By Brian Walker
Does Red Hat STIG really stay the same?
RHEL 7 laid a solid foundation for Red Hat Enterprise Linux (RHEL) 8 and is the first major update of Red Hat since June 2014. RHEL 8 brings a revised web console, application streams, some improvements in security and configurations capabilities.
The difference between RHEL 7 and RHEL 8.
Files for many daemons now utilize trees ending in “.d” with numbered files to compile rules in various aspects of the operating system. This is a departure from older systems like Red hat 6, that tended to have monolithic .conf or similar files. Red Hat 8 has removed a few utilities entirely, but many of the older functions’ users are familiar with are aliased inside of the new operating system. DISA is taking advantage of these standard functions to ease users into hardening Red Hat 8. Red Hat 7 continues the use of sysctl and sytemctl vs the older “service” used by Red Hat 6 and early 7. This STIG is currently in draft form and recalling the number of drafts needed for Red Hat 7. It might take quite some time before DISA finally releases the official Red Hat 8 STIG. As they say, “the proof is in the pudding” and difference between RHEL 7 and RHEL 8 can be found in the following link. https://www.simplylinuxfaq.com/p/major-differences-between-rhel-8-and-7.html
While RHEL 7 introduced many innovations that we utilize today, such as the enterprise Linux platform’s fundamental components, you can expect RHEL 8 to perform very much like RHEL 7 but offer even greater stability and agility.
Once the DISA STIG is released.
Our team at SteelCloud is following these changes closely. Our ConfigOS automation compliance software will have a signature released within days after DISA releases the official STIG. If you are currently evaluating Red Hat Enterprise Linux 8, we found this link very helpful. https://red.ht/322cjmv
About the author:
Brian Walker has spent most of his 13 years inside management and customer service, building one of the best customer service experiences in the industry for SteelCloud. He holds bachelor’s degrees in both computer science and history with a concentration in pre-law, giving him the perfect foundation for working in automation and government compliance. You can reach him at email@example.com.