FDCC |
|
NIST
Resources
|
|
Other
Resources |
|
|
|
|
|
Federal Desktop Core
Configuration
FDCC
- DOWNLOAD PAGE -
WARNING NOTICE
|
Do not attempt
to implement any of the settings without first testing them in
a non-operational environment.
These recommendations have only been tested on Windows XP Professional SP2,
Windows XP Professional SP3, and Windows Vista SP1 systems. These settings may be
applicable to other Windows systems and service packs; however, NIST has not tested
other Windows based systems with these settings. Please see the National Checklist
Program (NCP) website for configuration guides related to other Windows
Based systems and applications.
The draft download
packages contain recommended security settings; they are not meant
to replace well-structured policy or sound judgment. Furthermore,
these recommendations do not address site-specific configuration
issues. Care must be taken when implementing these settings to
address local operational and policy concerns.
These recommendations
were developed at the National Institute of Standards and Technology,
which collaborated with OMB, DHS, DISA, NSA, USAF, and Microsoft to
produce the Windows XP and Vista FDCC baseline. Pursuant to title
17 Section 105 of the United States Code, these recommendations
are not subject to copyright protection and are in the public
domain. NIST assumes no responsibility whatsoever for their use
by other parties, and makes no guarantees, expressed or implied,
about their quality, reliability, or any other characteristic.
We would appreciate acknowledgement if the recommendations are
used.
|
Download Packages
|
2009.08.06
FDCC OVAL 5.3 patch content updated.
2009.07.21
FDCC OVAL 5.3 patch content updated.
2009.06.30
FDCC OVAL 5.3 patch content updated.
2009.04.17
FDCC OVAL 5.3 patch content updated.
2009.04.08
FDCC Major Version 1.2.x.0 SCAP Content released.
The FDCC settings have not changed.
The update includes a number of corrections in the SCAP content.
A detailed listing of the changes is available. This release also includes updated FDCC
settings documentation, as well as the 2009 Q1 VHDs and GPOs.
2009.02.28
FDCC OVAL 5.3 patch content updated.
2008.12.03
FDCC OVAL 5.3 patch content updated.
2008.10.31
FDCC Major Version 1.1 SCAP Content released.
The FDCC settings have not changed. The update includes a number of corrections in the SCAP content, as well as full support for OVAL 5.3 and 5.4.
A detailed listing of the changes is available.
2008.10.30
2008 Q4 VHDs Released. No settings have changed in this release. The FDCC VHDs expire after 90 days and must be re-released.
2008.06.20
The updated Federal Desktop Core Configuration settings released on 20 June 2008 constitute Major Version 1.0 of FDCC. Relative to the previous version of FDCC, 40 settings have changed. Changes were derived from public comment during the April and May 2008 public comment periods, analysis of the 31 March 2008 Agency FDCC reports, and subject matter expertise.
FDCC Major Version 1.0 is based on Microsoft Windows XP Service Pack (SP) 2 and Microsoft Windows Vista SP 1. Although SCAP content has been engineered so that it will also operate on Windows XP SP3, near-term Windows XP patch checking will be oriented toward Windows XP SP2.
To coincide with the release of FDCC Major Version 1.0, new SCAP Content has also been made available. This SCAP Content is inclusive of the 40 FDCC settings changes. At this time, FDCC is comprised of 674 settings, 670 of which (99.4%) can be checked using the updated SCAP Content and an SCAP-Validated Tool. A listing of non-automated settings is available for your reference. NIST is coordinating future refinement of SCAP Content and expects to release minor versions of SCAP Content in the future as non-automated checks are automated.
New Microsoft-updated Group Policy Objects (GPO) and Virtual Hard Drive (VHD) files are also available. These files have been tested by NIST and made available through this Web page. These GPOs and VHDs are inclusive of the 40 FDCC settings changes. At this time, 625 out of 674 settings (92.7%) are embodied in GPOs and can therefore be centrally implemented via Microsoft Active Directory servers. A listing of settings that cannot be implemented via GPO is available for your reference.
Moving forward, we anticipate relatively few and infrequent changes to FDCC settings. The change control process is being actively discussed and documented as of 20 June 2008. The change control process will balance a number of factors, including but not limited to IT Provider feedback and existing SCAP Validation Program processes. The Office of Management and Budget will release more information about this process in the upcoming weeks.
2007.08.20
Please read the Download FAQs
to resolve issues with downloading, logging on, and activating
Windows Vista.
|
VHD Files
|
SHA-1 Digest
|
SHA-256 Digest
|
Note
|
Windows XP FDCC VHD Q1 2009 - Part 1 of 5 - Final [zip,
~610MB] |
319E2978E3BA0F8CC4
4CC14856E656CCBD3
564BA
|
38F0DD8B6BD89C2D2BF
E76ED417F7DD59A7930
2DD53B6BA03C20D5840
34FF48C
|
2009.04.08
2009 Q1 VHDs released
NOTE:
Download
the 5 files. Use WinZip to open the archive and extract
the .VHD file.
Please read the Download FAQs.
|
Windows
XP FDCC VHD Q1 2009 - Part 2 of 5 - Final [zip,
~696MB] |
E82CB2AE437AB0574
068C918207E52A466
094108
|
16660BCBBD9CA6E1CD
A049E48C389FE65736
D650520E6D591E0E83
DEB381DA5B
|
Windows
XP FDCC VHD Q1 2009 - Part 3 of 5 - Final [zip,
~696MB] |
0ABB6F8241730DC0
0506FDA2A97BA7602
19D6FAC
|
70EAEBA2E1555A82CB0
07D1B37D9482B808A2E
D175A16AD96BB714A486
B1532B
|
Windows
XP FDCC VHD Q1 2009 - Part 4 of 5 - Final [zip,
~696MB] |
A844FE8AFA459E980D
68C78E6F11988BE5FA
BFC5
|
488CEA450CCEBEF84C9
D896433B78E17F55062
019D44C2A3A0DF11DE4
F720847
|
Windows
XP FDCC VHD Q1 2009 - Part 5 of 5 - Final [zip,
~696MB] |
0A4CCE0664DB82FA4
4C7700537A32AB515
C884E7
|
43B75B4C57F47F92D
854E8AA5D0FCF4930
E60852E0DB871F834
F723ED8C97E4A
|
Windows
Vista FDCC VHD Q1 2009 - Part 1 of 6 - Final [zip,
~430MB] |
8ADA06ADF852A64F
BF80843CDC13E77B
9AA3B550
|
533D659006A6FAAF0
B4BC23552A8D8D60C
C09E9662A8C727927E
31D59F65A4A7
|
2009.04.08
2009 Q1 VHDs released - 5 files for this release
NOTE:
Download
the 6 files. Use WinZip to open the archive and extract the
.vhd file.
Please read the Download FAQs.
|
Windows
Vista FDCC VHD Q1 2009 - Part 2 of 6 - Final [zip,
~696MB] |
0A841D951FA68C44
8D9FB80627ADF86C
0BB1B231
|
58E0F93248740CBDF1
D72ED08B0A01EE85A1
292F70537BF9B8292C
F9F50BE648
|
Windows
Vista FDCC VHD Q1 2009 - Part 3 of 6 - Final [zip,
~696MB] |
19CF846E28C7694F81
555014B4CD553E8E45
90BB
|
474A6A19AA43983728
7DE5A983CD12D141928
F4ADBF2BA35C01F851
00DB43B93
|
Windows
Vista FDCC VHD Q1 2009 - Part 4 of 6 - Final [zip,
~696MB] |
46FE0CD2095825F97
A3CB7B6AF43214605
D85296
|
0C30B0EBA043D15C3
F640D66E04B53365DD
E4937FBC10111D7830
D270AA95691
|
Windows
Vista FDCC VHD Q1 2009 - Part 5 of 6 - Final [zip,
~696MB] |
2C7D3079EB9C2D11F9
8D96E90CEF21474E77
BA9F
|
D37B18EB18A71BBD705
875BECAF315CA37EDBF
BAEA815918EA4218F95
223ED13
|
Windows
Vista FDCC VHD Q1 2009 - Part 6 of 6 - Final [zip,
~696MB] |
3983707BBEE21688
D9904527608DAAF97
F9A65A9
|
B1A3BCF8F73FA87208
2CDC84CB12FAAA034A9
70F268926751B10D7D5
B4122B93
|
|
Updates History
|
Documentation
|
GPO Files
|
VHD Files
|
SCAP Content
|
|
|
|
2009.08.06
OVAL 5.3 patch content updated |
|
|
|
2009.07.21
OVAL 5.3 patch content updated |
|
|
|
2009.06.30
OVAL 5.3 patch content updated |
|
|
|
2009.04.17
OVAL 5.3 patch content updated |
2009.04.08
FDCC Settings major version 1.2.x.0
|
2009.04.08
2009 Q1 GPOs Released |
2009.04.08
2009 Q1 VHDs Released |
2009.04.08
Release 1.2 - Final |
|
|
|
2009.04.02
OVAL 5.3 patch content updated |
|
|
|
2009.02.28
OVAL 5.3 patch content updated |
|
|
|
2008.12.03
OVAL 5.3 patch content updated |
|
|
2008.10.30
2008 Q4 VHDs Released |
2008.10.31
Release 1.1 - Final |
2008.06.20
FDCC Settings major version 1.0
FDCC Settings Changes major version 1.0 |
2008.06.20
2008 Q3 GPOs Released |
2008.06.20
2008 Q3 VHDs Released |
2008.06.20
Release 1.0 - Final |
Please see the FDCC Archive for pre-final release content
|
Comments and Questions
|
Comments
and questions may be addressed to fdcc@nist.gov.
|
|