A Maintenance Pack is required to deliver the enhancements and fixes for Control Compliance Suite version 11.0

Release Highlights:

The Product Update (PU) 2014-1 delivers the following new capabilities and enhancements to Control Compliance Suite 11.0:

·         New – Discovery

o   Network Discovery job

The Network Discovery job uses the network address and subnet mask of a network to discover the subnets within a network.

o   Asset Discovery job

The Asset discovery job scans the network to discover all assets in the selected network.

·         New - Security Content Automation Protocol (SCAP)

o   CCS adopts the Security Content Automation Protocol (SCAP) suite of specifications, which is a validation program defined by National Institute of Standards and Technology (NIST).

§  Control Compliance Suite now also adheres to the SCAP 1.2 specification that comprises the following components:

·         Extensible Configuration Checklist Description Format (XCCDF) 1.2

·         Open Vulnerability and Assessment Language (OVALR) 5.10.1

·         Common Configuration Enumeration (CCE.) 5

·         Common Platform Enumeration (CPE.) 2.3

·         Common Vulnerabilities and Exposures (CVER)

·         Common Vulnerability Scoring System (CVSS) 2.0

·         Asset Identification 1.1

·         Asset Reporting Format (ARF) 1.1

§  Support for OVAL definition version 5.3 to version 5.10.1 is now added for SCAP 1.2.

§  The evaluation results of the SCAP 1.2 data streams can now be exported to any of the following formats:

·         OVAL Thin

·         OVAL Full (with system characteristics)

·         OVAL Full (without system characteristics)

·         XCCDF

·         ARF

§  CCS supports valid TIER IV SCAP 1.2 content including the following content that is published by NIST in the National Checklist Program (NCP) repository:

·         USGCB Internet Explorer 7 (2.0.x.0)

·         USGCB Internet Explorer 8 (1.2.x.0)

·         USGCB Windows 7 (1.2.x.0)

·         USGCB Windows 7 Firewall (1.2.x.0)

·         USGCB Windows Vista (2.0.x.0)

·         USGCB Windows Vista Firewall (2.0.x.0)

·         USGCB Windows XP Firewall (2.0.x.0)

·         USGCB Windows XP (2.0.x.0)

·         New –Services and APIs in the Integration Support Services

o   The ISCAPExportService is now added to expose the APIs that export SCAP evaluation results into various export formats like Asset Reporting Format (ARF) or Cyberscope xml.

§  The following APIs have been added to the ISCAPExportService for the SCAP module:

·         GetARFReportXml

·         GetAssetIDsForSCAPJobRun

·         GetCyberScopeXml

o   The ISCAPJobService is now added to expose the APIs that create SCAP evaluation jobs and OVAL evaluation jobs.

§  The following APIs have been added to the ISCAPJobService for the SCAP module:

·         Create

·         CreateForOval

·         Enhanced - Agent Product Update

o   The Agent Product Update (APU) can now be applied to the agents using LiveUpdate.

 For more details on the new features and enhancements, refer to the PU 2014-1 Readme.

Attachments