UCF STIG Viewer Logo

ECSC-1 Security Configuration Compliance


Overview

For Enclaves and AIS applications, all DoD security configuration or implementation guides have been applied.

MAC / CONF Impact Subject Area
MACI
MACII
MACIII
High Enclave Computing Environment

Details

Threat
The computer hardware and software systems used within the DOD have varying amounts of risks.  Security configuration or implementation guides are created to minimize the security risks associated with the hardware or software products.

Guidance
1. All IA and IA-enabled applications deployed within the enclave (C&A boundary) shall be configured or implemented according to the information within applicable security guides (e.g., STIGs, SNAC Guides).
2. If security guides are not available for deployed IA products, waivers shall be obtained and commercial best practices shall be applied.

References

  • http://www.nsa.gov/snac/  National Security Agency, Systems and Network Attack Center - Security and Configuration Guides
  • http://csrc.nist.gov/pcig/ Defense Information Systems Agency, STIGs
  • http://csrc.nist.gov/pcig/ppsp.html Public and Private Security Practices