U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

Symantec Antivirus STIG Version 4, Release 1 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
Symantec Antivirus cpe:/a:symantec:antivirus (View CVEs)

Checklist Highlights

Checklist Name:
Symantec Antivirus STIG
Checklist ID:
462
Version:
Version 4, Release 1
Type:
Compliance
Review Status:
Archived
Authority:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:
12/03/2009

Checklist Summary:

This Desktop Anti-Virus Technology Overview, along with the associated Desktop Anti-Virus STIG, provides the technical security policies, requirements, and implementation details for applying security concepts to Commercial-Off-The-Shelf (COTS) applications. The nearly universal presence of systems on the desktops of all levels of staff provides tremendous opportunities for office automation, communication, data sharing, and collaboration. Unfortunately, this presence also brings about dependence and vulnerabilities. Malicious and mischievous forces have attempted to take advantage of the vulnerabilities and dependencies to disrupt the work processes of the Government. Compounding this problem is the fact that the vendors of software applications have not expended sufficient effort to provide strong security in their applications. Where applications do offer security options, the default settings typically do not provide a strong security posture. This document provides general guidance on some of the commonly found desktop applications in the most commonly found desktop operating system environments. Web browsers and e-mail clients were given priority, because they are most common. Antivirus products, because of their strategic importance in preventing problems, were also a priority. Other applications were added as specific requirements were identified. Even though this document addresses the security of COTS applications rather than an operating system, it is not possible to completely separate the security issues. Security is an attribute of the whole as well as of each of the parts. In accordance with this philosophy, the same policies and guidance that apply clearly to operating systems are also applicable to applications. The applications addressed in this document utilize mobile code and Public Key Infrastructure (PKI) technologies to enable some of their features. The requirements described in this document are designed to implement the applicable Department of Defense (DoD) polices for those technologies. These policies are described in the Use of Mobile Code Technologies in Department of Defense (DoD) Information Systems (later referred to as the DoD Mobile Code Policy) and the Department of Defense Instruction, “Department of Defense (DoD) Public Key Infrastructure (PKI) and Public Key (PK) Enabling documents, as referenced in Appendix C, Related Publications.

Checklist Role:

  • Antivirus Software

Known Issues:

Not provided.

Target Audience:

The requirements and recommendations set forth in this document will assist IAOs and Information Assurance Managers (IAMs) in protecting desktop applications in DoD locations hereafter referred to as sites. The responsible Configuration Control Board (CCB) will approve revisions to site systems that could have a security impact. Therefore, before implementing desktop application security measures, the IAO will submit a change notice to the CCB for review and approval.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Although there are a few different operating system platforms for desktop environments, this document addresses applications running on Microsoft Windows platforms. This document does not include specific guidance for UNIX or Linux or Apple desktop environments at this time. The security requirements detailed in this document apply to applications installed on Microsoft Windows Server platforms as well as Microsoft Windows Workstation platforms. On server platforms, the security configuration parameters will be set to at least as restrictive values as those listed in this document.

Regulatory Compliance:

DoD Directive (DoDD) 8500.1 and 8500.2

Comments/Warnings/Miscellaneous:

Comments or proposed revisions to this document should be sent via e-mail to fso_spt@disa.mil. DISA FSO will coordinate all change requests with the relevant DoD organizations before inclusion in this document.

Disclaimer:

Not provided.

Product Support:

Comments or proposed revisions to this document should be sent via e-mail to fso_spt@disa.mil. DISA FSO will coordinate all change requests with the relevant DoD organizations before inclusion in this document.

Point of Contact:

fso_spt@disa.mil

Sponsor:

Not provided.

Licensing:

Not provided.

Change History: 



					

						Dependency/Requirements:
					

					

						
							

								URL
								Description
							

						
						
							
						
					


					

						References:
					


					

						
							

								Reference URL
								Description
							

						
						
							
						
					


					

						NIST checklist record last modified on 05/01/2019