BounceTheBox

...it worked fine yesterday!

User Tools

Site Tools


start

DISA STIG & IAVA Compliant SharePoint

The SRG-STIG Library Compilation are compilations of Department of Defense (DoD) Security Requirements Guides (SRGs), Department of Defense (DoD) Security Technical Implementation Guides (STIGs), Security Readiness Review (SRR) Tools (scripts and OVAL Benchmarks), as well as some other content that may be available through the IASE web site's STIG pages.

While my primary focus is on STIG Compliant SharePoint, understand that there are many STIGs and SRGs that must be implemented to harden the stack that SharePoint rides. For example, a small SharePoint 2013 Farm consisting of (1) SQL 2014 Server, (1) SharePoint 2013 Application Server on Windows Server 2016 and (1) SharePoint 2013 Web Front End Server on Windows Server 2016, requires more than just the SharePoint 2013 STIG.

STIGs and SRGs required in the example above:

SQL Server: Windows Server 2016 STIG + IIS STIG + Application Server STIG + SQL Server 2014 STIG

Application Server: Windows Server 2016 STIG + IIS STIG + Application Server STIG + SharePoint 2013 Server STIG

Application Server: Windows Server 2016 STIG + IIS STIG + Application Server STIG + SharePoint 2013 Server STIG

While an accredited SharePoint environment on the Defense Information Systems Agency (DISA) network is a requirement, I've found a tremendous value transferring this knowledge to the private sector.

BK/BS, Bill Beehner

Collaborative editing of these pages has been disabled.

SP13-00-000100

start.txt · Last modified: 2018/08/03 02:04 by billb