Title

The McAfee VirusScan log content email parameter is not configured as required. (Cat II impact)

Discussion

This setting controls the entries that are stored in the virus scanning log.

Check Content

From the ePO server console, select Systems tab, select the asset to be checked, select the Policies tab, select from the product pull down list VirusScan Enterprise 8.7.0. Locate in the Category column the On Delivery Email Policies. Select from the Policy column the policy associated with the On Delivery Email Policies. Under the Reports tab, locate the "What to log in addition to scanning activity" label. Ensure the "Session summary", and "Failure to scan encrypted files", options are selected. Criteria: If the "Session summary", and "Failure to scan encrypted files", options are selected, this is not a finding.

Fix Text

From the ePO server console, select Systems tab, select the asset to be checked, select the Policies tab, select from the product pull down list VirusScan Enterprise 8.7.0. Locate in the Category column the On Delivery Email Policies. Select from the Policy column the policy associated with the On Delivery Email Policies. Under the Reports tab, locate the "What to log in addition to scanning activity:" label. Select the "Session summary", and "Failure to scan encrypted files", options. Select Save.

Additional Identifiers

Rule ID:

Vulnerability ID: V-6598

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.