Sold by: Center for Internet Security
Deployed on AWS
Free Trial
AWS Free Tier
This product has charges associated with the pre-built hardening to the CIS Benchmarks™ and recurring maintenance. The CIS Hardened Images® are hardened in accordance with the associated CIS Benchmarks, an industry best practice for secure configuration. Reduce cost, time, and risk by building your AWS solution with CIS AMIs.
5
Overview
Video
Video 1
Video
Video 2
Video
Video 3
The CIS Hardened Image Level 1 on Microsoft Windows Server 2016 is a pre-configured image built by the Center for Internet Security (CIS®) for use on Amazon Elastic Compute Cloud (Amazon EC2). It is a pre-configured, security-hardened image that aligns with the robust security recommendations, the CIS Benchmarks, making it easier for organizations to meet regulatory requirements. Not only is this image pre-hardened to the CIS Benchmarks guidance, but it is also patched monthly in alignment with the updates from the software vendor.
Key Benefits
This image is hardened against the corresponding Level 1 profile which is intended to be practical and prudent, provide a clear security benefit, and not inhibit the utility of the technology beyond acceptable means. No components are installed on or removed from this image outside of those already present on the base image or as recommended in alignment with the corresponding CIS Benchmark recommendations.
To demonstrate conformance to the CIS Microsoft Windows Server 2016 Level 1 Benchmark, industry-recognized hardening guidance, each image includes an HTML report from CIS Configuration Assessment Tool (CIS-CAT® Pro). Each CIS Hardened Image contains the following files:
These reports are located in C:\CIS Hardening Reports.
If this instance is used in a domain environment where policies are managed globally, the majority of the security settings will be changed and managed by domain policies.
For customized pricing options or private offers, reach out to us at cloudsecurity@cisecurity.org .
To learn more or access the corresponding CIS Benchmark, please visit https://www.cisecurity.org/cis-benchmarks or sign up for a free account on our community platform, CIS WorkBench, https://workbench.cisecurity.org/ .
Highlights
- Hardened according to a Level 1 CIS Benchmark that is developed in a consensus-based process and that is accepted by government, business, industry, and academia.
- Helps with compliance to PCI DSS, FedRAMP, DoD Cloud Computing SRG, FISMA, select NIST publications, and more.
- Pre-configured to align with industry best practices that are developed and supported by CIS, this image has hardened account and local policies, firewall configuration, and computer-based and user-based administrative templates.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
Win2016 10.0.14393
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
If you are an AWS Free Tier customer with a free plan, you are eligible to subscribe to this offer. You can use free credits to cover the cost of eligible AWS infrastructure. See AWS Free Tier for more details. If you created an AWS account before July 15th, 2025, and qualify for the Legacy AWS Free Tier, Amazon EC2 charges for Micro instances are free for up to 750 hours per month. See Legacy AWS Free Tier for more details.
Dimension | Cost/hour |
|---|---|
t2.large Recommended | $0.022 |
t2.micro | $0.02 |
t3.micro | $0.022 |
r5dn.xlarge | $0.024 |
m7a.8xlarge | $0.05 |
c7a.xlarge | $0.024 |
g5.12xlarge | $0.055 |
t2.nano | $0.02 |
c6id.12xlarge | $0.055 |
g6.24xlarge | $0.06 |
Vendor refund policy
Refunds through AWS are not available at this time. You will only be billed for actual time of instance use. As with all CIS security products, our aim is always 100 percent customer/member satisfaction.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
NA
Additional details
Usage instructions
Once the instance is running, choose Get Windows Password in the EC2 console then connect using a Remote Desktop Connection (RDP) client. The RDP client MUST be able to authenticate using NTLMv2. See https://technet.microsoft.com/en-us/library/cc738867%28v=ws.10%29.aspx for more information. Immediately apply latest security updates after launching the instance.
Support
Vendor support
Questions, feedback, and support accessing CIS-developed AMIs is provided by contacting
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Center for Internet Security
By Canonical Group Limited
By Arara Solutions
Top
10
In Operating Systems, Security
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Security Hardening Framework
Image hardened according to CIS Benchmark Level 1 profile with consensus-based security configuration guidance accepted by government, business, industry, and academia.
Configuration Assessment and Reporting
Includes CIS-CAT Pro HTML reports documenting baseline configuration, post-hardening assessment, and exceptions to benchmark recommendations.
Regulatory Compliance Alignment
Supports compliance requirements for PCI DSS, FedRAMP, DoD Cloud Computing SRG, FISMA, and select NIST publications.
Security Policy Implementation
Pre-configured hardened account and local policies, firewall configuration, and computer-based and user-based administrative templates.
Patch Management
Monthly patching aligned with software vendor updates to maintain security standards and system currency.
FIPS Certification
FIPS 140-2 certified kernel and cryptographic modules included out of the box with ongoing security updates
Extended Security Coverage
Security patches available for over 23,000 open source packages in the Ubuntu Universe repository with 10 years of support through Expanded Security Maintenance
Compliance Hardening Profiles
CIS and DISA-STIG hardening profiles accessible through Ubuntu Security Guide tooling for guided compliance configuration
Cryptographic Module Updates
FIPS-certified cryptographic components with continuous security updates maintained throughout the support lifecycle
Long-term Support
10-year security coverage period for the operating system and included packages
Operating System Hardening
Amazon Linux 2 configured with STIG Benchmark High standard for enhanced security posture
Security Standards Compliance
Implementation of Defense Information System Agency (DISA) Security Technical Implementation Guides (STIGs) for system hardening
EMR Compatibility
Tested and compatible with Amazon Elastic MapReduce (EMR) for distributed computing workloads
Continuous Security Updates
Access to continuous security updates available through new versions of the image
Multi-Application Support
Suitable for deployment across various applications beyond EMR environments
Standard contract
No
No
Customer reviews
Rahul
How to perform inplace upgrade for CIS benchmark Windows server 2016 to Windows server 2022
Reviewed on Jan 28, 2025
Review from a verified AWS customer
How to perform in-place upgrade for CIS benchmark Windows server 2016 to Windows server 2022, can you please help us with this ask.