The Configuration Manager Sustained Engineering team is pleased to announce the release of the SCAP Extensions version 3.0 for System Center Configuration Manager. You can download it from the Microsoft Download Center:
. This new release of the SCAP Extensions was
on August 28
2015 by the National Institute of Standards and Technology (NIST), for version 1.2 of the Security Content Automation Protocol (SCAP) specification with Authenticated Configuration Scanner capability with Common Vulnerabilities and Exposures (CVE) option.
What’s new in this release
SCAP Extensions version 3.0 for System Center Configuration Manager:
Fully supports converting SCAP Content to Compliance Settings baselines for:
System Center 2012 Configuration Manager SP1
System Center 2012 Configuration Manager SP2
System Center 2012 R2 Configuration Manager
System Center 2012 R2 Configuration Manager SP1.
Supports SCAP version 1.2 and is backward compatible with SCAP versions 1.1 and 1.0.
Supports Extensible Configuration Checklist Description Format (XCCDF) version 1.2.
Supports Open Vulnerability and Assessment Language (OVAL) versions up to 5.10.
Supports generating Asset Reporting Format (ARF) 1.1 reports.
Supports Common Platform Enumeration (CPE) 2.3
Supports Common Vulnerabilities and Exposures (CVE)
Supports Common Configuration Enumeration (CCE) version 5
Supports USGCB Internet Explorer 8, USGCB Windows 7 and USGCB Windows 7 Firewall.
Allows selection of SCAP Source Data Streams, and XCCDF benchmarks and profiles for conversion.
Allows selection of a standalone OVAL file or an OVAL file paired with an OVAL external variable file.
Supports generating the Cyberscope Lightweight Asset Summary Results (LASR) report.
Supports generating SCAP reports based on collections in addition to reports based on a single machine.
Allows conversion to multiple Configuration Baselines from a single source to achieve better load-and-balancing on the client during evaluation.
Uses Windows PowerShell scripts instead of VBScripts in the Configuration Items for all OVAL test types.
No longer needs to deploy an inventory tool to client machines, such as SCMDCM.exe used in the prior release.