629ac |
|
|
|
7629ac |
selections:
|
|
|
7629ac |
- installed_OS_is_certified
|
|
|
7629ac |
diff --git a/rhel7/profiles/ospp42.profile b/rhel7/profiles/ospp42.profile
|
|
|
7629ac |
index 8550434ffa..e4a5e9892c 100644
|
|
|
7629ac |
--- a/rhel7/profiles/ospp42.profile
|
|
|
7629ac |
+++ b/rhel7/profiles/ospp42.profile
|
|
|
7629ac |
@@ -1,12 +1,16 @@
|
|
|
7629ac |
documentation_complete: true
|
|
|
7629ac |
|
|
|
7629ac |
-title: 'Protection Profile for General Purpose Operating Systems v. 4.2'
|
|
|
7629ac |
+title: 'OSPP - Protection Profile for General Purpose Operating Systems v. 4.2'
|
|
|
7629ac |
|
|
|
7629ac |
-description: "This profile reflects mandatory configuration controls identified\nin the NIAP Configuration Annex to the Protection\
|
|
|
7629ac |
- \ Profile for General Purpose Operating\nSystems (Protection Profile Version 4.2). \n\nThis Annex is consistent\
|
|
|
7629ac |
- \ with CNSSI-1253, which requires US National Security\nSystems to adhere to certain configuration parameters. Accordingly,\
|
|
|
7629ac |
- \ configuration\nguidance produced according to the requirements of this Annex is suitable for use\nin US National Security\
|
|
|
7629ac |
- \ Systems."
|
|
|
7629ac |
+description: |-
|
|
|
7629ac |
+ This profile reflects mandatory configuration controls identified in the
|
|
|
7629ac |
+ NIAP Configuration Annex to the Protection Profile for General Purpose
|
|
|
7629ac |
+ Operating Systems (Protection Profile Version 4.2).
|
|
|
7629ac |
+
|
|
|
7629ac |
+ This Annex is consistent with CNSSI-1253, which requires US National Security
|
|
|
7629ac |
+ Systems to adhere to certain configuration parameters. Accordingly, configuration
|
|
|
7629ac |
+ guidance produced according to the requirements of this Annex is suitable for use
|
|
|
7629ac |
+ in US National Security Systems.
|
|
|
7629ac |
|
|
|
7629ac |
selections:
|
|
|
7629ac |
- installed_OS_is_certified
|