How often does your IT Security team ask you to run a “quick” security compliance audit on your AIX server infrastructure?
If you are going to do this manually for a significant number of servers this would require a significant amount of manpower and a considerable amount of time to complete. Wouldn’t it be nice to just answer the question with
Yes here it is, a Security Compliance report for all of our AIX servers, and it does contain historical compliance data would you like me to send you a pdf report?
Or would you like me to give you access to the web interface on the Security and Compliance Analytics Reporting Server?
How can you automate an AIX Security Configuration Audit?
In this example I am going to use IBM Endpoint Manager’s Security and Compliance Module. The first thing that you need to do is to choose a security standard that you want to use to check your server configuration against.
In this example we are going to use the “Center for Internet Security – Security Configuration Benchmark for AIX 6.1”. As with all standards not all security checks may be applicable to the environment that you wish to evaluate.
Create your own custom checklist from the default security standard.
From the default AIX CIS benchmark I have chosen to only evaluate all of the Source Severity Level 1 configuration checks.
Subscribe the relevant AIX server to the custom security configuration checks.
Only servers that are running AIX 6.1 are subscribed to this custom security configuration checklist.
Deploy and run the custom AIX security audit
In order to evaluate the compliance status of an AIX server to our custom security configuration checklist, we need to deploy and run the checks on the target AIX 6.1 servers.
Import the results into the Security and Compliance Analytics Module.
Once the configuration check results have been calculated they can be imported into the security and compliance analytics module.
View the compliance status of the AIX servers
Once the results are imported into the security and compliance analytics module the compliance status of the AIX 6.1 server can be viewed.
At a high level we can see that the server is 64% compliance to our custom security standard.
We can drill down into the individual security check and find out which compliance checks the server is failing.
The results of this AIX Security Compliance check can also be provided in PDF format, you can download a sample report using the following link.
If you would like any more information on using IBM Endpoint Manager to perform security compliance checks on your server infrastructure then contact firstname.lastname@example.org