Title

Vendor supported, DOD approved, anti-virus software is not installed and configured on all SAN servers in accordance with the applicable operating system STIG on SAN servers and management devices and kept up-to-date with the most recent virus definition tables. (Cat I impact)

Discussion

The SAN servers and other hosts are subject to virus and worm attacks as are any systems running an OS. If the anti-virus software is not installed or the virus definitions are not maintained on these systems, this could expose the entire enclave network to exploits of known vulnerabilities. The IAO/NSO will ensure that vendor supported, DOD approved, anti-virus software is installed and configured on all SAN servers in accordance with the applicable operating system STIG on SAN servers and management devices and kept up-to-date with the most recent virus definition tables.

Check Content

The reviewer will verify that vendor supported, DOD approved, anti-virus software is installed and configured on all SAN servers in accordance with the applicable operating system STIG on SAN servers and management devices and kept up-to-date with the most recent virus definition tables. If an OS review has reciently been completed verify that the anti-virus check was not a finding. Otherwise perform a manual check as described in the applicable OS checklist.

Fix Text

Install and correctly configure a DOD approved anti-virus.

Additional Identifiers

Rule ID: SV-6743r1_rule

Vulnerability ID: V-6623

Group Title: Anti-virus on servers and host.

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.