6. Security

OpenSCAP

OpenSCAP is a set of open source libraries that support the Security Content Automation Protocol (SCAP) standards from the National Institute of Standards and Technology (NIST). OpenSCAP supports the SCAP components:

  • Common Vulnerabilities and Exposures (CVE)
  • Common Platform Enumeration (CPE)
  • Common Configuration Enumeration (CCE)
  • Common Vulnerability Scoring System (CVSS)
  • Open Vulnerability and Assessment Language (OVAL)
  • Extensible Configuration Checklist Description Format (XCCDF)
Additionally, the openSCAP package includes an application to generate SCAP reports about system configuration. openSCAP is now a fully supported package in Red Hat Enterprise Linux 6.1.

Smartcard support for SPICE

The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol designed for virtual environments. SPICE users can view a virtualized desktop or server from the local system or any system with network access to the server. Red Hat Enterprise Linux 6.1 introduces support for smartcard passthough via the SPICE protocol.

Note

The Security Guide assists users and administrators in learning the processes and practices of securing workstations and servers against local and remote intrusion, exploitation and malicious activity.