Details

Anti-virus signature files are updated almost daily by anti-virus software vendors. These files are made available to anti-virus clients as they are published. Keeping virus signature files as current as possible is vital to the security of any system. The anti-virus software product must be configured to receive those updates automatically in order to afford the expected protection.

While obtaining updates, patches, service packs and updates from the vendor are timelier, the possibility of corruption or malware being introduced to the system is higher. By obtaining these from an official DoD source and/or downloading them to a separate system first and validating them before making them available to systems, the possibility of malware being introduced is mitigated.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Configure the ePO server to use the DoD-controlled source repository.

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_McAfee_VSEL_1-9_2-0_Y20M04_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

• 800-53|CM-5(3)
• CAT|II
• CCI|CCI-001749
• Rule-ID|SV-77555r1_rule
• STIG-ID|DTAVSEL-201
• Vuln-ID|V-63065

Source

• Tenable.com/audits