STIGQter STIGQter: STIG Summary: Exchange 2010 Mailbox Server STIG Version: 1 Release: 10 Benchmark Date: 28 Jul 2017:

Email servers must have Email aware virus protection.

DISA Rule

SV-44048r1_rule

Vulnerability Number

V-33628

Group Title

Exch-3-811

Rule Version

Exch-3-811

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Install or upgrade scanning products to VSAPI version 2.6 or higher.

Configure mail stores to be scanned with products at VSAPI version 2.6 or higher.

Check Contents

Obtain the email Domain Security Plan (EDSP) and locate the anti-virus strategy information.
Validate that the message stores AV scanner product is Exchange 2010 compatible or VSAPI 2.6 compliant.

If email servers are using email-aware AV product that is Exchange 2010 compliant or has VSAPI version 2.6 or higher, this is not a finding.

Vulnerability Number

V-33628

Documentable

False

Rule Version

Exch-3-811

Severity Override Guidance

Obtain the email Domain Security Plan (EDSP) and locate the anti-virus strategy information.
Validate that the message stores AV scanner product is Exchange 2010 compatible or VSAPI 2.6 compliant.

If email servers are using email-aware AV product that is Exchange 2010 compliant or has VSAPI version 2.6 or higher, this is not a finding.

Check Content Reference

M

Target Key

1995

Comments