Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of Oracle Linux 8
System Settings
Installing and Maintaining Software
System and Software Integrity
Endpoint Protection Software
Endpoint Protection Software
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
Endpoint Protection Software
10 Rules
Endpoint protection security software that is not provided or supported by Oracle Corporation can be installed to provide complementary or duplicative security capabilities to those provided by the base platform. Add-on software may not be appropriate for some specialized systems.
Configure Backups of User Data
Medium Severity
The operating system must conduct backups of user data contained in the operating system. The operating system provides utilities for automating backups of user data. Commercial and open-source products are also available.
Install Virus Scanning Software
High Severity
Virus scanning software can be used to protect a system from penetration from computer viruses and to limit their spread through intermediate systems. The virus scanning software should be configured to perform scans dynamically on accessed files. If this capability is not available, the system must be configured to scan, at a minimum, all altered files on the system on a daily basis. If the system processes inbound SMTP mail, the virus scanner must be configured to scan all received mail.
Install Intrusion Detection Software
High Severity
The base Oracle Linux 8 platform already includes a sophisticated auditing system that can detect intruder activity, as well as SELinux, which provides host-based intrusion prevention capabilities by confining privileged programs and user sessions which may become compromised.
McAfee Endpoint Security Software
7 Rules
In DoD environments, McAfee Host-based Security System (HBSS) and VirusScan Enterprise for Linux (VSEL) is required to be installed on all systems.
The age of McAfee defintion file before requiring updating
Specify the amount of time (in seconds) before McAfee definition files need to be updated.
Install McAfee Virus Scanning Software
High Severity
Install McAfee VirusScan Enterprise for Linux antivirus software which is provided for DoD systems and uses signatures to search for the presence of viruses on the filesystem.
Install the McAfee Runtime Libraries and Linux Agent
Medium Severity
Install the McAfee Runtime Libraries (MFErt) and Linux Agent (MFEcma).
McAfee Endpoint Security for Linux (ENSL)
2 Rules
McAfee Endpoint Security for Linux (ENSL) is a suite of software applications used to monitor, detect, and defend computer networks and systems.
Install McAfee Endpoint Security for Linux (ENSL)
Medium Severity
Install McAfee Endpoint Security for Linux antivirus software which is provided for DoD systems and uses signatures to search for the presence of viruses on the filesystem. The
McAfeeTP
package can be installed with the following command:
$ sudo yum install McAfeeTP
Ensure McAfee Endpoint Security for Linux (ENSL) is running
Medium Severity
Install McAfee Endpoint Security for Linux antivirus software which is provided for DoD systems and uses signatures to search for the presence of viruses on the filesystem.
McAfee Host-Based Intrusion Detection Software (HBSS)
3 Rules
McAfee Host-based Security System (HBSS) is a suite of software applications used to monitor, detect, and defend computer networks and systems.
Install the Host Intrusion Prevention System (HIPS) Module
Medium Severity
Install the McAfee Host Intrusion Prevention System (HIPS) Module if it is absolutely necessary. If SELinux is enabled, do not install or enable this module.
Install the Asset Configuration Compliance Module (ACCM)
Medium Severity
Install the Asset Configuration Compliance Module (ACCM).
Install the Policy Auditor (PA) Module
Medium Severity
Install the Policy Auditor (PA) Module.