Device and Service Hardening WITH BENCHMARKS FROM CIS AND OTHERS
Device and Service Hardening using NNT’s Change Tracker is the most efficient way to achieve compliance with relevant policies, guidelines and recognized benchmarks. The Center for Internet Security is the primary industry-standard for secure configuration guidance, developing comprehensive, consensus-derived checklists to help identify and mitigate known security vulnerabilities across a wide range of platforms.
Each of the benchmarks developed by the Center for Internet Security provides prescriptive guidance for establishing a secure configuration posture for your IT Infrastructure, including a detailed description and rationale of potential vulnerabilities together with clear auditing and remediation steps. As such, they are the overwhelming option of choice for auditors worldwide when advising organizations on the adoption of a secure build standard for any governance and security initiative. They can be used in addition to guideline provided by PCI DSS, HIPAA, NIST 800-53, SOX, FISMA, ISO/IEC 27002, Graham Leech Bliley or ITIL.
Many Guidelines and Benchmarks covering hardened devices and services are available from various sources. NNT’s solution do incorporate those from PCI DSS, NERC-CIP, NIST 800-53 / 800-171, CIS, IT Grundschutz (Germany), those based on ISO27002 and others. They can be used to audit enterprise networks and then monitor continuously for any drift from your hardened build standard, to ensure systems stay within compliance 24/7.
As one of a handful of CIS Certified Vendors, NNT has also incorporated a broad range of CIS Benchmarks to check against and provide extensive reporting. Adding to this capability, NNT also provides Windows Audit Policy settings or Linux Audit Policy settings for an easier deployment of hardened device and services. The detailed CIS Benchmarks are available from the Center for Internet Security.
* For use with NNT Change Tracker Gen7 R2
Want clarity on what you really need to be doing by way of security best practice in your organization? Left scratching your head for clearer guidance after reading the PCI DSS, NERC CIP, GDPR or any other Governance, Risk and Compliance (GRC) standard? Still confused about what you must do and should do in terms of data protection for your business, and why? NNT recommend the CIS Controls as an essential 'go to' resource for any data security and compliance professional. Our thanks to the Center for Internet Security for continuing to expand the world's understanding of cyber security best practices.
Recommended Windows Audit Policy settings
Download the GPO template file for direct import and deployment via Active Directory
Applying the CIS Benchmarks to your infrastructure can be a daunting task. For example, the latest benchmark for Windows 10 Enterprise – dated 05-18-2021 – is a 1,287 pages document covering more than 500 individual settings. If you want to check them manually, assuming you need 15 seconds for each, it will take you about 2 hours to verify a single device. Overall, the benchmark documents provided by the Center for Internet Security are detailed and difficult to operationalize.
Jumpstart this operation with a free-to-use, time-limited trial license of NNT’s Change Tracker including a 5 node coverage. This trial includes all CIS Benchmarks like those for Windows 10 and all other Windows Desktop Operating System including XP, for all Windows Server versions (2019, 2016, 2012, and 2008), for all Linux distributions, and for many more applications, devices and cloud instances.
Request your trial license and get an overview of your systems status in less than one hour.
NNT is an accredited CIS member and as such we are able to automate and control the provision of all relevant hardening standards including your Microsoft Applications. Within minutes, a full vulnerability assessment can be performed against your IT Assets. Full & automated remediation is provided to make corrective action an easy and straightforward task.
Learn more »
NNT, in conjunction with The Center for Internet Security (CIS), provide a comprehensive suite of system hardening templates based on absolute best practices that can be leveraged to ensure all of your systems (workstations included) retain the most appropriate checks designed to harden your environment and protect from Ransomware.
NNT can also provide a Ransomware Mitigation Kit, comprising the necessary automated vulnerability checks and also the Group Policy/Puppet templates to automatically fix any weaknesses identified.
Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.
Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.