Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

AIX Best Practice and PCI Configuration Audits

Tenable's Research group has released two new audit polices for Nessus and Security Center users which audit the AIX operating system.

Best Practice AIX Auditing

Tenable typically writes audit policies that can be submitted for certification by the  Center for Internet Security. However, at this time CIS does not have a best practice benchmark for AIX 5.3, which is what many of Tenable's AIX customers are using. Since there were significant changes in AIX 5.3 from previous releases, Tenable has updated and applied the type of checks used in older CIS AIX benchmarks to AIX 5.3.   The following types of configuration audits are performed:

  • Patches and additional software
  • Minimize inetd network services
  • Minimize Daemon Services
  • Kernel tuning
  • Logging
  • File/directory permissions/access
  • System access, authentication, and authorization
  • User Accounts and environment
  • Warning Banners

Below is an example screen shot generated by using this type of audit against an AIX 5.3 server:

Aixaudit4

AIX PCI Auditing

PCI configuration audits are much less comprehensive than a CIS or "best practices" configuration audit. PCI is focused on a few different parameters such as password complexity whereas standards like CIS look at several hundred different audit points. As with other operating systems, Tenable has produced an AIX PCI audit policy for AIX 5.3 systems.

The new AIX PCI audit policy takes its place next to the existing Solaris, Linux and Windows polices specifically designed for PCI configuration auditing testing.

Downloading and Using these Audit Polices 

To obtain the new AIX 5.3 audit policies, login to the Tenable Support Portal and click on 'Downloads' and then 'Download Configuration Audit Policies'. The best practices policy is named "Tenable AIX Best Practices" and the PCI audit policy is named "PCI AIX".

To use these with the Nessus scanner, you must be subscribed to the ProfessionalFeed (Direct Feed), have access to the Tenable Support Portal and download one of these polices to your Nessus client. You must also have SSH access to an AIX server you wish to audit. The Nessus Client can be used to build a scan policy which includes an SSH username and password of the root AIX account, or a set of credentials which can take advantage of "su" or "sudo" functionality. 

To use with the Security Center, login as a console administrator, upload your desired AIX audit polices and then create one or more vulnerability polices with the proper credentials for your AIX servers. Security Center 3.4.1 does not currently support Nessus "su" and "sudo" functionality, but this will be available in an upcoming release. Security Center users can also perform these audits with their Nessus scanners directly and manually upload them.

For More Information

Tenable has released a wide variety of audit polices for various operating systems, standards and to search for sensitive content. A list of recent previous releases is included below:



Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, email, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.