Following are the highlights of the SCU 2017-1:
New features
The SCU 2017-1 includes the following new features:
- Command-based data collection support for UNIX platform
From SCU 2017-1 onwards, command-based data collection support for UNIX platform is available in CCS. You can use this feature in both the agent-based and the agentless methods of data collection.
By using this feature, you can achieve the following:
-> Collect data and assess security configuration of middleware and third-party applications that are currently not supported out-of-the-box by CCS.
-> Create customized command-based checks in CCS Standards Manager, and collect and evaluate data for UNIX assets in your system.
Note: To use this feature you must upgrade your CCS deployment to the 11.5.2 version (Product Update 2017-1).
- Automated MS SQL password management in agent-based data collection
From SCU 2017-1 onwards, you can choose to automate the process of password management for SQL Server instances and SQL Server clusters while collecting agent-based raw data from these assets.
By using this feature, you can achieve the following:
-> Quickly ensure that MS SQL user passwords configured for data collection are changed as per the password policy of your organization.
-> Improve the security practices of your organization by managing passwords without any human intervention.
- Data collection support for Windows Server Core platform
From SCU 2017-1 onwards, agent-based and agentless data collection support for assets that run Windows Server Core operating systems is available in CCS. By using this support, you can now take informed decisions about the security configuration of Windows Server Core assets in your environment.
- Data collection support for SUSE Linux Enterprise Server 12 platform
From SCU 2017-1 onwards, data collection support for SUSE 12 assets is available in CCS. By using the Security Essentials for SUSE Linux Enterprise Server 12 standard available in this SCU, you can collect and evaluate data to secure SUSE Linux Enterprise Server 12 assets in your system.
- Data collection support on 64-bit CCS agent for RHEL 7.x server assets
From SCU 2017-1 onwards, data collection support on 64-bit agent for Red Hat Enterprise Linux 7.x server assets is available in CCS.
New technical standards
The SCU 2017-1 contains the following new technical standards:
- CIS Benchmark for Red Hat Enterprise Linux 6, v2.0.2
- CIS Benchmark for Cisco IOS 15, v4.0.0 (level 1 profile)
- Security Essentials for Junos OS 15.x Devices
- Security Essentials for SUSE Linux Enterprise Server 12
Updated technical standards
The CIS Red Hat Enterprise Linux 7.x Benchmark v2.1.1 standard is an updated standard in SCU 2017-1.
New regulatory framework
The SCU 2017-1 contains the following new regulatory framework:
- Australian Government Information Security Manual (ISM) 2016 Release
For more details and downloading the web packages and agent tpks visit following page:
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=ccs&pvid=scu&year=&suid=20170601_00
Do let us know for any questions/queries regarding this SCU release.
Regards,
Chetan