.gif)
Bandolier Security Audit Files help asset owners and vendors identify and audit optimal security configuration for control system servers and workstations. In this Department of Energy funded project, Digital Bond partners with leading control system application vendors to establish practical security configuration guidance for SCADA, DCS, and other industrial control system components. Digital Bond then creates and distributes specialized security audit files that can be used with the Nessus vulnerability scanner. Bandolier, in conjunction with Nessus, is the most widely used security tool in industrial control systems.
The Bandolier Baselines represent the OS vendor / industry advice for the best practice security configuration that is then slightly modified for settings that will cause problems for control systems. Below are the available Bandolier Baselines.
| Vendor | OS Name |
| Microsoft | Windows 7 |
| Microsoft | Windows Server 2008 R2 |
Below is the list of Bandolier Security Audit Files and their current status.
| Vendor | Application Name | Version | Operating System | Status |
| ABB | 800xA PPA Connectivity Server | 5.x | Windows Server 2003 | 1.0 |
| ABB | 800xA PPA Aspect Server | 5.x | Windows Server 2003 | 1.0 |
| ABB | 800xA PPA Historian | 5.x | Windows Server 2003 | 1.0 |
| ABB | 800xA PPA Domain Controller | 5.x | Windows Server 2003 | Development |
| ABB | 800xA PPA Eng/Operator Workplace | 5.x | Windows XP | 1.0 |
| Alstom Grid | e-terraplatform (Production Server) | 2.5 | Windows Server 2003 | 1.1 |
| Alstom Grid | e-terraplatform (Production Server) | 2.5 | Red Hat Linux 5.3 | 1.1 |
| Alstom Grid | e-terraplatform (Production Server) | 2.6 | Windows Server 2008 R2 | 1.0 |
| Alstom Grid | e-terraplatform (Production Server) | 2.6 | Red Hat Linux 5.5 | 1.0 |
| Alstom Grid | e-terrabrowser (Web Display Server) | 3.5 | Windows Server 2003 (IIS v6) | 1.1 |
| Alstom Grid | e-terrabrowser (Web Display Server) | 3.5 | Red Hat Linux 5.3 (Apache v2.0) | 1.1 |
| Alstom Grid | e-terrabrowser (Web Display Server) | 3.6 | Windows Server 2008 R2 | 1.0 |
| Alstom Grid | e-terrabrowser (Web Display Server) | 3.6 | Red Hat Linux 5.5 (Apache v2.2) | 1.0 |
| Alstom Grid | e-terrabrowser (Client) | 3.5 | Windows XP | 1.1 |
| Alstom Grid | e-terrabrowser (Client) | 3.6 | Windows 7 | 1.0 |
| Alstom Grid | e-terracontrol (Data Acquisition) | 3.6 | Windows Server 2008 R2 | 1.0 |
| CSI Control Systems International | UCOS PHA – Historian | 5.2 | Windows 2008 Server R2 | 1.0 |
| CSI Control Systems International | UCOS FCU App Server | 1.0 | CENTOS | 1.0 |
| CSI Control Systems International | UCOS Operator Work Station | 5.2 | Windows 7 | 1.0 |
| CSI Control Systems International | UCOS PHA – Historian | 5.2 | Windows 2008 Server R2 | 1.0 |
| Emerson | Ovation Engineering Workstation | 3.1 | Windows XP | 1.0 |
| Emerson | Ovation Operator Workstation | 3.1 | Windows XP | 1.0 |
| Emerson | Ovation Process Historian | 3.1 | Windows Server 2003 | 1.0 |
| Emerson | Ovation SCADA Communication Server | 3.1 | Windows Server 2003 | 1.0 |
| Matrikon | Security Gateway Tunneller | Windows Server 2003 | 1.1 | |
| OSIsoft | PI Enterprise Server | 3.3.x-3.4.x | Windows Server 2003 | 1.3.7 |
| OSIsoft | PI Enterprise Server | 3.4.x | Windows Server 2008 R2 | 1.5 |
| Siemens | Spectrum Power TG SCADA Host | 8.2 | Red Hat Linux | 1.1 |
| Siemens | Spectrum Power TG SCADA Workstation | 8.2 | Windows XP | 1.1 |
| Siemens | Spectrum Power TG Web Console | 8.2 | Windows Server 2003 | 1.1 |
| SISCO | AX-S4 ICCP Server | 4.0059.2 | Windows Server 2003 | 1.1 |
| SNC-Lavalin ECS | GENe SCADA | GENe | Red Hat Linux | 1.1 |
| Telvent | OASyS DNA Realtime Server | 7.5 | Windows Server 2003 | 1.1 |
| Telvent | OASyS DNA Historian | 7.5 | Windows Server 2003 | 1.1 |
| Telvent | OASyS DNA XOS | 7.5 | Windows XP | 1.1 |
| Telvent | OASyS Engineering Station | 7.5 | Windows Server 2003 | 1.1 |
