![]() In addition to app-based alerts, APNs is used by Mobile Device Management (MDM) servers to manage enrolled devices.ĪPNs is an encrypted and authenticated communication protocol approved for DoD use. For all questions related to the STIG content, please contact the DISA STIG Customer Support Desk at. The entire 17.0.0.0/8 address block is assigned to Apple.Ģ.4.2 Apple Push Notification Service (APNs)ĪPNs is a platform notification system that developers use to send notification alerts to devices manufactured by Apple, Inc. If the firewall can only be configured with IP addresses, allow outbound connections to 17.0.0.0/8. If the firewall supports using hostnames, the Apple services above can be used by allowing outbound connections to *. Apple publishes detailed information about which hosts and ports are required to use Apple products on enterprise networks at the following links:Ĭonfiguration of a network using this information is approved for DoD use. Section 2.4.1 Use of Apple Products on Enterprise NetworksĪutomated deployment and management of Apple devices may require access to specific network services. Apple provides the capability for DoD support staff to test most updates before they are released. Apple-provided updates must be installed on Apple macOS devices when available. Apple is considered a DoD- approved source. This STIG requires that all updates come from an approved source. Keeping macOS up to date ensures it has the latest enhancements and security controls in place. More information about these built-in tools can be found at the following links: The Malware Removal Tool is updated by Apple on systems configured to receive automatic security updates. Malware Removal Tool is an engine used to remediate infections should one find its way on to a Mac. XProtect definition files are updated by Apple automatically, independent of OS updates. STIG Viewer Video Storage Area Network STIG - Ver 2, Rel 4 1.1 MB. XProtect is a built-in signature-based antivirus tool that helps protect macOS from malware infections. STIG Viewer User Guide (Sep 2022) 1.77 MB. ![]() #STIG VIEWER FOR MAC SOFTWARE#Gatekeeper ensures that by default, only trusted software runs on a Mac. Unless you really enjoy reading over XML, youll need an XML parser, or more ideally, an XCCDF viewer. File formats and Tooling This is probably where STIG and CIS diverge the most.STIGs are primarily offered in XCCDF, an XML-based file format. MacOS includes built-in protections against malware. In that case, well use the STIG for the platform, but the CIS benchmark for Apache Tomcat. ![]() #STIG VIEWER FOR MAC ZIP#Inside the zip files is an XML file that is being used to generate the checklist. Once you have downloaded the appropriate STIGs, in STIG viewer click file and then Import STIG. #STIG VIEWER FOR MAC FOR MAC#See: U_Apple_macOS_11_V1R1_Supplemental.pdf STIG Viewer Version 2.10 for Mac Now go to and download the STIG checklists for your environment. The US Department of Defense (DoD) and Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) recommend keeping macOS up to date and allowing access to Apple network services for management.Īpple macOS 11 STIG: dl_facet_stigs=operating-systems,mac-os Truly useful guidance from the STIG (Not the race car driver) ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |