CIS IBM AIX 5.3 - AIX 6.1 Benchmark 1.1.0 Checklist Details (Checklist Revisions)

Supporting Resources:


Target CPE Name
IBM AIX 5.3 cpe:/o:ibm:aix:5.3 (View CVEs)
IBM AIX 6.1 cpe:/o:ibm:aix:6.1 (View CVEs)

Checklist Highlights

Checklist Name:
CIS IBM AIX 5.3 - AIX 6.1 Benchmark
Checklist ID:
Review Status:
Third Party: Center for Internet Security (CIS)
Original Publication Date:

Checklist Summary:

This document, Security Configuration Benchmark for AIX 5.3 and AIX 6.1, provides prescriptive guidance for establishing a secure configuration posture for AIX versions 5.3 and 6.1 running on the Power Systems platform. This guide was tested against AIX 5.3 TL-05 / TL-07 and AIX 6.1 TL-01, installed from IBM base installation media. To obtain the latest version of this guide, please visit If you have questions, comments, or have identified ways to improve this guide, please write us at

Checklist Role:

  • Server Operating System

Known Issues:

Not provided

Target Audience:

IBM AIX IT Professionals

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Tested on AIX 5.3 TL-05 / TL-07 and AIX 6.1 TL-01

Regulatory Compliance:

Not provided


Not provided


By using the Products and/or the Recommendations, I and/or my organization ("we") agree and acknowledge that: No network, system, device, hardware, software or component can be made fully secure; We are using the Products and the Recommendations solely at our own risk; We are not compensating CIS to assume any liabilities associated with our use of the Products or the Recommendations, even risks that result from CIS's negligence or failure to perform; We have the sole responsibility to evaluate the risks and benefits of the Products and Recommendations to us and to adapt the Products and the Recommendations to our particular circumstances and requirements; Neither CIS, nor any CIS Party (defined below) has any responsibility to make any corrections, updates, upgrades or bug fixes or to notify us if it chooses at it sole option to do so; and Neither CIS nor any CIS Party has or will have any liability to us whatsoever (whether based in contract, tort, strict liability or otherwise) for any direct, indirect, incidental, consequential, or special damages (including without limitation loss of profits, loss of sales, loss of or damage to reputation, loss of customers, loss of software, data, information or emails, loss of privacy, loss of use of any computer or other equipment, business interruption, wasted management or other staff resources or claims of any kind against us from third parties) arising out of or in any way connected with our use of or our inability to use any of the Products or Recommendations (even if CIS has been advised of the possibility of such damages), including without limitation any liability associated with infringement of intellectual property, defects, bugs, errors, omissions, viruses, worms, backdoors, Trojan horses or other harmful items.

Product Support:

No support agreement with product vendor

Point of Contact:


Not provided



Change History:

Updated to correct resource - Note - information request from CIS is required - 4/12/18
updated reference link per CIS instruction - 8/7/18
Updated URL - 7/26/19
Updated Reference URLs - 7/31/19
updated URLs - 9/24/19
updated reference URL - 9/27/19
Updated reference URL - 10/10/19
Updated references per IBM - 3/16/21


URL Description IBM Systems Information Centers AIX 5L Auditing and Accounting (Redbook) SG24-6396-00 AIX 6 Advanced Security Features (Redbook) SG24-7430-00 AIX 5.3 Differences Guide (Redbook) SG24-7463-00 AIX 6.1 Differences Guide (Redbook) SG24-7559-00 IBM AIX Operating System Service Strategy Details and Best Practices Dec 2008 (As of Dec 28th 2008)


Reference URL Description

NIST checklist record last modified on 03/16/2021