1. Cloud Control Oracle Compliance Standards Reference
  2. SCAP Supported Standards

25 SCAP Supported Standards

Enterprise Manager Compliance supports Security Content Automation Protocol (SCAP) XCCDF Compliance benchmarks.

Note:

In order to upload and use SCAP supported standards, OSCAP (Open SCAP) needs to be installed in the agent targets using the install method of your choice (RPM, YUM, DNF). To download OSCAP see: https://www.open-scap.org/download/.

For information on how to install binaries in Oracle Linux using YUM see: Installing Software from Oracle Linux Yum Server.

Enterprise Manager supports Security Content Automation Protocol (SCAP) enabled compliance standards. SCAP is a multi-purpose framework of specifications that supports automated configuration, vulnerability and patch checking, technical control compliance activities, and security measurement.

A compliance standard in Extensible Configuration Checklist Description Format (XCCDF) can be imported into Enterprise Manager using EM CLI verb upload_compliance_standard, and manage the compliance of managed targets against your policies. For more information see: Import XCCDF based standards using EMCLI

SCAP Standards Available for Oracle Linux 8

The following is a list of SCAP Standards included in Oracle Enterprise Manager from version 13.4 RU9 onward:

Health Insurance Portability and Accountability Act (HIPAA): The HIPAA Security Rule establishes US national standards to protect individuals' electronic personal health information that is created, received, used or maintained by a covered entity. The Security Rule requires appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information. This profile configure Oracle Linux 8 to the HIPAA Security Rule for securing electronic protected health information. (V0.1.48). For more information on securing Linux configuration for HIPAA compliance see: https://static.open-scap.org/ssg-guides/ssg-ol8-guide-hipaa.html.

DISA STIG for Oracle Linux 8: This profile contains configuration checks that align to DISA STIG for Oracle Linux 8. (V0.1.48).

For more information see: https://static.open-scap.org/ssg-guides/ssg-ol8-guide-index.html.

PCI-DSS v3.2.1 Control Baseline Draft for Oracle Linux 8: Ensures PCI-DSS v3.2.1 related security configuration settings are applied. (V0.1.48).

For more information see: https://static.open-scap.org/ssg-guides/ssg-ol8-guide-pci-dss.html.

Standard System Security Profile for Oracle Linux 8: his profile contains rule to ensure standard security baseline of an Oracle Linux 8 system. (V0.1.48).

For more information see: https://static.open-scap.org/ssg-guides/ssg-ol8-guide-standard.html.

SCAP Standards Available for Oracle Linux 7

The following is a list of SCAP Standards included in Oracle Enterprise Manager from version 13.4 RU9 onward:

Health Insurance Portability and Accountability Act (HIPAA): The HIPAA Security Rule establishes US national standards to protect individuals' electronic personal health information that is created, received, used or maintained by a covered entity. The Security Rule requires appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information. This profile configure Oracle Linux 7 to the HIPAA Security Rule for securing electronic protected health information. (V0.1.46).

For more information on securing Linux configuration for HIPAA compliance see: https://static.open-scap.org/ssg-guides/ssg-rhel7-guide-hipaa.html.

DISA STIG For Oracle Linux 7: This profile contains configuration checks that align to DISA STIG for Oracle Linux V1R1. (V0.1.46).

For more information see: https://static.open-scap.org/ssg-guides/ssg-ol7-guide-index.html

PCI-DSS v3.2.1 Control Baseline for Oracle Linux 7: Ensures PCI-DSS v3.2.1 related security configuration settings are applied. (V0.1.46).

For more information see: https://static.open-scap.org/ssg-guides/ssg-ol7-guide-pci-dss.html

Standard System Security Profile for Oracle Linux 7: This profile contains rule to ensure standard security baseline of an Oracle Linux 7 system. (V0.1.46).

For more information see: https://static.open-scap.org/ssg-guides/ssg-ol7-guide-standard.html

Import XCCDF based standards using EMCLI

SCAP XCCDF standards that are not included by default can be imported into enterprise manager with the EM CLI verb upload_compliance_standard and a -file parameter with the XML data stream file containing one or more standards.

Example:
$ emcli upload_compliance_standard -file="ssg-ol8-ds.xml"