UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

SMTP email notification must be enabled to ensure administrators are notified of out of date DAT, detected malware and error codes.


Overview

Finding ID Version Rule ID IA Controls Severity
V-63069 DTAVSEL-205 SV-77559r1_rule Medium
Description
Failure of anti-virus signature updates will eventually render the software to be useless in protecting the Linux system from malware. Administration notification for failed updates, via SMTP, will ensure timely remediation of errors causing DATs to not be updated.
STIG Date
McAfee VSEL 1.9/2.0 Managed Client Security Technical Implementation Guide 2015-11-30

Details

Check Text ( C-63821r1_chk )
Log onto the ePO server console.

From Menu, select Automation >> Automatic Responses.

With the assistance of the System Administrator, determine the Automatic Responses configured for this requirement.

Click on Edit to review each of the designated Automatic Responses.

Automatic Responses must be configured for the following Event Descriptions, at a minimum, with a response of "Send Email" to System Administrator(s).

The DAT version was not new enough.
Boot record infection clean error.
Buffer overflow detected and NOT blocked.
Centralized Alerting-Scan reported an internal application error.
Centralized Alerting-Scan reports general system error.
Centralized Alerting-Scan reports memory allocation error.
File infected. Delete failed, quarantine failed.

If Automatic Response is not configured to detect the minimum Event Descriptions and/or is not configured to send an email notification to the System Administrator(s), this is a finding.
Fix Text (F-68987r1_fix)
Configure Automatic Response to capture all required event descriptions and to send email notifications to the System Administrator(s).