Department of Defense Red Hat Enterprise Linux 8 compliance
The U.S. Department of Defense (DoD) requires highly secure computer systems. This level of security and quality defined by DoD meets with the quality and customer base of Red Hat Enterprise Linux® Server 8.
PowerSC supports the requirements of the Department of Defense Red Hat Enterprise Linux 8 STIG. A summary of the requirements and how to ensure that compliance are provided in the table that follows.
Note: All of the custom script files that are provided to maintain DoD compliance are in
the /etc/security/pscxpert/custom directory.
Department of Defense STIG Finding | Group | Description | Location of the script where the action is defined and the results of the action that enables compliance |
---|---|---|---|
V-230221 | RHEL8 Security Recommendation Rules | RHEL 8 must be a vendor-supported release. |
|
V-230558 | RHEL8 Security Recommendation Rules | A File Transfer Protocol (FTP) server package must not be installed unless mission essential on RHEL 8. |
|
V-230380 | RHEL8 Security Recommendation Rules | Accounts with empty passwords should never be used in operational environments. |
|
V-230533 | RHEL8 Security Recommendation Rules | The Trivial File Transfer Protocol (TFTP) server package must not be installed if not required for RHEL 8 operational support. |
|
V-230492 | RHEL8 Security Recommendation Rules | RHEL 8 must not have the rsh-server package installed. |
|