Release of the Express Security Content Update 2025-1 for CCS
search cancel

Release of the Express Security Content Update 2025-1 for CCS

book

Article ID: 390428

calendar_today

Updated On:

Products

Control Compliance Suite Standards Server Control Compliance Suite Control Compliance Suite Standards Module Control Compliance Suite Standards Database

Issue/Introduction

Control Compliance Suite (CCS)

Express SCU 2025-1 for CCS has been released, and it contains the 'CIS Ubuntu Linux 22.04 LTS Benchmark v2.0.0 Level 1 and Level 2' standards, as well as the 'Security Essentials for Microsoft Windows Server 2025'

Environment

CCS 12.6.1

CCS 12.7

Resolution

The Express Security Content Update 2025-1 package (Express SCU package: CCS_ExpressSCU_2025-1_Win.zip) can be downloaded from the Broadcom Support site (support.broadcom.com)

NOTE: Refer to the README PDF in the Express SCU package: CCS_ExpressSCU_2025-1_Win.zip download for all the required steps to apply this Express SCU to your CCS environment.

Summary

Express Security Content Update 2025-1 includes the CIS Ubuntu 22 standards and the Security Essentials standard for Windows Server 2025


Details

This Express SCU provides the latest version of the following CCS predefined technical standards:

UNIX:

  • CIS Ubuntu Linux 22.04 LTS Benchmark v2.0.0 Level 1
  • CIS Ubuntu Linux 22.04 LTS Benchmark v2.0.0 Level 2

Windows

  • Security Essentials for Microsoft Windows Server 2025

 

  • Added Target type:

                 ○ Windows 2025 Domain Controller Servers

                 ○ Windows 2025 Standalone and Member Servers

  • Added Asset group:

      ○ Windows 2025 Machines

 

Prerequisites

Following are the prerequisites to install this Express SCU:

  • - Security Content Update 2024-1 and 2024-2 are installed.
  • - Control Compliance Suite 12.6.1 or later is installed.
  • - The Dynamic Link Libraries (DLLs) included in this package need to be applied manually and are required to evaluate the checks in Ubuntu 22 standard successfully.

 

Regarding Windows Server 2025

To run a CER job against Windows server 2025 assets, it can be done in the following way:

Agentless Asset import and Data collection:

Asset Import:

  1. Run the Asset import job using LDAP or CSV.
  2. Windows 2025 assets will be imported and the OS Type field in Asset type properties will display the version for Windows Server 2025.

Agentless Data Collection and Evaluation:

Run the CER job by scoping the Security Essentials standard for Windows Server 2025 against the Windows server 2025 assets.

 

Agent-based Asset import and Data collection:

Agent based Asset import:

  1. Install CCS 12.7 agent and latest content tpk on Windows Server 2025 asset.
  2. Register the agent with the CCS manager.
  3. Import the agent in the CCS which will fetch its associated windows asset also.
  4. The OS type field in Asset type properties will display the version for Windows Server 2025.

Agent-Based Data Collection and Evaluation: 

Run the CER job by scoping the Security Essentials standard for Windows Server 2025 against the Windows server 2025 assets.

NOTE:  For Agent based use case, currently the Platform Type filed in the Agent workspace will be shown as "Windows 2022 Server". Customers can run CER jobs on Windows Server 2025, however the full agent-based support will be added in the next CCS Infra release.

Powered by Wolken Software