Title

(U) The McAfee ENS module enforcement status must be enabled. (Cat II impact)

Discussion

(U) When the McAfee ENS module is not enforcing policies, the resulting set of policies configured and deployed to endpoints will not be applied. The endpoint system will not be protected.

Check Content

(U) From the ePO server console, select “System Tree” From the System Tree select “My Organization” Select >>Assigned Policies. From the "Product:" drop-down list, select "Endpoint Security Common" and verify the Policy Enforcement Status is "All enforce". From the "Product:" drop-down list, select "Endpoint Security Threat Prevention" and verify the Product Enforcement Status is "All enforce". From the "Product:" drop-down list, select "Endpoint Security Firewall" and verify the Product Enforcement Status is "All enforce". If the Product Enforcement Status is not "All enforce" for "Endpoint Security Common", "Endpoint Security Threat Prevention", or "Endpoint Security Firewall", this is a finding.

Fix Text

(U) Access the ePO server console. Select "My Organization". Select System Tree >> Assigned Policies. From the "Product:" drop-down list, select the product(s) for which "Enforcement status:" is "Not enforcing". Click on "Not enforcing" to open the "Enforcement" screen. For "Enforcement Status:", click the "Enforcing" button. Click "Save".

Additional Identifiers

Rule ID: SV-228223r928971_rule

Vulnerability ID: V-228223

Group Title: SRG-APP-000516

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.