CEM for Linux
You can deploy the Compliance Enforcement Module (CEM) for Linux to help ensure that your servers and workstations on Linux operating systems comply with security recommendations. You can enforce the controls that are specified by the Center for Internet Security (CIS). Alternatively, you can apply the standards published in the US Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG).
CEM for Linux supports the following operating systems: Red Hat Enterprise Linux 7 and 8, CentOS Linux 7, AlmaLinux 8, and Oracle Linux 7 and 8.
To take advantage of new features, fixes, and improvements, install the latest version of CEM. You can learn about the latest release by reviewing the Release notes. Then, to install CEM, follow the instructions in Installing CEM. By default, CEM runs automatically on any classified nodes and does not require configuration. However, if you want to configure CEM to meet your organization's requirements, follow the instructions in Configuring CEM.