cancel
Showing results for 
Search instead for 
Did you mean: 

Is there a System hardening documentation for CIP compliance?

     Come July NERC CIP V6 comes into play, and for thoes with appliances (McAfee SIEM, ESM, ACE, ELM, ect.) in their EACMS how do you plan on complying with CIP-007-5?

The requirement is "Deploy method(s) to deter, detect, or prevent malicious code." The measures they bring out are "An example of evidence may include, but is not limited to, records of the Responsible Entity’s performance of these processes (e.g., through traditional antivirus, system hardening, policies, etc.)."

So is there a System Hardening document from manufacture? or any other document of security measures taken for these devices?

4 Replies

Re: Is there a System hardening documentation for CIP compliance?

McAfee states the SIEM runs on SUSE, RHEL, and one other LINUX platform.

Check out:

  1. 1 CIS Red Hat Enterprise LINUX 7 Benchmark
  2. 2 NSA Guide to Configuration of RHEL 5 V 4.2 (200 pages, basis of all other guides)
  3. 3 SUSE Security and Hardening Guide

Can anyone confirm which flavor of LINUX the McAfee SIEM appliance runs under?

Regards, David Hawley CISSP, SIEM SME

Highlighted
clubez
Level 9
Report Inappropriate Content
Message 3 of 5

Re: Is there a System hardening documentation for CIP compliance?

They sold as hardened appliances, are not based on any particular distribution, and you are unlikely to find out what hardening has been implemented even under a NDA.

McAfee Employee andy777
McAfee Employee
Report Inappropriate Content
Message 4 of 5

Re: Is there a System hardening documentation for CIP compliance?

Correct. The underlying OS is not based on a public distribution and modifying most settings will void the warranty. I have a hardening checklist I use so I'll try to get that posted. The original post is from a year ago so I assume it can wait a little longer.

Re: Is there a System hardening documentation for CIP compliance?

Were you able to post the hardening checklist?

I would be very interested in having it.

Thanks

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community