AIX Security Configuration Audit – “I need a compliance report ASAP!”

How often does your IT Security team ask you to run a “quick” security compliance audit on your AIX server infrastructure?

If you are going to do this manually for a significant number of servers this would require a significant amount of manpower and a considerable amount of time to complete. Wouldn’t it be nice to just answer the question with

Yes here it is, a Security Compliance report for all of our AIX servers,  and it does contain historical compliance data would you like me to send you a pdf report?

Or would you like me to give you access to the web interface on the Security and Compliance Analytics Reporting Server?

How can you automate an AIX Security Configuration Audit?

In this example I am going to use IBM Endpoint Manager’s Security and Compliance Module. The first thing that you need to do is to choose a security standard that you want to use to check your server configuration against.
In this example we are going to use the “Center for Internet Security – Security Configuration Benchmark for AIX 6.1”. As with all standards not all security checks may be applicable to the environment that you wish to evaluate.

Create your own custom checklist from the default security standard.

From the default AIX CIS benchmark I have chosen to only evaluate all of the Source Severity Level 1 configuration checks.

Custom Secuiry Checklist

CIS Level 1 checks selected from default standard.

Subscribe the relevant AIX server to the custom security configuration checks.

Only servers that are running AIX 6.1 are subscribed to this custom security configuration checklist.

 

 width=

Only AIX 6.1 servers are subscribed to our custom security configuration checks

Deploy and run the custom AIX security audit

In order to evaluate the compliance status of an AIX server to our custom security configuration checklist, we need to deploy and run the checks on the target AIX 6.1 servers.

Run compliance checks.

AIX servers evaluate compliance checks.

Import the results into the Security and Compliance Analytics Module.

Once the configuration check results have been calculated they can be imported into the security and compliance analytics module.

 

Import compliance results

Compliance results are imported into compliance analytics module

View the compliance status of the AIX servers

Once the results are imported into the security and compliance  analytics module the compliance status of the AIX 6.1 server can be viewed.

At a high level we can see that the server is 64% compliance to our custom security standard.

Compliance Status

64% Compliant to our custom security standard

We can drill down into the individual security check and find out which compliance checks the server is failing.

Security Compliance Checks

Drill down into individual security compliance checks.

The results of this AIX Security Compliance check can also be provided in PDF format, you can download a sample report using the following link.

ORB DATA AIX61 COMPLIANCE REPORT

If you would like any more information on using IBM Endpoint Manager to perform security compliance checks on your server infrastructure then contact sales@orb-data.com

 

Visits: 68