UCF STIG Viewer Logo

ECVP-1 Virus Protection


Overview

All Servers, workstations and mobile computing devices (i.e. laptop, PDAs) implement virus protection that includes a capability for automatic updates.

MAC / CONF Impact Subject Area
MACI
MACII
MACIII
High Enclave Computing Environment

Details

Threat
Servers, workstations and mobile computing devices are at risk of attack by computer viruses, unauthorized users, and related threats (Trojan horse, worms, overwriting viruses, malicious code, Denial of Service, etc).  Virus protection software is installed on servers, workstations, and mobile computing devices in an effort to reduce the risk of attack.  This implementation guide is aimed to help technical managers, system administrators, and individual users implement the tools to prevent, detect, identify and contain/remove viruses.

Guidance
1. All servers, workstations and mobile computing devices shall be installed with DoD approved virus protection software.  Selection of the individual DoD approved software should be determined by software accuracy, ease of use, administrative overhead, and system overhead, as well as enterprise or organizational policy on antivirus software acquisition.
2. All servers, workstations and mobile computing devices shall be configured to run automatic updates. The scheduling of automatic updates for specific frequency or time periods shall be set in accordance with DoD, organizational, or and other related requirements.
3. Regular automatic updates may be implemented through either a “push” method (administrators sending current definitions to the workforce from an enterprise server) or a “pull” through the commercial Internet from a vendor’s update server. Implementation method should be selected in accordance with system security requirements (e.g., systems behind a classified boundary will require a “push” implementation).

References

  • CJCSM 8510.101, Defense-in-Depth: Information Assurance (IA) and Computer Network Defense (CND), 25 March 2003
  • NSA Guide to Securing Windows 2000 – Policy Toolsets, Chapter 3, 05 March 2003
  • NSA Guide to Securing Windows XP, Chapters 2 and 4, 22 October 2004
  • DISA Unix STIG, Version 4, Release 4, 15 September 2003
  • DISA UNISYS STIG, 22 July 2003
  • NSA Windows 2000 Security Recommendations Guide 16 January 2004
  • NSA Windows NT Security Recommendations Guide 18 September 2001
  • DISA Database STIG, Version 7, Release 1, 29 October 2004