The McAfee MOVE AntiVirus On Demand Scan policy must be configured to stop an on-demand scan after 150 minutes.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-78481 | MV45-ODS-200003 | SV-93187r1_rule | Medium |
| Description |
|---|
| This setting configures the maximum time (in minutes) for on-demand scanning. The default setting is 150 minutes. Typically, file scans are very fast. However, file scans may take longer due to large file size, file type, or heavy load on the Security Virtual Machine (SVM). For cases where an on-demand scan will take longer, the organization should determine the maximum amount of time for its on-demand scanning and explicitly configure this setting. |
| STIG | Date |
|---|---|
| McAfee MOVE AV Agentless 4.5 Security Technical Implementation Guide | 2017-12-01 |
Details
| Check Text ( C-78043r1_chk ) |
|---|
| Access the McAfee ePO console. Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list. From the Category list, select "On Demand Scan". Select each configured On Demand Scan policy. Click "Show Advanced". Under "On-demand Scan", verify "On-demand scan will stop after" is configured for 150 minutes or less. If "On-demand scan will stop after" is not configured for 150 minutes or less, this is a finding. |
| Fix Text (F-85215r1_fix) |
|---|
| Access the McAfee ePO console. Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list. From the Category list, select "On Demand Scan". Select each configured On Demand Scan policy. Click "Show Advanced". Under "On-demand Scan", configure "On-demand scan will stop after" for 150 minutes or less. Click "Save". |