The Center for Internet SecurityThe Center for Internet Security Site MapContact UsPrivacy Policy
The Center for Internet Security
HomeNewsWhat is CIS?Benchmarks/ToolsOther ResourcesJoin UsTestimonialsFAQ
CIS Members site

Become a Member of CIS - Click here for more info

More than 170 members, from around the wrold! Click here for more info

Get Involved - Click here for more info



CIS certifies commercial software. Click here for more info

CIS licenses resources for commercial use. Click here for more info.

click here to find out about CIS trademarks.

Click here to find out about upcoming conferences and events!

 Benchmarks/Tools
The Download Files:
  • CIS_Solaris_Benchmark_v4.0.tar.gz - this bundle includes the benchmark document with detailed instructions for implementing the steps necessary for CIS Level-I security on Solaris 10 11/06 and 8/07 systems, and an appendix with an overview of Solaris 10 OS Security Controls, in .tar.gz format.
  • CIS_Solaris_Benchmark_v4.0.zip - this bundle includes the benchmark document with detailed instructions for implementing the steps necessary for CIS Level-I security on Solaris 10 11/06 and 8/07 systems, and an appendix with an overview of Solaris 10 OS Security Controls, in .zip format.
  • CIS_Solaris10_Benchmark_v2.1.2.tar.gz - this Benchmark document contains details instructions for implementing the steps necessary for CIS Level-1 security on Solaris 10 systems ONLY. Package also includes do-backup.sh script referenced by the benchmark.
  • cis_score_tool_solaris_v1.5.0.sh.Z - a Host-based Scoring Tool - scores the security of a system against the Benchmark and creates a variance report. This is for Solaris versions up through 9 ONLY and references settings in version 1.3 of the benchmark.


    •
What are the Benchmarks?
The Benchmarks are a compilation of security configuration actions and settings that "harden" Solaris operating systems. It is a CIS Level-I Benchmark – the prudent level of minimum due care for operating system security.

Level-I Benchmark settings/actions:
  1. can be understood and performed by system administrators with any level of security knowledge and experience,
  2. are unlikely to cause an interruption of service to the operating system or the applications that run on it,
  3. can be automatically monitored either by CIS Scoring Tools or by CIS-certified tools available from CIS certified software vendors .
The CIS Scoring Tools provide a quick and easy way to evaluate systems and compare their level of security against the CIS minimum due care security Benchmark. Tool reports guide system administrators to harden both new installations and active production systems. The tool is also effective for monitoring systems to assure that security settings continuously conform with the Benchmark.
Share Your Feedback
We value your feedback, which may be used both to update the Level-1 Benchmark and to further define Level-II security configurations. CIS Level-II Benchmarks enhance security beyond the minimum due care level, based on specific network architecture and server function.

Please direct your technical feedback to:

The CIS Feedback Email Address

Please direct other feedback to:

Bert Miuccio, Vice President

For more information about the CIS consensus process and the benchmarks, go to What are the Benchmarks? and FAQ - The Benchmarks.
Updates to the Benchmark and Tool
CIS products are updated periodically. Continuous feedback from CIS Members and other users assures that the consensus standard of minimum due care is always reflected in the Level-I settings. A revision history for this benchmark can be found in the benchmark itself.

One of the benefits of CIS Membership is electronic notification when updates become available.

If your organization is not a member of The Center, visit this website periodically to assure that you are using the latest version of CIS products.

Testimonials from our Members about The Center for Internet Security are available here.



Logo and Design by Keiler
© 2005, the Center for Internet Security.