As a former Sysadmin for a multitude of Unix varieties I was often hit with the task of adhering to some governing policy regarding lockdown or hardening of the O/S's that I administered. One of the more challenging was compliance with DISA UNIX STIGs. If you've ever had this task, you'll know that there are three components (the STIG policy document, the SRR scripts, and a manual checklist). There was never an automated way of getting the O/S in compliance, and worse, an automated way to ensure compliance as the servers evolved over time. This rather mundane task (finding, editing, and checking a series of configuration files, CHMODs, and the like) quickly became a daily "chore". Keeping servers in-sync with one another was a task in itself and making mistakes while editing O/S configuration files could set you back a day or two.

I'm happy to say that I found the solution and was so impressed with it that I joined the company. If you are having some or all of these troubles, we have a free trial available at http://www.trustedcs.com/SecurityBlanket.html.

Today the product is available for RHEL 4/5, CentOS 4/5, Oracle Enterprise Linux, Solaris 10 (x86/Sparc) with more platforms soon to come. I would enjoy hearing your feedback. STIGs aren't the only benchmarks either, there are SANS, CIS, DCID 6/3, JAFAN, and CIP benchmarks also preloaded.

Tony Murphy
tmurphy@trustedcs.com