Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of Red Hat Virtualization 4
System Settings
Installing and Maintaining Software
System and Software Integrity
Endpoint Protection Software
Endpoint Protection Software
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
Endpoint Protection Software
5 Rules
Endpoint protection security software that is not provided or supported by Red Hat can be installed to provide complementary or duplicative security capabilities to those provided by the base platform. Add-on software may not be appropriate for some specialized systems.
Configure Backups of User Data
Medium Severity
The operating system must conduct backups of user data contained in the operating system. The operating system provides utilities for automating backups of user data. Commercial and open-source products are also available.
Install Virus Scanning Software
High Severity
Virus scanning software can be used to protect a system from penetration from computer viruses and to limit their spread through intermediate systems. The virus scanning software should be configured to perform scans dynamically on accessed files. If this capability is not available, the system must be configured to scan, at a minimum, all altered files on the system on a daily basis. If the system processes inbound SMTP mail, the virus scanner must be configured to scan all received mail.
Install Intrusion Detection Software
High Severity
The base Red Hat Virtualization 4 platform already includes a sophisticated auditing system that can detect intruder activity, as well as SELinux, which provides host-based intrusion prevention capabilities by confining privileged programs and user sessions which may become compromised.
McAfee Endpoint Security Software
2 Rules
In DoD environments, McAfee Host-based Security System (HBSS) and VirusScan Enterprise for Linux (VSEL) is required to be installed on all systems.
The age of McAfee defintion file before requiring updating
Specify the amount of time (in seconds) before McAfee definition files need to be updated.
Install McAfee Virus Scanning Software
High Severity
Install McAfee VirusScan Enterprise for Linux antivirus software which is provided for DoD systems and uses signatures to search for the presence of viruses on the filesystem.
McAfee Endpoint Security for Linux (ENSL)
McAfee Endpoint Security for Linux (ENSL) is a suite of software applications used to monitor, detect, and defend computer networks and systems.
McAfee Host-Based Intrusion Detection Software (HBSS)
1 Rule
McAfee Host-based Security System (HBSS) is a suite of software applications used to monitor, detect, and defend computer networks and systems.
Install the Host Intrusion Prevention System (HIPS) Module
Medium Severity
Install the McAfee Host Intrusion Prevention System (HIPS) Module if it is absolutely necessary. If SELinux is enabled, do not install or enable this module.