{"id":20342,"date":"2021-04-08T12:01:09","date_gmt":"2021-04-08T19:01:09","guid":{"rendered":"https:\/\/devblogs.microsoft.com\/azuregov\/?p=20342"},"modified":"2021-06-11T09:44:04","modified_gmt":"2021-06-11T16:44:04","slug":"announcing-azure-stig-solution-templates-to-accelerate-compliance-for-dod","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/azuregov\/announcing-azure-stig-solution-templates-to-accelerate-compliance-for-dod\/","title":{"rendered":"Announcing Azure STIG solution templates to accelerate compliance for DoD"},"content":{"rendered":"<p style=\"text-align: left;\">Today we\u2019re announcing the availability of Security Technical Implementation Guide (STIG) solution templates in preview for both Windows and Linux on the Azure Marketplace (commercial) and Azure Government Marketplace.\nThese new templates accelerate speed to achieving <a href=\"https:\/\/public.cyber.mil\/stigs\/\"><span data-contrast=\"none\">Defense Information Systems Agency\u00a0(DISA) STIG compliance<\/span><\/a><span data-contrast=\"auto\">\u00a0by delivering an automated, one-click solution\u00a0that\u00a0enables customers to\u00a0deploy,\u00a0monitor, and maintain\u00a0non-configured\u00a0STIG-compliant\u00a0Window or Linux Virtual Machines.\u00a0<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">STIG is the Department of Defense\u2019s (DoD)\u00a0cybersecurity methodology for standardized security configurations for computer operating systems\u00a0and other software and hardware.\u00a0DISA\u00a0releases updated STIGs for various\u00a0operating systems\u00a0on\u00a0a\u00a0quarterly basis. DoD agencies and contractors are required to use STIG-hardened\u00a0virtual\u00a0machines\u00a0to run\u00a0software\u00a0programs and compliance is enforced\u00a0through\u00a0the\u00a0authority-to-operate (ATO)\u00a0process.\u00a0Manually implementing this complex methodology\u00a0often\u00a0delays\u00a0cloud consumption.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">By providing simple selections, the Azure STIG solution templates fast-track STIG compliance and ultimately\u00a0aids\u00a0in cloud adoption.\u00a0<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Benefits\u00a0of\u00a0templates\u00a0include:<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<ul>\n<li data-leveltext=\"\u2022\" data-font=\"Arial\" data-listid=\"5\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">Easy one-click solution simplifies STIG compliance and enables\u00a0engineering teams\u00a0to focus on higher priority\u00a0efforts<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/li>\n<li data-leveltext=\"\u2022\" data-font=\"Arial\" data-listid=\"5\" aria-setsize=\"-1\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">Accelerates speed to <\/span><span data-contrast=\"none\">DoD STIG complianc<\/span><span data-contrast=\"none\">e<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/li>\n<li data-leveltext=\"\u2022\" data-font=\"Arial\" data-listid=\"5\" aria-setsize=\"-1\" data-aria-posinset=\"3\" data-aria-level=\"1\"><span data-contrast=\"auto\">Hardened according to DISA STIG required configuration standards\u00a0for\u00a0security<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/li>\n<li data-leveltext=\"\u2022\" data-font=\"Arial\" data-listid=\"5\" aria-setsize=\"-1\" data-aria-posinset=\"4\" data-aria-level=\"1\"><span data-contrast=\"auto\">Catalyst to cloud transformation<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Leverage templates to accomplish following:<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<ul>\n<li data-leveltext=\"\u2022\" data-font=\"Arial\" data-listid=\"5\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">Apply STIG to existing VMs\u00a0to\u00a0increase current security\u00a0footprint<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/li>\n<li data-leveltext=\"\u2022\" data-font=\"Arial\" data-listid=\"5\" aria-setsize=\"-1\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">Deploy\u00a0to a\u00a0shared\u00a0image\u00a0gallery\u00a0to support organizational\u00a0reusability<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/li>\n<li data-leveltext=\"\u2022\" data-font=\"Arial\" data-listid=\"5\" aria-setsize=\"-1\" data-aria-posinset=\"3\" data-aria-level=\"1\"><span data-contrast=\"auto\">Capture detailed\u00a0logging and\u00a0analysis\u00a0of VMs\u00a0for auditing and\u00a0authorization\u00a0purposes.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p style=\"text-align: center;\"><strong>Azure STIG solution templates<\/strong><a href=\"https:\/\/devblogs.microsoft.com\/azuregov\/wp-content\/uploads\/sites\/43\/2021\/04\/STIG-Image-2.png\"><img decoding=\"async\" class=\"aligncenter wp-image-20368 size-full\" src=\"https:\/\/devblogs.microsoft.com\/azuregov\/wp-content\/uploads\/sites\/43\/2021\/04\/STIG-Image-2-e1617905523635.png\" alt=\"Image STIG Image 2\" width=\"900\" height=\"265\" srcset=\"https:\/\/devblogs.microsoft.com\/azuregov\/wp-content\/uploads\/sites\/43\/2021\/04\/STIG-Image-2-e1617905523635.png 900w, https:\/\/devblogs.microsoft.com\/azuregov\/wp-content\/uploads\/sites\/43\/2021\/04\/STIG-Image-2-e1617905523635-300x88.png 300w, https:\/\/devblogs.microsoft.com\/azuregov\/wp-content\/uploads\/sites\/43\/2021\/04\/STIG-Image-2-e1617905523635-768x226.png 768w\" sizes=\"(max-width: 900px) 100vw, 900px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p><span data-contrast=\"auto\">The solution works by\u00a0leveraging\u00a0out-of-box\u00a0(OOB)\u00a0images from the Azure Marketplace gallery to reduce the complexity involved with maintaining custom images.\u00a0Desired\u00a0state\u00a0configuration is leveraged with\u00a0PowerSTIG\u00a0and several VM extensions to produce pre-hardened images. The resulting VMs are 90%+ STIG compliant after a successful deployment.\u00a0The templates are composed of\u00a0ARM\u00a0templates and a custom UI to give users a native Azure\u00a0portal VM deployment experience.\u00a0Diagnostic logging can be\u00a0optionally\u00a0stored in a\u00a0storage\u00a0account and\/or a\u00a0Log\u00a0Analytics\u00a0workspace to provide detailed\u00a0auditing information.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">The solution supports the deployment of Windows 10, Windows 10 multi-session, Windows Server 2019, Windows Server 2016, CentOS 7x, RHEL 7x, and Ubuntu 1804, Ubuntu 1804 Data Science.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">We plan to integrate the solution with Azure Policy in the future to provide the ability to monitor and maintain the security footprint after deployment,\u00a0allowing you to\u00a0ensure limited to no\u00a0compliance\u00a0drift on your VMs.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Get started today with Azure STIG solution templates:<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<table data-tablestyle=\"MsoTableGrid\" data-tablelook=\"1184\" aria-rowcount=\"4\">\n<tbody>\n<tr aria-rowindex=\"1\">\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">Windows<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">Linux<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<\/tr>\n<tr aria-rowindex=\"2\">\n<td data-celllook=\"4369\"><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/azure-government\/documentation-government-stig-windows-vm\"><span data-contrast=\"none\">Azure\u00a0commercial<\/span><\/a><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<td data-celllook=\"4369\"><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/azure-government\/documentation-government-stig-linux-vm\"><span data-contrast=\"none\">Azure\u00a0commercial<\/span><\/a><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<\/tr>\n<tr aria-rowindex=\"3\">\n<td data-celllook=\"4369\"><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/azure-government\/documentation-government-stig-windows-vm\"><span data-contrast=\"none\">Azure Government<\/span><\/a><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<td data-celllook=\"4369\"><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/azure-government\/documentation-government-stig-linux-vm\"><span data-contrast=\"none\">Azure Government<\/span><\/a><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<\/tr>\n<tr aria-rowindex=\"4\">\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">Azure\u00a0Government\u00a0<\/span><span data-contrast=\"auto\">Secret\u00a0<\/span><span data-contrast=\"auto\">(<\/span><i><span data-contrast=\"auto\">coming soon!)<\/span><\/i><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">A<\/span><span data-contrast=\"auto\">zure\u00a0Government\u00a0<\/span><span data-contrast=\"auto\">Secret\u00a0<\/span><span data-contrast=\"auto\">(<\/span><i><span data-contrast=\"auto\">coming soon!)<\/span><\/i><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><span data-contrast=\"auto\">For any additional questions\u00a0and\u00a0to provide feedback, please reach out to\u00a0AzureSTIGSupport@microsoft.com.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Today we\u2019re announcing the availability of Security Technical Implementation Guide (STIG) solution templates for both Windows and Linux on the Azure Marketplace (commercial) and Azure Government Marketplace. <\/p>\n","protected":false},"author":57253,"featured_media":20383,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2,1,16,34],"tags":[95,189,316,3439,3430],"class_list":["post-20342","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-announcements","category-azuregov","category-marketplace","category-virtual-machines","tag-azure-government","tag-compliance","tag-government-cloud","tag-security-technical-implementation-guide","tag-stig"],"acf":[],"blog_post_summary":"<p>Today we\u2019re announcing the availability of Security Technical Implementation Guide (STIG) solution templates for both Windows and Linux on the Azure Marketplace (commercial) and Azure Government Marketplace. <\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/posts\/20342","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/users\/57253"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/comments?post=20342"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/posts\/20342\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/media\/20383"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/media?parent=20342"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/categories?post=20342"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/tags?post=20342"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}