This is not the current revision of this Checklist, view the current revision.
| Target | CPE Name |
|---|---|
| Mcafee Virusscan Enterprise 8.8.0 | cpe:/a:mcafee:virusscan_enterprise:8.8.0 (View CVEs) |
This McAfee Antivirus Technology Overview, along with the associated McAfee Antivirus STIG, provides the technical security policies, requirements, and implementation details for applying security concepts to Commercial-Off-The-Shelf (COTS) applications. Malware, also known as malicious code and malicious software, refers to a program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim's data, applications, or operating system or otherwise annoying or disrupting the victim. Malware has become the most significant external threat to most systems, causing widespread damage and disruption, and necessitating extensive recovery efforts within most organizations. Spyware malware's intention is to violate a user's privacy and has become a major concern to organizations. Although privacy violating malware has been in use for many years, it has become much more widespread recently, with spyware invading many systems to monitor personal activities and conduct financial fraud. Organizations also face similar threats from a few forms of non-malware threats that are often associated with malware. One of these forms that has become commonplace is phishing, which is using deceptive computer-based means to trick individuals into disclosing sensitive information. Another common form is virus hoaxes, which are false warnings of new malware threats. These requirements address several major forms of malware, including viruses, worms, Trojan horses, malicious mobile code, blended attacks, spyware tracking cookies, and attacker tools, such as backdoors and root kits. Even though this document addresses the security of COTS applications rather than an operating system, it is not possible to completely separate the security issues. Security is an attribute of the whole as well as of each of the parts. In accordance with this philosophy, the same policies and guidance that apply clearly to operating systems are also applicable to applications. 2. GENERAL ANTIVIRUS GUIDANCE 2.1 AntiVirus Information Next to properly configured operating system security controls, effective antivirus software is the most critical tool in securing desktop application systems. The value of updated software with current virus definition files cannot be underestimated. Malicious programs that result in a denial of service (DoS) or corruption of data can be thwarted with antivirus programs that look for signatures of known viruses and take preventative action. The use of products by DoD organizations, other than those available on the DoD Patches Repository website, is discouraged. DoD has special licensing agreements with both McAfee and Symantec. It must be noted that the guidelines in this section have been written to apply to clients whether on a server or workstation. Using these guidelines for mail servers does not provide appropriate or adequate protection for servers running complex applications (such as Microsoft Exchange or Lotus Notes). Additional antivirus measures need to be taken on mail servers. The following sub-sections provide general guidance that applies to all antivirus software. It is recommended that signatures files be updated daily. 2.2 General Guidance for Antivirus Software This section details general guidance for the configurations of antivirus products. Scans at boot time (or daily) are recommended when this would not cause a significant impact to operations. The following file types are particularly vulnerable as the host for a virus. These file types must be included in the antivirus scan: - Executable, service and driver files (i.e., files suffixed with .bat, .bin, .com, .dll, .exe, .sys, etc.) - Application data files that could contain a form of mobile code (i.e., files suffixed with .doc, .dot, .rtf, .xls, .xlt, .hta, scrap objects, .wsh, etc.) In the event that a virus is found, the user must be notified. This allows the user to take any additional action to reduce damage and halt propagation of the virus. The user should also exercise the appropriate computer security incident reporting requirements as defined by the site.
Not provided.
This document is a requirement for all DoD administered systems and all systems connected to DoD networks. These requirements are designed to assist Security Managers (SMs), Information Assurance Managers (IAMs), Information Assurance Officers (IAOs), and System Administrators (SAs) with configuring and maintaining security controls. This guidance supports DoD system design, development, implementation, certification, and accreditation efforts.
Not provided.
DoD Directive (DoDD) 8500.1 and DoDI 8500.2
Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document.
Not provided.
Not provided.
disa.stig_spt@mail.mil
Not provided.
Not provided.
Version 5, Release 7 Overview - 03 August 2015 Version 5, Release 7 Managed Client - 03 August 2015 Version 5, release 6 Local Client - 03 August 2015 Changed status from "Under Review" to "Final" - 03 June 2015 Version 5, Release 3 - 25 July 2014 Version 5, Release 2 - 25 April 2014 Version 5, Release 1 - 9 January 2014 Version 5, Release 4 - 30 October 2014 Updated status to "Final" - 07 January 2015 Added Local Stig Version 5, Release 4 - 08 February 2015 Added Managed Client Stig Version 5, Release 5 - 08 February 2015 Version 5, Release 7 Overview - 03 August 2015 Version 5, Release 6 Local Client - 03 August 2015 Version 5, Release 7 Managed Client - 03 August 2015 Changed status from "under review" to "final" - 10 September 2015 Version 5, Release 7 Local Client - 28 October 2015 Version 5, Release 8 - 28 October 2015 Changed status from "Under Review" to "Final" - 04 December 2015 5/2/2016 - Version 5, Release 9 moved to FINAL - 6/7/2016 updated 8.8 managed client resouce to v5, r11 - 07/22/2016 Updated to FINAL - 09/12/2016 updated STIG to v5, r10 - 10/28/2016 updated - 12-02-2016 updated to FINAL - 1/3/2017 Updated to Version 5, Release 12 - 01/27/2017 Updated to FINAL - 03/08/2017 Updated to v5, r13 - 04/24/2017 Updated to FINAL - 05/22/2017 null Updated URL to reflect change to the DISA website - http --> https updated to v5,r14 - 02/16/2018 Updated to FINAL - 3/18/2018 updated to v5,r15 - 4/25/18 Corrected Title - 5/9/18 update to FINAL - 6/8/18 updated to v5,r16 - 7/24/18 Updated to FINAL - 8/24/18 updated to v5, r20 - 4/30/2019 Updated URLs - 6/6/19 Updated URLs - 6/25/19 updated URLs - 11/1/19 added SCC links per DISA guidance - 4/20/2021
| URL | Description |
|---|---|
| https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_McAfee_VirusScan88_V5R7_Overview.zip | McAfee Virus Scan 8.8 Overview - Ver 5, Rel 7 |
| Reference URL | Description |
|---|---|
| https://dl.dod.cyber.mil/wp-content/uploads/stigs/pdf/u_McAfee_VirusScan_Enterprise_Version88_Release_Memo.pdf | McAfee Antivirus 8.8 Release Memo |