DTAVSEL-301 - Access to the McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x Web UI must be enforced by firewall rules.

Information

The McAfee VirusScan Enterprise for Linux WEB GUI is the method for configuring the McAfee VSEL on a non-managed Linux system. The WEB GUI on the system could be used maliciously to gain unauthorized access to the system. By restricting access to interface by implementing firewall rules, the risk of unauthorized access will be mitigated.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Configure a host-based firewall or network-based firewall with rules to restrict access to the McAfee VSEL Web UI, limiting access to specific IP addresses of System Administrators only.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_McAfee_VSEL_1-9_2-0_Y20M04_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-5(1), CAT|II, CCI|CCI-001813, Rule-ID|SV-77635r1_rule, STIG-ID|DTAVSEL-301, Vuln-ID|V-63145

Plugin: Unix

Control ID: 98705a1bb07027821b080194764b3fab4201cfbf79dd7819165836678f759792