diff --git a/static/sass/styles.scss b/static/sass/styles.scss index e04bc984a63..2c60dc27110 100644 --- a/static/sass/styles.scss +++ b/static/sass/styles.scss @@ -1766,3 +1766,11 @@ legend { height: 15rem; } } + +// XXX: Custom styling to remove the full-stop after the counter in 'p-stepped-list' +ol.p-stepped-list.no-full-stop + .p-stepped-list__item + .p-stepped-list__title::before { + content: counter(p-stepped-list-counter); + text-align: left; +} diff --git a/templates/security/disa-stig.html b/templates/security/disa-stig.html index 1fabc008531..82dbf32f7e7 100644 --- a/templates/security/disa-stig.html +++ b/templates/security/disa-stig.html @@ -1,163 +1,192 @@ {% extends "security/base_security.html" %} +{% from "_macros/vf_hero.jinja" import vf_hero %} + {% block title %}Ubuntu DISA-STIG compliance | Security{% endblock %} {% block meta_description %}Technical details on the Ubuntu DISA-STIG guide for Linux.{% endblock %} {% block meta_copydoc %} - https://docs.google.com/document/d/1zJwZzc-cERj9YKNXFtmrXwynJptyT7-D3qCNzBctRfo/edit# + https://docs.google.com/document/d/1zJwZzc-cERj9YKNXFtmrXwynJptyT7-D3qCNzBctRfo/edit?tab=t.0 {% endblock meta_copydoc %} +{% block body_class %} + is-paper +{% endblock body_class %} + {% block content %} -
-
-
-

DISA-STIG on Ubuntu

-

Comply with the DISA Security Technical Implementation Guide

-

- Security Technical Implementation Guides (STIG) are developed by the Defense Information System Agency (DISA) for the U.S. Department of Defense (DoD). Ubuntu Pro on public cloud and Ubuntu Pro (Infra) have the necessary certifications and controls to comply with DISA-STIG guidelines on Linux. -

- Contact us - Get Ubuntu Pro (Infra) -
-
+ {% call(slot) vf_hero( + title_text='DISA-STIG on Ubuntu', + subtitle_text='Comply with the DISA Security
Technical Implementation Guide', + layout='25/75' + ) -%} + {%- if slot == 'signpost_image' -%} +
{{ image ( - url="https://assets.ubuntu.com/v1/ef01809f-DISA-logo-transparent.png", - alt="DISA-STIG logo", - width="720", - height="264", + url="https://assets.ubuntu.com/v1/92754de5-disa.png", + alt="", + width="852", + height="204", hi_def=True, loading="auto" ) | safe }}
-
-
- -
-
-
+ {%- endif -%} + {%- if slot == 'description' -%} +

+ Security Technical Implementation Guides (STIG) are developed by the Defense Information System Agency (DISA) for the U.S. Department of Defense (DoD). Ubuntu Pro on public cloud and Ubuntu Pro (Infra) have the necessary certifications and controls to comply with DISA-STIG guidelines on Linux. +

+ {%- endif -%} + {%- if slot == 'cta' -%} + Contact us + Get Ubuntu Pro (Infra) › + {%- endif -%} + {%- if slot == 'image' -%} +
+ {{ image(url="https://assets.ubuntu.com/v1/f759a607-hero.png", + alt="", + width="3696", + height="1540", + hi_def=True, + loading="auto", + attrs={"class": "p-image-container__image"}) | safe + }} +
+ {%- endif -%} + {% endcall -%} -
-
-
-

How does Ubuntu enable your compliance with FIPS, and DISA-STIG?

+
+
+
+
+

+ How does Ubuntu enable your compliance with FIPS, +
+ and DISA-STIG? +

+
+
+
+ {{ image(url="https://assets.ubuntu.com/v1/497f33c2-how-ubuntu-enables-webinar.png", + alt="", + width="1800", + height="1013", + hi_def=False, + loading="lazy") | safe + }} +

- Learn about the US government security standards and the common challenges faced by organisations in their implementation. See how the Ubuntu Security Guide can transform systems compliance in a few minutes. Get to know how Ubuntu is a secure platform for government agencies and complying organisations to build, operate and innovate with open source applications and technologies. + Learn about the US government security standards and the common challenges faced by organizations in their implementation. See how the Ubuntu Security Guide can transform systems compliance in a few minutes. Get to know how Ubuntu is a secure platform for government agencies and complying organizations to build, operate and innovate with open source applications and technologies.

- Contact us -
-
-
- - - +
+ Contact us + Watch the webinar ›
-
+
+
+
+
+

What is DISA-STIG?

+
+
+
+

+ The Defense Information System Agency (DISA) is a US Department of Defense combat support agency. It provides and operates information infrastructure to support military operations and national-level leadership. The Security Technical Implementation Guide (STIG) is a configuration standard consisting of guidelines for hardening systems to improve a system's security posture. It can be seen as a checklist for securing protocols, services, or servers to improve the overall security by reducing the attack surface. +

+
+
+
-

What is DISA-STIG?

-

- The Defense Information System Agency (DISA) is a US Department of Defense combat support agency. It provides and operates information infrastructure to support military operations and national-level leadership. The Security Technical Implementation Guide (STIG) is a configuration standard consisting of guidelines for hardening systems to improve a system’s security posture. It can be seen as a checklist for securing protocols, services, or servers to improve the overall security by reducing the attack surface. -

+
+ {{ image(url="https://assets.ubuntu.com/v1/3c7382e4-what-is-disa.png", + alt="", + width="3696", + height="1541", + hi_def=True, + loading="lazy", + attrs={"class": "p-image-container__image"}) | safe + }} +
-
-
-

DISA-STIG for Ubuntu

-

- Together with Canonical, DISA has developed STIGs for Ubuntu. The U.S. DoD provides the STIG checklist, which can be viewed using STIG viewer, and SCAP content for auditing. The versions of Ubuntu that have STIGs available by DISA are marked on the table below. -

- - - - - - - - - - - - - - - - - -
Ubuntu 16.04 LTSUbuntu 18.04 LTSUbuntu 20.04 LTS
- {{ image ( - url="https://assets.ubuntu.com/v1/ef01809f-DISA-logo-transparent.png", - alt="DISA logo", - width="136", - height="50", - hi_def=True, - attrs={"style": "vertical-align: middle;"}, - loading="lazy" - ) | safe - }} - - Defense Information System Agency Security Technical Implementation Guides (STIGs) and Supplemental Automation Content for Ubuntu - - {{ image(url="https://assets.ubuntu.com/v1/2ccda8d7-tick-orange.svg", alt="Yes: Configuration guide", width="14", height="14", hi_def=True, loading="lazy",) | safe }} - - {{ image(url="https://assets.ubuntu.com/v1/2ccda8d7-tick-orange.svg", alt="Yes: Configuration guide", width="14", height="14", hi_def=True, loading="lazy",) | safe }} - - Yes: Tooling and automation -
-
    -
  • - Yes: Configuration guide - Configuration guide -
    • -
  • - Yes - Tooling and automation -
    • -
- Read more about Ubuntu tooling and automation +
+
+
+
+

DISA-STIG for Ubuntu

+
+
+
+

+ Together with Canonical, DISA has developed STIGs for Ubuntu. The U.S. DoD provides the STIG checklist, which can be viewed using STIG viewer, and SCAP content for auditing. The versions of Ubuntu that have STIGs available by DISA are marked on the table below. +

+
+ Read more about Ubuntu tooling and automation › +
+
+ +
+

+ DISA Security Technical Implementation Guides (STIGs) and Supplemental Automation Content for Ubuntu +

+
+
    +
  • +
    +
    Ubuntu 16.04 LTS
    +
    Configuration guide
    +
    +
    • +
  • +
    +
    Ubuntu 18.04 LTS
    +
    Configuration guide
    +
    +
    • +
  • +
    +
    Ubuntu 20.04 LTS
    +
    Tooling and automation
    +
    +
    • +
  • +
    +
    Ubuntu 22.04 LTS
    +
    Tooling and automation
    +
    +
    • +
+
-
-
-
-

How to audit and comply with DISA-STIG?

-
    +
    +
    +
    +
    +

    + How to audit and comply +
    + with DISA-STIG? +

    +
    +
    +
    1. -

      Auditing

      +

      Auditing

      -

      Using the Ubuntu Security Guide auditing is as simple as:

      +
      +

      Using the Ubuntu Security Guide for auditing is as simple as:

      sudo usg audit disa_stig
      @@ -165,26 +194,102 @@

      Auditing

    2. -

      Compliance

      +
      +

      Compliance

      -

      Using the Ubuntu Security Guide applying the necessary rules for compliance is as simple as:

      +
      +

      Using the Ubuntu Security Guide for applying the necessary rules for compliance is as simple as:

      sudo usg fix disa_stig
      +
      + Read more about Ubuntu Security Guide › +
      -
      3. -
    -

    - Read more about Ubuntu Security Guide -

    +
    + +
+
+
+ +
+
+
+
+

+ Canonical is offering +
+ Expanded Security Maintenance +

+
+
+
+ {{ image(url="https://assets.ubuntu.com/v1/82d84ea0-canonical-is-offering.png", + alt="", + width="1800", + height="1014", + hi_def=True, + loading="lazy") | safe + }} +
+

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

+
+ Find out more about ESM › +
- {% with first_item="_security_discussion", second_item="_security_esm", third_item="_security_further_reading" %} - {% include "shared/contextual_footers/_contextual_footer.html" %} - {% endwith %} +
+
+
+
+

Resources

+
+
+
+
+

Join the discussion

+
+
+ +
+
+
+
+
+

Further reading

+
+
+ +
+
+
+
+