Automate Continuous Compliance for Windows Server 2012 and Windows Server 2019

February 12, 2020 - Mehul Revankar

SaltStack Enterprise 6.2 is now generally available and represents our continued commitment to providing innovative solutions for security and IT operations teams. This new SaltStack Enterprise release is even faster and more scalable than ever, and it now includes automate continuous compliance support for Windows Server. The 6.2 release highlights we’ll cover in this blog post include: 

  • New CIS certified content for Windows Server 2012 and Windows Server 2019.
  • Optimizations to make SaltStack Enterprise even faster and more scalable than ever.

Read the second 6.2 blog post if you would like to learn more about additional SaltStack Enterprise 6.2 highlights including SaltStack Protect integration with Tenable and SaltStack integration with Splunk.

Click for access to free hosted trial version of SaltStack Enterprise.

New CIS Certified Content for Windows Server

Probably the most common request we’ve had from customers was for more CIS-certified content for Windows Server. Now it is here. SaltStack Enterprise 6.2 now includes certified CIS content for Windows Server 2012 and Windows Server 2019. SaltStack Comply customers can use this new Windows Server content to drive continuous compliance for infrastructure security.

SaltStack Enterprise is now even faster and more scalable

In SaltStack Enterprise 6.2 we also optimized communications between the Salt Master and the SaltStack Enterprise operations framework. To drive significant performance improvements on the Salt Master we added an intermediate SQLite database layer to queue events from the Salt Master to SaltStack Enterprise. 

This approach has two unique performance benefits. First, it has unblocked the Salt Master from receiving additional events from the Salt Minion resulting in almost 20x more throughput in terms of events that can be processed.  Second, the events queued in the database persist across network communication failures and Salt Master restarts.

An additional feature of the updated Salt Returner is the ability to forward events to any Salt Returner of choice such as Redis, a SQL database, or even a local file.
Here’s an example of how the forwarder can be configured in the SaltStack Enterprise Operations Framework (raas.conf) on the Salt Master to write events to a file. These stored events can then be sent to a monitoring solution such as Splunk, Datadog, ElasticSearch or a similar service.

Try SaltStack Software

Join this webinar to see a demo of the SaltStack Enterprise 6.2 release in action. If you want to see for yourself, there are three ways to try SaltStack software depending on your familiarity: