Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 923
  • Last Modified:

NIST 800-53 Security Controls

Hello Experts,

I am in the planning stages to build a "target" environment that meets FISMA compliance regulations.  I have plotted and designed the target equipment costing and the Gap Analysis/Risk assessment; however I was curious as to what controls I should consider looking at.

My environment will be private (no public facing access), with 2 IIS boxes, 1 SQL box, 1 AD box, 1 Barracuda backup box, and a XenServer to host 30 XenDesktop machines.

I have been looking into LogRhythm for SIEM, TrendMicro for Endpoints, Tripwire for Integrity, SAINT for Vulnerability Scanning, and ScriptLogic for AD controls/reporting.

Obviously there is no "magic bullet" that will cover ALL of the controls.  My goal is to cover as many security controls that I can with as few vendors as possible.  

Are there any other recommendations or other controls that I should be looking at?
0
LR_Brian
Asked:
LR_Brian
  • 2
1 Solution
 
Melannk24Commented:
For FISMA compliance, 800-53a is a great place to start.  The SRTM controls are pulled directly from NIST documentation.
You may also want to look at FIPS 140-2 for encryption requirements.

May I also recommend looking at Nessus for vulnerability scanning, they have FISMA templates that you can use.  The ProfessionalFeed is very affordable.  Also, we use LogRhythm and we are very satisfied with it....  it has great reporting options and many templates to choose from regarding compliance.  

The SANS Consensus Audit Guidelines (CAG) would also be a good resource for you to browse.

If you happen to host any Window OS Desktops in the future, you will want to look at FDCC documentation as well.
0
 
LR_BrianAuthor Commented:
Thanks for the recommendations.

I will accept you above response as solution.

Do you also use FIM with LogRhythm?  I'm curious to how well they do with it.
0
 
Melannk24Commented:
Yes, we do on our web servers.   It does a pretty good job, sometimes it will report modifications, but we think that is because the AV touches the files....  something we need to take up with support.  It doesn't happen all the time.  One thing I do like about the product is if you have a certain application logs that LogRhythm doesn't have a format for, you can submit that to support and they will try to get it out in the next release.  They actually did that for Hyper-V faster than I thought they would.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now