MacWebHosting Configuration Quidance of Macintosh OS X Mac Hosting

Macintosh OS X Workstation STIG, V1R1

DISA Field Security Operations

15 June 2004

Developed by DISA for the DOD

(OSX1026GEN0106:  CAT II) The IAO and the SA will for the Mac OS X server be

responsible for initiating actions when file integrity breaches are detected.

(OSX1026SVR0041:

CAT III) The SA will for the Mac OS X server ensure a procedure is in

place to set the system date and time of day daily

NOTE: This may be accomplished through a local time server.

2.3.2  Availability and File Location

Data availability is the ability to deliver timely, reliable access to data and information services

for authorized users.  This can depend on many things, such as hardware availability, but data

location, especially where and how backup data is maintained, is sometimes an overlooked factor

in data availability.  Ensure the effects of hardware failures on system availability are minimized.

Avoid collocation of files such as primary and alternate databases or online and backup data

files.  The loss of a physical volume containing data should not also cause the loss of the backup

data because of their collocation.  The following only applies if you are running Mac OS X

server.

(N/A:  CAT II) The SA will ensure backup/baseline files are not located on the same physical

device/medium as the primary/online files.

(N/A:  CAT II) The SA will ensure that the system backup of OS data is performed on a daily

basis and the backups retained for at least one month.

2.4  Patch Control

Maintaining the security of a Mac OS X system requires frequent reviews of security bulletins

from

http://www.apple.com

 and then going under the OSX tab and then on to the Updates page.

Many security bulletins mandate the installation of a software patch (Software Updates) to

overcome security vulnerabilities.

SAs and IAOs should regularly check OS vendor web sites for information on new security

patches that are applicable to their site.  All applicable security patches will be applied to the

system.  A security patch is deemed applicable if the product is installed, even if it is not used or

is disabled.

FSO does not test or approve patches or service packs.  It is the site's responsibility to test

vendor patches within their test environment

The IAO will ensure that the Standard Operating Procedure (SOP) for each system includes

the requirement to monitor Department of Defense Computer Emergency Response Team

(DOD CERT) bulletins at

http://www.cert.mil

.  Select the link to the DOD CERT bulletins.

(N/A:  CAT II) The IAO and SA will subscribe to the DOD CERT/VMS bulletin mailing list.

UNCLASSIFIED





  
    
      

    
    Home
    
    About
    
    Services
    
    Network
    
    Support
    
    FAQ
    
    Order
    
    Contact
    
    
         Mac Web Hosting

    
    
    
      Our partners:Jsp 
      Web Hosting
      Unlimited Web Hosting 
      Cheapest Web Hosting  Java 
      Web Hosting
      Web Templates
      Best Web Templates PHP Mysql Web Hosting
      
      Interland Web Hosting
      Cheap Web Hosting 
      PHP Web Hosting
      Tomcat Web Hosting
      Quality Web Hosting
      Best Web Hosting  Mac 
      Web Hosting  
      

      Lunarwebhost.net  Business web hosting 
      division of Vision Web Hosting Inc. All rights reserved


Home	About	Services	Network	Support	FAQ	Order	Contact
Mac Web Hosting
Our partners:Jsp Web Hosting Unlimited Web Hosting Cheapest Web Hosting Java Web Hosting Web Templates Best Web Templates PHP Mysql Web Hosting Interland Web Hosting Cheap Web Hosting PHP Web Hosting Tomcat Web Hosting Quality Web Hosting Best Web Hosting Mac Web Hosting Lunarwebhost.net Business web hosting division of Vision Web Hosting Inc. All rights reserved