Network Device Checklist Automator
Final rept. 24 May-Aug 2010
ARMY RESEARCH LAB ADELPHI MD
Pagination or Media Count:
The Department of Defense DoD 8500 series mandates that all agencies implement the Security Technical Implementation Guides STIGs released by the Defense Information Systems Agency DISA to protect information systems against attackers and misuse. Agencies are required to perform regular checks on all their systems for compliance with these regulations. To make the STIG compliance validation process easier, the DoD allows the use of Security Readiness Review Scripts SRRS, which automatically perform many checks, allowing auditors to focus attention on critical areas. Per the DoD, network devices are the most critical, but to date there are no commonly available Government automation tools for network devices such as routers, firewalls, switches, and intrusion detection systems IDSs. Without sufficient support, many of these devices are running with little or no checking. The Network Device Checklist Automator NDCA seeks to become the first SRRS for network devices and provide the groundwork for future development. Our goal is to create a framework and implement full support for a few devices to demonstrate proof of concept in hopes of transitioning the project to other organizations for further evaluation and testing, and eventual implementation by all sections of the DoD tasked with ensuring network device STIG compliance.
- Computer Systems
- Computer Systems Management and Standards
- Defense Systems