Skip to Main Content

Infrastructure Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Please ask technical questions in the appropriate category. Thank you!

Click-to-launch Oracle Linux STIG profile instances in OCI

New Oracle Linux 7 STIG images for the x86_64 and aarch64 platforms are now available in Oracle Cloud Infrastructure (OCI). Oracle Linux 7 STIG images enable you to easily deploy hardened OS instances in OCI and configure Oracle Linux instances in OCI that follow security standards and requirements set by the Defense Information Systems Agency (DISA). These images are an Oracle Linux 7 implementation of the Oracle Linux 7 Security Technical Implementation Guide (STIG) Benchmark Version 2 Release 8 and are scanned against its Security Content Automation Protocol (SCAP) benchmark profile.
As of August 2022, the compliance target for Oracle Linux 7 STIG images transitioned from using the DISA STIG Benchmark to the Oracle Linux STIG Benchmark, which extends the number of STIG rules that are scanned using automation. As a result, the compliance testing for the Oracle Linux STIG images use the Oracle Linux STIG Benchmark. Not all elements of the Oracle Linux 7 STIG are implemented in the images because of requirements specific to the user environment. The resulting SCAP Compliance Checker (SCC) score is published in the documentation.
Deploy a STIG profile instance in minutes
Oracle Linux STIG images are easily accessible and launched. Oracle Linux 7 STIG images (x86_64, aarch64) are available on the Oracle Cloud Marketplace and from the embedded Marketplace or Oracle images catalog in the Oracle Cloud Console. They’re available for deployment in commercial and U.S. government OCI regions.
You can create an Oracle Linux STIG instance using the Console with the following steps:
Log in to your OCI account, select Compute from the main menu, click Instances and then Create instance to configure and deploy an instance.
Under Image and shape, click Change image.
In the Browse all images window, select Oracle images, and search for ‘stig.’
A screenshot of the Browse All Images window in the Oracle CLoud Console showing the Oracle Linux 7 STIG image.Select the Oracle Linux 7 STIG or Oracle Linux 7 Arm STIG image, accept the terms, and click Select image. This selection takes you back to the Create instance page, where you can complete the instance configuration.
Click the Create button to deploy the instance. Within minutes, the Oracle Linux STIG instance is up and running.
For another easy way to launch an Oracle Linux STIG instance in OCI, go to the Oracle Linux 7 STIG image or Oracle Linux 7 Arm STIG Marketplace listing, click Get App, and follow the prompts.
A screenshot of the Oracle Linux STIG Image v2R8 Marketplace page.When you’ve deployed the Oracle Linux STIG instance, any changes that you make to an Oracle Linux STIG Image instance, such as installing other applications or modifying the configuration settings, can impact the SCC compliance score. After making any changes, rescan the instance to check for compliance. See Rescanning an Instance for Compliance.
Get started with enhanced security today
For further details on the Oracle Linux STIG images in OCI, STIG remediation configurations and considerations, and compliance check scanning, refer to the Oracle Linux STIG documentation.
To get started, sign up for an OCI account. Test drive the Oracle Linux 7 STIG image by deploying it on Oracle Cloud Free Tier or OCI subscription resources. With an Oracle Cloud Infrastructure subscription, you receive enterprise-level Oracle Linux Premier Support at no extra cost.
For more information, refer to the following resources:
Oracle Linux 7 STIG image (Oracle Cloud Marketplace)
Oracle Linux 7 Arm STIG image (Oracle Cloud Marketplace)
Oracle Linux STIG (documentation)
Oracle Linux 7 Security Guide (documentation)
Oracle Linux (web page)

Comments
Post Details
Added on Oct 4 2022
0 comments
183 views