Industry Leading Platform & Standards Support

With its advanced remote-scanning capabilities and broad platform coverage, Joval makes it possible to scan virtually any device on the network, from any other Java-enabled device.

Standards Support

Joval is a robust, enterprise-strength implementation of the SCAP 1.2 family of specifications, and supports the following schema versions:

  • SCAP (Security Content Automation Protocol) Datastream 1.2
  • XCCDF (eXtensible Configuration Checklist Definition Format) 1.2
  • OVAL (Open Vulnerability Assessment Language) 5.11.1
  • OCIL (Open Checklist Interactive Language) 2.0
  • CPE (Common Product Enumeration) 2.3
  • ARF (Asset Reporting Format) 1.1
  • AI (Asset Information) 1.2
  • SCE (Script Check Engine) 1.0

Scan Target Platform Support

  • Windows: Windows XP SP3+, Windows Server 2003 SP2+
  • Linux: RHEL 5+, Fedora 14+, SUSE Desktop 10+, SUSE Enterprise Server 9+, Ubuntu 8.10+, Debian 6.0+
  • Apple: OSX Snow Leopard+, iOS 5.1+
  • Cisco: IOS 12.2+,  IOS-XE 12.2+, ASA 9.0+
  • Juniper JunOS 8.5R1+
  • IBM AIX 6.1+, RHEL 6+ on System Z
  • Oracle Solaris 8+
  • HP-UX 11.23+
  • FreeBSD 8.4+
  • VMWare ESXi 5.0+

Windows

Microsoft® Windows® is the most widely-deployed desktop operating system in government and enterprise environments, and also enjoys significant server market-share as well. Locking down this platform therefore takes top billing in virtually any IT security initiative. Joval has the power to leverage Microsoft’s built-in web service protocols to deliver a complete Windows scanning solution without the need for agents — not even the so-called “dissolving agents” that other supposedly “agentless” solutions are known to deploy.

Next  Steps

  1. Review Joval’s support for Microsoft Windows, below.
  2. Download a free copy of Joval and see for yourself how easy it is to use to scan Windows servers and desktops.
  3. Try out the USGCB Windows 7 SCAP 1.2 datastream content from NIST using XPERT, our command-line XCCDF scanner.

OVAL Schema Support

  • Windows Schema
    • Access Token Test
    • Active Directory Test (Legacy and 5.7)
    • Audit Event Policy Test
    • Audit Event Policy Subcategories Test
    • Cmdlet Test
    • DNS Cache Test
    • File Test
    • File Audited Permissions Test (Legacy and 5.3)
    • File Effective Rights Test (Legacy and 5.3)
    • Group Test
    • Group SID Test
    • Interface Test
    • License Test
    • Lockout Policy Test
    • Metabase Test
    • NT User Test
    • Password Policy Test
    • Port Test
    • Printer Effective Rights Test
    • Process Test (Legacy and 5.8)
    • Registry Test
    • RegKey Audited Permissions Test (Legacy and 5.3)
    • RegKey Effective Rights Test (Legacy and 5.3)
    • Service Test
    • Service Effective Rights Test
    • Shared Resource Test
    • SID Test
    • SID SID Test
    • System Metric Test
    • UAC Test
    • User Test
    • User SID Test (Legacy and 5.5)
    • User Right Test
    • Volume Test
    • WMI Test (Legacy and 5.7)
    • WUA Update Searcher Test
  • Independent Schema
    • Environment Variable Test (Legacy and 5.8)
    • Family Test
    • Filehash Test (Legacy and 5.8)
    • LDAP Test (Legacy and 5.7)
    • SQL Test (Legacy and 5.7)
    • Text File Content Test (Legacy and 5.4)
    • Unknown Test
    • Variable Test
    • XML File Content Test

Unix

Security scanning isn’t just for desktops. Server infrastructure hosting critical back-office systems are also vulnerable to security risks, which have serious consequences when breached. Joval supports virtually every Unix flavor deployed in enterprises today.

Next Steps

  1. Review Joval’s support for Unix operating system platforms, below.
  2. Download a free copy of Joval and see for yourself how easy it is to use to scan Unix servers and desktops.
  3. Download OVAL security definitions directly from RedHat, SUSE and MITRE, according to your chosen Unix target platform.

OVAL Schema Support

The Joval Local and Remote scan plug-ins support the following OVAL tests on Unix:

On all Unix flavors:

Flavor-specific tests:

  • Unix Schema
    • Dnscache Test
    • File Test
    • File Extended Attribute Test
    • Gconf Test
    • Inetd Test
    • Interface Test
    • Password Test
    • Process Test (Legacy and 5.8)
    • Routing Table Test
    • Runlevel Test
    • SCCS Test
    • Shadow Test
    • Symlink Test
    • Sysctl Test
    • Uname Test
    • Xinetd Test
  • Independent Schema
    • Environment Variable Test (Legacy and 5.8)
    • Family Test
    • File Hash Test (Legacy and 5.8)
    • LDAP Test (Legacy and 5.7)
    • SQL Test (Legacy and 5.7)
    • Text File Content Test (Legacy and 5.4)
    • Unknown Test
    • Variable Test
    • XML File Content Test
  • Windows Schema*
    • File Test
  • AIX Schema
    • Fileset Test
    • Fix Test
    • Interim Fix Test
    • No Test
    • Oslevel Test
  • FreeBSD Schema
    • Portinfo Test
  • HP-UX Schema
    • Getconf Test**
    • Ndd Test
    • Patch Test (Legacy and 5.3)
    • Swlist Test
    • Trusted Test
  • Linux Schema
    • APT Test
    • Dpkginfo Test
    • Iflisteners Test
    • Inet Listening Servers Test
    • Partition Test
    • RPM Info Test***
    • RPM Verify Test (Legacy)***
    • RPM Verify File Test***
    • RPM Verify Package Test***
    • SE Linux Boolean Test
    • SE Linux Security Context Test
    • Slackwarepkginfo Test
    • Systemd Unit Dependency Test
    • Systemd Unit Property Test
  • Solaris Schema
    • ISA Info Test
    • NDD Test
    • Package Test
    • PackageCheck Test
    • Patch Test (Legacy and 5.4)
    • SMF Test

* Required for use-cases involving WINE and/or SAMBA
** The getconf test runs on all Unix flavors, including Mac OSX
*** RPM tests also run on AIX

MacOS X

Apple is making significant inroads as a desktop platform for both government and commercial applications, particularly for high-end users. Yet the systems management tools for OSX are not as mature or widely-available as those focusing on Windows desktops. This is a potentially dangerous combination for data security.

Next Steps

  1. Review Joval’s support for Apple MacOS X, below.
  2. Download a free copy of Joval and see for yourself how easy it is to use to scan Apple MacOS X workstations.

OVAL Schema Support

The Joval Local and Remote scan plug-ins support the following OVAL tests on Mac OS X:

  • Apple Macintosh Schema
    • Account Info Test
    • Authorization DB Test
    • Core Storage Test
    • Diskutil Test
    • Gatekeeper Test
    • Inet Listening Servers Test (Legacy and 5.10)
    • Keychain Test
    • Launchd Test
    • Nvram Test
    • Plist Test (Legacy and 5.10)
    • Pwpolicy Test (Legacy and 5.9)
    • Rlimit Test
    • Softwareupdate Test
    • Systemprofiler Test
    • Systemsetup Test
  • Independent Schema
    • Environment Variable Test (Legacy and 5.8)
    • Family Test
    • File Hash Test (Legacy and 5.8)
    • LDAP Test (Legacy and 5.7)
    • SQL Test (Legacy and 5.7)
    • Text File Content Test (Legacy and 5.4)
    • Unknown Test
    • Variable Test
    • XML File Content Test
  • Unix Schema
    • Dnscache Test
    • File Test
    • File Extended Attribute Test
    • Inetd Test
    • Interface Test
    • Password Test
    • Process Test (Legacy and 5.8)
    • Routing Table Test
    • Runlevel Test
    • Shadow Test
    • Symlink Test
    • Uname Test
  • Windows Schema*
    • File Test

* Required for use-cases involving WINE and/or SAMBA

VMWare ESX

VMWare ESX/ESXi is the market leader in enterprise virtualization infrastructure, powering private cloud environments used by the vast majority of Fortune 500 companies and government agencies. In addition to the OVAL schema for ESX, Joval supports a variety of Unix-type and platform-independent tests on ESX host systems.

Next Steps

  1. Review Joval’s support for ESX/ESXi, below.
  2. Download a free copy of Joval and see for yourself how easy it is to use to scan VMWare virtual infrastructure.

OVAL Schema Support

The Joval Remote scan plug-in supports the following OVAL tests on ESX/ESXi (local scanning is not supported):

  • VMWare ESX Schema
    • Version Test
  • Unix Schema
    • File Test
    • Interface Test
    • Password Test
    • Shadow Test
    • Symlink Test
    • Uname Test
  • Independent Schema
    • Environment Variable Test (Legacy only)
    • Family Test
    • File Hash Test (Legacy and 5.8)
    • Text File Content Test (Legacy and 5.4)
    • Unknown Test
    • Variable Test
    • XML File Content Test

Cisco

The vast majority of security vulnerabilities involve network access, so it is critical for the security automation standards community to make a serious effort to expand support for network devices of all kinds. Cisco IOS is the most widely-deployed network device operating system in the world, with over 50% market share, and therefore it presents a natural starting point for any such effort.

Joval features more comprehensive support for Cisco IOS, IOS-XE and ASA devices than any other OVAL scanner on the market, and offers the only complete implementation of the OVAL schemas for Cisco. Unlike other implementations, Joval was designed from the ground up to scan machines remotely. This makes it an ideal platform for performing OVAL assessments against routers, firewalls, access points, and other network infrastructure components.

Next Steps

  1. Review Joval’s support for the Cisco OVAL schemas, below.
  2. Download a free copy of Joval and see for yourself how easy it is to use to scan Cisco IOS devices.
  3. Download Cisco content directly from Cisco support.

OVAL Schema Support

The Joval Remote plugin supports the following tests for Cisco:

  • Cisco IOS Schema
    • ACL Test
    • BGP Neighbor Test
    • Global Test
    • Interface Test
    • Line Test
    • Router Test
    • Routingprotocolauthinf Test
    • Section Test
    • SNMP Test
    • SNMP Community Test
    • SNMP Group Test
    • SNMP Host Test
    • SNMP User Test
    • SNMP View Test
    • Tclsh Test
    • Version Test (Legacy and 5.5)
  • Cisco ASA Schema
    • ACL Test
    • Classmap Test
    • Interface Test
    • Line Test
    • Policy Map Test
    • Service Policy Test
    • SMTP Group Test
    • SMTP Host Test
    • SMTP User Test
    • TCP Map Test
    • Version Test
  • Cisco IOS-XE Schema
    • ACL Test
    • BGP Neighbor Test
    • Global Test
    • Interface Test
    • Line Test
    • Router Test
    • Routingprotocolauthinf Test
    • Section Test
    • SNMP Community Test
    • SNMP Group Test
    • SNMP Host Test
    • SNMP User Test
    • SNMP View Test
    • Version Test
  • NETCONF Schema
    • Config Test (IOS and IOS-XE devices only)
  • Independent Schema
    • Family Test
    • Unknown Test
    • Variable Test

Juniper

We wrote the book on JunOS. Well, actually we wrote the OVAL schema for Juniper JunOS.

The Joval team unveiled two network device schemas to the OVAL community at the July 2012 SCAP Developer Days conference: NETCONF and Juniper JunOS. The tests we introduced in the experimental JunOS schema include familiar analogs to the existing OVAL schemas for Cisco devices, extended to leverage the unique manageability features offered by Juniper’s XML support. Joval is the only OVAL scanner currently offering support for the popular Juniper network device platform.

Next Steps

  1. Review Joval’s support for JunOS, below.
  2. Download a free copy of Joval and see for yourself how easy it is to use to scan JunOS network devices.
  3. Check out the JunOS hardening STIG content developed by C3I Security to get started with standards-based JunOS scanning.

OVAL Schema Support

The Joval Remote plugin supports the following tests on Juniper JunOS:

  • Juniper JunOS Schema
    • Show Test
    • Version Test
    • XML Config Test
    • XML Show Test
  • NETCONF Schema
    • Config Test
  • Independent Schema
    • Family Test
    • Unknown Test
    • Variable Test

Mobile

OVAL for your iPhone? But, of course!

Mobility is more than just a hot new trend. It is the key to unlocking new productivity gains in the information economy, one that both governments and corporations of all sizes hope will drive future growth, while simultaneously lowering costs.

Apple’s iOS has become a dominant force, driving explosive growth in the proliferation of smart mobile devices. But its success has come at the cost of managed platforms like RIM, that provided the means to secure access to corporate data.

While standards efforts typically lag behind the state-of-the-art, OVAL already provides relevant utility in addressing the security configuration of iOS-powered devices. The NSA has recognized this fact, and recently published its security recommendations for the iOS 5 platform, in the old XCCDF 1.1 format.

Next Steps

The current version of Joval has the capability to run the NSA’s content, using its offline plugin. Simply follow these instructions to see it in action!

  1. Download a free copy of Joval.
  2. Download the NSA’s SCAP 1.1 Content Bundle.
  3. Extract your organization’s mobile device configuration plist from your MDM solution (or download our sample plist).
  4. Write a configuration file to point Joval’s “offline” plugin to the plist file.
  5. Run XPERT (Joval’s built-in XCCDF interpreter), selecting either the Enterprise-Owned or Bring-Your-Own-Device benchmark profile.