UCF STIG Viewer Logo

The McAfee MOVE AV On Demand Scan policy must be explicitly configured to stop an on-demand scan after an organization-specific period.


Overview

Finding ID Version Rule ID IA Controls Severity
V-78547 MV45-ODS-000003 SV-93253r1_rule Medium
Description
This setting configures the maximum time, in minutes, for on-demand scanning. The default setting is 150 minutes. Typically, file scans are very fast. However, file scans may take longer due to large file size, file type, or heavy load on the Security Virtual Machine (SVM). For cases where an on-demand scan will take longer, an organization should determine the maximum amount of time for its on-demand scanning and explicitly configure this setting.
STIG Date
McAfee MOVE AV Multi-Platform 4.5 Security Technical Implementation Guide 2017-12-01

Details

Check Text ( C-78117r1_chk )
Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list.

From the Category list, select "On Demand Scan".

Select each configured On Demand Scan policy.

Click "Show Advanced".

Under "On-demand Scan", verify "On-demand scan will stop after" is configured for "150" minutes or less.

If "On-demand scan will stop after" is not configured for "150" minutes or less, this is a finding.
Fix Text (F-85283r1_fix)
Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list.

From the Category list, select "On Demand Scan".

Select each configured On Demand Scan policy.

Click "Show Advanced".

Under "On-demand Scan", configure "On-demand scan will stop after" for 150 minutes or less.

Click "Save".