The McAfee MOVE AV SVM Settings policy ODS scheduler must be set to no more than every seven days.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-78495 | MV45-SVM-200001 | SV-93201r1_rule | Medium |
| Description |
|---|
| Anti-virus software is the mostly commonly used technical control for malware threat mitigation. Anti-virus software on hosts should be configured to scan all hard drives and folders regularly to identify any file system infections and to scan any removable media, if applicable, before media is inserted into the system. Not scheduling a regular scan of the hard drives of a system and/or not configuring the scan to scan all files and running processes introduces a higher risk of threats going undetected. |
| STIG | Date |
|---|---|
| McAfee MOVE AV Agentless 4.5 Security Technical Implementation Guide | 2017-12-01 |
Details
| Check Text ( C-78057r1_chk ) |
|---|
| Access the McAfee ePO console. Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list. From the Category list, select "SVM Settings". Select each configured SVM Settings policy. Click "Show Advanced". Under "ODS Scheduler", verify the "Scan" option is selected. Review the schedule and verify a schedule of at least weekly is configured. If the ODS Scheduler "Scan" option is not selected or the schedule is not configured for at least weekly, this is a finding. |
| Fix Text (F-85229r1_fix) |
|---|
| Access the McAfee ePO console. Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list. From the Category list, select "SVM Settings". Select each configured SVM Settings policy. Click "Show Advanced". Under "ODS Scheduler", select the "Scan" option. In the schedule, configure scan dates to accomplish at least weekly scanning. Click "Save". |