NIST Checklist Logo
NIST Security Configuration Checklists Repository
BETA
Browse Repository by
   Product Category
   Vendor
   Submitting
Organization

Our Sponsor
white space white space

Tandem Security Technical Implementation Guide

Name

Tandem Security Technical Implementation Guide, v2 Release 2
Version

v2 Release 2
Status

Final
Creation Date

Not available.
Revision Date

2005-03-04
Product Category

Operating System
Vendor

Tandem Computers
Product

Tandem Operating System
Product Version

Not available.
Product Role

Client / Server
Checklist Summary

The intent of this Tandem Security Technical Implementation Guide (STIG) is to include security considerations needed to provide an acceptable level of risk for the information that resides on the Tandem systems.  This STIG specifies the minimum requirements for securing the Tandem operating system.   This Tandem STIG covers the operating system(s) (OS), applications, and security tools as follows:

OS - Tandem NonStop Kernel

Access Methods - Tandem NonStop SQL (NSSQL); Tandem Enscribe

Security Tools - Block Mode Operating System Services (BOSS); Command Interpreter Monitor (CMON)

Tandem is an interactive, multitasking, and multi-user operating system.  The Tandem operating system includes security that, with system security parameters set, in addition to the use of other security products, will meet C2 requirements.  The C2 features are designed to meet the needs of the user environment and to meet the criteria defined in DOD 8500.1-STD, Trusted Computer System Evaluation Criteria.  The requirements set forth in this document will assist IAOs and IAMs in securing the Tandem NonStop Kernel operating system (OS) for each site.  The Tandem OS includes the Tandem NonStop SQL (NSSQL) database management system (DBMS), and the Tandem file management system Enscribe.  The document will also assist in identifying external security exposures created when the site is connected to at least one IS outside the site’s control.
Known Issues

The scripts only check the OS; there are many more checks (not in the scripts) to become STIG compliant.  This STIG specifies the minimum requirements for securing the Tandem operating system.  Each site may implement additional security measures as necessary to optimize the system’s overall operation.  If guidelines must be modified for the proper and secure operation of an operating environment and infrastructure, the IAO will ensure the system's overall secure operation.

This Tandem STIG presents the known security configuration items, vulnerabilities, and issues required to be addressed by DoD policy.  It must be noted that the guidelines specified should be evaluated in a local, representative test environment before implementation within large user populations.  The extensive variety of environments makes it impossible to test these guidelines for all potential software configurations.  For some environments, failure to test before implementation will lead to a loss of required functionality.
Target Audience

Developped for the DOD.
This document is intended for IAOs, SAs, IAMs, NSOs, and others who are responsible for the configuration, management, or support of information systems.  It assumes that the reader has knowledge of the Tandem operating system and is familiar with common computer terminology.

This STIG is not intended to be an introduction to the Tandem.  Wherever possible, the complete sequence of steps needed to perform an action will be provided, but the reader should understand that these steps might vary based upon the configuration of the particular system being worked on. It is assumed that the reader has enough knowledge to access and use the programs and tools discussed without explicit instruction.
Target Operational Environment

Enterprise and Specialized Security-Limited Functionality.
Checklist Installation Tools

Not available.
Rollback Capability

Not available.
Testing Information

Not available.
NIAP/CMVP Status

Not available.
Regulatory Compliance

DOD Directive 8500.
Comments, Warnings, Disclaimer, Miscellaneous

Refer to Known Issues.
Disclaimer

Not available.
Product Support

It should be noted that FSO Support for the STIGs, Checklists, and Tools is only available to DOD Customers.
Submitting Organization/Authors

Defense Information Systems Agency
Point of Contact

Not available.
Sponsor

Not available.
Licensing

Not available.
Checklist Homepage

http://iase.disa.mil/stigs/stig/index.html
Download Package

http://iase.disa.mil/stigs/stig/
tandem_stig_v2r2.pdf
Integrity

SHA1 Digest (tandem_stig_v2r2.pdf) =
99cd1e6e8973916edd71825a44d01184dca50071

SHA1 Digest (tandem_stig_v2r2.pdf) =
823ad998b4c34dee161c4112edad58b12fc77f57f1
d171f4d07ebf22b0b2f0bc

Change History

v2 Release 1: 2003-06-18
v2 Release 2: 2005-03-04
Dependency/Requirement

Tandem Security Checklist, v2r1.1
References

Not available.
NIST Identifier

1075


NIST and the checklist submitter do not guarantee or warrant the checklist's accuracy or completeness. NIST is not responsible for loss, damage, or problems that may be caused by using the checklist.

Last updated: September 19, 2005
Page created: October 28, 2004
Disclaimer Notice & Privacy Statement / Security Notice
Send comments or suggestions to checklists@nist.gov
NIST is an Agency of the U.S. Commerce Department's Technology Administration