U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

Enterprise System Management (ESM) STIG Version 1, Release 1 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
Microsoft Systems Management Server 2003 cpe:/a:microsoft:systems_management_server:2003 (View CVEs)

Checklist Highlights

Checklist Name:
Enterprise System Management (ESM) STIG
Checklist ID:
450
Version:
Version 1, Release 1
Type:
Compliance
Review Status:
Archived
Authority:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:
06/05/2006

Checklist Summary:

This Enterprise System Management (ESM) Security Technical Implementation Guide (STIG) provides security configuration guidance for software products designed to deliver enterprise-class system management functions. While the boundaries of the ESM discipline are such that there is no authoritative definition of an ESM product, Section 2, Enterprise System Management Overview, provides a generic description of the elements characteristic of most ESM products. Section 3, Enterprise System Management Security, provides general guidance for ESM products; specific commercial products are addressed in appendices. Use this document in conjunction with the other STIGs developed by the Defense Information Systems Agency (DISA). The operating system (OS) STIGs provide crucial guidance for securing the platforms on which the ESM products run. The STIGs that cover database and webserver products provide guidance to ensure that those services used by ESM products also support a secure environment.

Checklist Role:

  • Business Productivity Application

Known Issues:

Not provided.

Target Audience:

This document describes security requirements to be applied to ESM products used in DoD environments. The information is designed to assist Security Managers, Information Assurance Managers (IAMs), Information Assurance Officers (IAOs), and System Administrators (SAs) with the creation of more secure ESM configurations.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

DoD Directive 8500.1

Comments/Warnings/Miscellaneous:

Comments or proposed revisions to this document should be sent via e-mail to fso_spt@disa.mil. DISA FSO will coordinate all change requests with the relevant DoD organizations before inclusion in this document.

Disclaimer:

Not provided.

Product Support:

Comments or proposed revisions to this document should be sent via e-mail to fso_spt@disa.mil. DISA FSO will coordinate all change requests with the relevant DoD organizations before inclusion in this document.

Point of Contact:

fso_spt@disa.mil

Sponsor:

Not provided.

Licensing:

Not provided.

Change History: 

Version 1, Release 1 - 5 June 2006
Updated URL to reflect change to the DISA website - http --> https
moved to archive status - 4/15/19

Dependency/Requirements:

URL Description

References:

Reference URL Description

NIST checklist record last modified on 04/15/2019