STIGQter STIGQter: STIG Summary: McAfee VSEL 1.9/2.0 Local Client Security Technical Implementation Guide

Version: 1

Release: 5 Benchmark Date: 25 Oct 2019

CheckedNameTitle
SV-77281r1_ruleThe McAfee VirusScan Enterprise for Linux Web interface must be disabled unless the system is on a segregated network.
SV-77561r1_ruleThe anti-virus signature file age must not exceed 7 days.
SV-77563r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to receive automatic updates.
SV-77565r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to enable On-Access scanning.
SV-77567r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to decompress archives when scanning.
SV-77569r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find unknown program viruses.
SV-77571r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find unknown macro viruses.
SV-77573r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find potentially unwanted programs.
SV-77575r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being written to disk.
SV-77577r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being read from disk.
SV-77579r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan all file types.
SV-77581r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds.
SV-77583r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must only be configured with exclusions that are documented and approved by the ISSO/ISSM/AO.
SV-77585r2_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean as first action when a virus or Trojan is detected.
SV-77587r2_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Quarantine if first action fails when a virus or Trojan is detected.
SV-77589r2_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean as first action when programs and jokes are found.
SV-77591r2_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Quarantine if first action fails when programs and jokes are found.
SV-77593r2_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to deny access to the file if an error occurs during scanning.
SV-77595r2_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to allow access to files if scanning times out.
SV-77597r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be enabled to scan mounted volumes when mounted volumes point to a network server without an anti-virus solution installed.
SV-77599r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to run a scheduled On-Demand scan at least once a week.
SV-77601r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to decompress archives when scanning.
SV-77603r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown program viruses.
SV-77605r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown macro viruses.
SV-77607r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find potentially unwanted programs.
SV-77609r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to scan all file types.
SV-77611r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Clean infected files automatically as first action when a virus or Trojan is detected.
SV-77613r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Move infected files to the quarantine directory if first action fails when a virus or Trojan is detected.
SV-77615r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must only be configured with exclusions that are documented and approved by the ISSO/ISSM/AO.
SV-77617r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Clean infected files automatically as first action when programs and jokes are found.
SV-77619r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Move infected files to the quarantine directory if first action fails when programs and jokes are found.
SV-77621r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to decode MIME encoded files.
SV-77623r2_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to include all local drives and their sub-directories.
SV-77625r2_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be enabled to scan mounted volumes when mounted volumes point to a network server without an anti-virus solution installed.
SV-77627r1_ruleThe McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must scan all media used for system maintenance prior to use.
SV-77629r1_ruleThe McAfee VirusScan Enterprise must be configured to receive all patches, service packs and updates from a DoD-managed source.
SV-77631r1_ruleThe nails user and nailsgroup group must be restricted to the least privilege access required for the intended role.
SV-77633r2_ruleA notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes.
SV-77635r1_ruleAccess to the McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x Web UI must be enforced by firewall rules.