IBM Power Connect, learn, share, and engage with IBMPower. Join / Log in
I have been using the Power Systems HMC for decades but have not heard of STIGS.
Can you elaborate on the virtual HMC you are using, or what you hope to control or let us know where the code came from?Cheers, Nigel
Hello Luis,just for interest. Could you post the link to the vHMC STIG here?Best regards
If you're using v9.2 or a virtual HMC, it isn't a z HMC- it's for POWER.
It seems like you might have some misunderstanding's of IBM's offerings in this space.
Hardware Management Console (general term) - Appliance that manages hardware. It is offered in 2 main "Flavors" for the 2 main IBM compute platforms- POWER or Z- these are completely different offerings and do not share a common codebase/ui/etc.
The POWER HMC offering also has a virtual offering (vHMC) which allows running POWER HMC code in a virtual environment (PowerVM/KVM/VMware).
The STIG you're referencing is for the zHMC platform, and is not going to get you much of anywhere with a Power HMC.
There are a fair number of things in the STIG that should be done on a Power (physical or virtual) HMC as well, the issue is that Luis would need to go through and determine the mechanisms for implementing the changes.
That being said- if there isn't a STIG written, I would think you can't really follow one... but I don't work in a space that requires following the STIG guidelines- that'd be a question for your BISO/CISO/next level of security compliance support. Also might be worth a question to IBM support, it does seems as though there is a mechanism for Vendors to build STIG's in conjunction with DISA. https://public.cyber.mil/stigs/vendor-process/