Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of Oracle Linux 9
System Settings
Installing and Maintaining Software
System and Software Integrity
Endpoint Protection Software
Endpoint Protection Software
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
Endpoint Protection Software
5 Rules
Endpoint protection security software that is not provided or supported by Oracle Corporation can be installed to provide complementary or duplicative security capabilities to those provided by the base platform. Add-on software may not be appropriate for some specialized systems.
Configure Backups of User Data
Medium Severity
The operating system must conduct backups of user data contained in the operating system. The operating system provides utilities for automating backups of user data. Commercial and open-source products are also available.
Install Intrusion Detection Software
High Severity
The base Oracle Linux 9 platform already includes a sophisticated auditing system that can detect intruder activity, as well as SELinux, which provides host-based intrusion prevention capabilities by confining privileged programs and user sessions which may become compromised.
McAfee Endpoint Security Software
3 Rules
In DoD environments, McAfee Host-based Security System (HBSS) and VirusScan Enterprise for Linux (VSEL) is required to be installed on all systems.
The age of McAfee defintion file before requiring updating
Specify the amount of time (in seconds) before McAfee definition files need to be updated.
McAfee Endpoint Security for Linux (ENSL)
2 Rules
McAfee Endpoint Security for Linux (ENSL) is a suite of software applications used to monitor, detect, and defend computer networks and systems.
Install McAfee Endpoint Security for Linux (ENSL)
Medium Severity
Install McAfee Endpoint Security for Linux antivirus software which is provided for DoD systems and uses signatures to search for the presence of viruses on the filesystem. The
McAfeeTP
package can be installed with the following command:
$ sudo yum install McAfeeTP
Ensure McAfee Endpoint Security for Linux (ENSL) is running
Medium Severity
Install McAfee Endpoint Security for Linux antivirus software which is provided for DoD systems and uses signatures to search for the presence of viruses on the filesystem.
McAfee Host-Based Intrusion Detection Software (HBSS)
1 Rule
McAfee Host-based Security System (HBSS) is a suite of software applications used to monitor, detect, and defend computer networks and systems.
Install the Host Intrusion Prevention System (HIPS) Module
Medium Severity
Install the McAfee Host Intrusion Prevention System (HIPS) Module if it is absolutely necessary. If SELinux is enabled, do not install or enable this module.