Could anyone tell me about CIS security benchmark scripts?

My customer wants to get the CIS security benchmark scripts for AIX, but I don' t know it much...

Is it available for customer? 

Where can be it download?

I found the very older zip files for AIX 7.1 on CIS Workbench site (registration of this site is required.)

Does anyone know the latest one for AIX 7.2 or AIX 7.3?

Could anyone tell me about CIS security benchmark scripts?

My customer wants to get the CIS security benchmark scripts for AIX, but I don' t know it much...

Is it available for customer? 

Where can be it download?

CIS Downloads (cisecurity.org)

"https://downloads.cisecurity.org/#/"

7.2 is available.

7.3 will be available in first week of Oct 2024.

I found the very older zip files for AIX 7.1 on CIS Workbench site (registration of this site is required.)

Does anyone know the latest one for AIX 7.2 or AIX 7.3?

Could anyone tell me about CIS security benchmark scripts?

My customer wants to get the CIS security benchmark scripts for AIX, but I don' t know it much...

Is it available for customer? 

Where can be it download?

CIS Downloads (cisecurity.org)

"https://downloads.cisecurity.org/#/"

7.2 is available.

7.3 will be available in first week of Oct 2024.

I found the very older zip files for AIX 7.1 on CIS Workbench site (registration of this site is required.)

Does anyone know the latest one for AIX 7.2 or AIX 7.3?

Could anyone tell me about CIS security benchmark scripts?

My customer wants to get the CIS security benchmark scripts for AIX, but I don' t know it much...

Is it available for customer? 

Where can be it download?

I found the very older zip files for AIX 7.1 on CIS Workbench site (registration of this site is required.)

Does anyone know the latest one for AIX 7.2 or AIX 7.3?

Could anyone tell me about CIS security benchmark scripts?

My customer wants to get the CIS security benchmark scripts for AIX, but I don' t know it much...

Is it available for customer? 

Where can be it download?

Hi Yukari,

Pls take a look if you are Entitled to download PowerSC product for AIX (and Linux on Power)

https://www.ibm.com/products/powersc

https://www.ibm.com/docs/en/powersc-standard/2.2?topic=concepts

Once you install PowerSC client on AIX, you will get CIS scripts / XML files in your AIX systems /etc/security/aixpert/custom folder; and you can implement / view rules with pscxpert cmd :

https://www.ibm.com/docs/en/powersc-standard/2.2?topic=automation-configuring-compliance-from-cli

More info on the CIS settings:

https://www.ibm.com/docs/en/powersc-standard/2.2?topic=scac-center-internet-security-cis-benchmarks-compliance-aix-72

AIX7.2 scripts are the latest ones like Snoop said; 7.3 coming soon (I hope) 

In the next? PowerSC release there might be also enhancements on the Security reporting on AIX :

https://ibm-power-systems.ideas.ibm.com/ideas/PSC-I-39

Hope this helps,

Br,

tommi

I found the very older zip files for AIX 7.1 on CIS Workbench site (registration of this site is required.)

Does anyone know the latest one for AIX 7.2 or AIX 7.3?

Could anyone tell me about CIS security benchmark scripts?

My customer wants to get the CIS security benchmark scripts for AIX, but I don' t know it much...

Is it available for customer? 

Where can be it download?

Hi Tommi,

Thank you for detailed information. 

I would like to get more information on this topic, if you could?

My customer is looking for scripts to check whether or not complies with CIS security.

1. I found there were some checking scripts on CIS Workbench site. For example, these following zip files is still downloadable, though it's 7 or  10 years old. I think that these are scripts for checking. Do you know if the latest versions of there are provided somewhere?

• CIS_IBM_AIX_7.1_Benchmark_v1.1.0_AIXPERT_7.1.tar
• CIS_IBM_AIX_7.1_Benchmark_v1.1.0_Remediation_Kit.zip

2. Can the scripts included in PowerSC only do checking of CIS security compliance?  You said "implement / view rules"...

Hi Yukari,

Pls take a look if you are Entitled to download PowerSC product for AIX (and Linux on Power)

https://www.ibm.com/products/powersc

https://www.ibm.com/docs/en/powersc-standard/2.2?topic=concepts

Once you install PowerSC client on AIX, you will get CIS scripts / XML files in your AIX systems /etc/security/aixpert/custom folder; and you can implement / view rules with pscxpert cmd :

https://www.ibm.com/docs/en/powersc-standard/2.2?topic=automation-configuring-compliance-from-cli

More info on the CIS settings:

https://www.ibm.com/docs/en/powersc-standard/2.2?topic=scac-center-internet-security-cis-benchmarks-compliance-aix-72

AIX7.2 scripts are the latest ones like Snoop said; 7.3 coming soon (I hope) 

In the next? PowerSC release there might be also enhancements on the Security reporting on AIX :

https://ibm-power-systems.ideas.ibm.com/ideas/PSC-I-39

Hope this helps,

Br,

tommi

I found the very older zip files for AIX 7.1 on CIS Workbench site (registration of this site is required.)

Does anyone know the latest one for AIX 7.2 or AIX 7.3?

Could anyone tell me about CIS security benchmark scripts?

My customer wants to get the CIS security benchmark scripts for AIX, but I don' t know it much...

Is it available for customer? 

Where can be it download?

Hi,

There is an own forum for PowerSC :

PowerSC

I know that the PowerSC developers are reading / contributing there as well, so best way to have 100% accurate answers is to put a post there & get contact with them. 

We have always implemented the CIS rules before verifying the environment, but I think one can

verify existing system (against CIS rules without actually implementing them), by pscxpert -c parameter:

pscxpert for linux command

Example: 

pscxpert -c -P /etc/security/aixpert/custom/CISv2_Lev1.xml

Like stated, verify if your company is Entitled to use / download PowerSC already, or otherwise you need to for example request a 90 days trial :

PowerSC 2.2 Trial

Ibm		remove preview
PowerSC View this on Ibm >

Hi Tommi,

Thank you for detailed information. 

I would like to get more information on this topic, if you could?

My customer is looking for scripts to check whether or not complies with CIS security.

1. I found there were some checking scripts on CIS Workbench site. For example, these following zip files is still downloadable, though it's 7 or  10 years old. I think that these are scripts for checking. Do you know if the latest versions of there are provided somewhere?

• CIS_IBM_AIX_7.1_Benchmark_v1.1.0_AIXPERT_7.1.tar
• CIS_IBM_AIX_7.1_Benchmark_v1.1.0_Remediation_Kit.zip

2. Can the scripts included in PowerSC only do checking of CIS security compliance?  You said "implement / view rules"...

Hi Yukari,

Pls take a look if you are Entitled to download PowerSC product for AIX (and Linux on Power)

https://www.ibm.com/products/powersc

https://www.ibm.com/docs/en/powersc-standard/2.2?topic=concepts

Once you install PowerSC client on AIX, you will get CIS scripts / XML files in your AIX systems /etc/security/aixpert/custom folder; and you can implement / view rules with pscxpert cmd :

https://www.ibm.com/docs/en/powersc-standard/2.2?topic=automation-configuring-compliance-from-cli

More info on the CIS settings:

https://www.ibm.com/docs/en/powersc-standard/2.2?topic=scac-center-internet-security-cis-benchmarks-compliance-aix-72

AIX7.2 scripts are the latest ones like Snoop said; 7.3 coming soon (I hope) 

In the next? PowerSC release there might be also enhancements on the Security reporting on AIX :

https://ibm-power-systems.ideas.ibm.com/ideas/PSC-I-39

Hope this helps,

Br,

tommi

I found the very older zip files for AIX 7.1 on CIS Workbench site (registration of this site is required.)

Does anyone know the latest one for AIX 7.2 or AIX 7.3?

Could anyone tell me about CIS security benchmark scripts?

My customer wants to get the CIS security benchmark scripts for AIX, but I don' t know it much...

Is it available for customer? 

Where can be it download?