By Yilin Li, Senior Security Engineer of Alibaba Cloud, CIS Compliance Header of Alibaba Cloud Linux, Core Developer of the OpenAnolis Community
Source / the CIS Official Website
The CIS security baseline (Alinux 3 CIS benchmark v1.0.0) of Alibaba Cloud's third-generation distributed operating system named Alibaba Cloud Linux 3 (hereinafter referred to as Alinux 3) which is based on Anolis OS, has officially completed the CIS certification. Passing the CIS certification means the security assurance of cloud-based enterprises will be raised to a higher level. Alinux 3 is fully compatible with the ecosystem of RHEL/CentOS 8. With the EOL (End of Life) of CentOS 8，using Alinux3 to replace CentOS has also become the choice of some enterprises.
CIS (Center for Internet Security) is a well-known non-profit computer security organization with decades of history. It is committed to using the online-community model to create excellent security practice solutions (various benchmarks) with large corporations, goverment agencies, and academic institutions. Most of the currently released operating systems, including CentOS, Ubuntu, and Windows, have provided the CIS benchmarks. The CIS benchmark certification has become one of the most important criteria for many Alibaba Cloud customers to judge the security of operating systems.
It is reported that guided by the experience of Alinux 2 CIS productization, CIS Alinux 3 Benchmark v1.0.0 offers 266 specific security suggestions for six aspects of Alinux 3, including initial (1) Initial Setup, (2) Services, (3) Network Configuration, (4) Logging and Auditing, (5) Access, Authentication, Authorization, (6) System Maintenance. Each item includes a corresponding Profile Applicability, Assessment Status, Description, Rationale, Audit, Remediation, and References. You can choose appropriate items to harden Alinux 3 system based on the requirements, or improve the security level of other compatible operating systems based on this Alinux 3 CIS Benchmark.
Qin Long, Head of the Operating System Security Team of Alibaba Cloud, said, "Currently, Alibaba Cloud is the only operating system vendor in China that has passed the CIS certification. However, the Alinux 3 CIS certification is just a beginning. We will continue to improve the corresponding production tools together with CIS, such as the Build Kit hardening tool and the CIS-CAT scanning & verification tool, to further improve the security level of Alinux 3. At the same time, Alibaba Cloud has always insisted on open source and giving back to open source. As a downstream distribution of Anolis OS, Alinux 3 is expected to contribute the experience of the Operating System Team of Alibaba Cloud on the CIS certification to the OpenAnolis community to promote the development of the OpenAnolis community."
The CIS Alinux 3 Benchmark v1.0.0 officially passed the entire CIS certification on February 06, 2022, and CIS released the CIS Alinux 3 Benchmark v1.0.0. You can download CIS Alinux 3 Benchmark v1.0.0 via the following three methods:
You can visit the CIS download page and find
CIS Alibaba Cloud Linux 3 Benchmark v1.0.0 shown as the following figure to download:
You can visit the CIS Alinux 3 Benchmark v1.0.0 PDF page to download. You only need to register a CIS account. Then, log in and download it. This method is relatively simple and allows you to be subsequently involved in the discussion and development of the CIS community.
You can download it from the CIS Benchmarks homepage. Then following the steps mentioned below to fill in the email address and other information, you can eventually download the corresponding benchmark from your email. The specific steps are listed below:
First, select the category as shown in the figure below:
Then, find the CIS Benchmark for Alibaba Cloud Linux 3:
Fill in the basic information:
Finally, you will receive an email from CIS in the mailbox you filled in above, please click to download the corresponding benchmark.
Alibaba Cloud ECS - April 7, 2020
Alibaba Cloud Community - November 12, 2021
Alibaba Cloud Native - October 17, 2022
Alibaba Clouder - April 26, 2019
Alibaba Clouder - July 15, 2019
Alibaba Cloud Community - May 16, 2022
Alibaba Cloud is committed to safeguarding the cloud security for every business.Learn More
Reach global users more accurately and efficiently via IM ChannelLearn More
Simple, secure, and intelligent services.Learn More
Take advantage of the cost effectiveness, scalability, and flexibility of Alibaba Cloud's infrastructure and services, as well as the proven reliability of Red Hat Enterprise Linux and Alibaba Cloud's support backed by Red Hat Global Support Services.Learn More
More Posts by OpenAnolis