Organization-specific Trellix Applications Control Options policies must be created and applied to all endpoints.

An XCCDF Rule

Description

To ensure Solidcore clients are only configured to STIG and organization-specific settings, organization-specific ePO policies must be applied to all organization workstation endpoints rather than resorting to the Trellix Applications Control (Default) policy.

ID: SV-213335r961479_rule
Version: MCAC-TE-000109
Severity: Medium
References: CCI-001774
Updated: 18 days ago

Remediation Templates

From the ePO server console System Tree, select the "Systems" tab.

Select "This Group and All Subgroups".
Select the asset.
Select "Actions".
Select "Agent".Select "Modify Policies on a Single System".

From the product pull-down list, select Solidcore 8.x: Application Control.

From the "Actions" column, select "Edit Assignment" for the "Application Control Options (Windows) Category".

Next to "Assigned policy:", click on drop-down selection box and choose an organization-specific Application Control Options policy for the asset being reviewed.

Click "Save".

If no organization-specific Application Control Options policy exist, click on "New Policy".

Choose "Trellix Default" for "Create a policy based on this existing policy".

Type a unique Policy Name.

Click "OK".

Configure the "Self-Approval", "End User Notifications", "Features", "Inventory", and "Reputation" tabs according to the organization's written policy and remaining STIG settings.

Organization-specific Trellix Applications Control Options policies must be created and applied to all endpoints.

Description

Remediation Templates

A Manual Procedure