EX13-MB-000265 - Exchange servers must have an approved DoD email-aware virus protection software installed.

Information

With the proliferation of trojans, viruses, and spam attaching themselves to email messages (or attachments), it is necessary to have capable email-aware antivirus (AV) products to scan messages and identify any resident malware. Because email messages and their attachments are formatted to the MIME standard, a flat-file AV scanning engine is not suitable for scanning email message stores.

Email-aware antivirus engines must be Exchange 2013 compliant. Competent email scanners will have the ability to scan mail stores, attachments (including zip or other archive files) and mail queues and to issue warnings or alerts if malware is detected. As with other AV products, a necessary feature to include is the ability for automatic updates.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Update the EDSP.

Install and configure a DoD-approved compatible Exchange 2013 email-aware antivirus scanner product.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Exchange_2013_Y24M07_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-8(2), CAT|I, CCI|CCI-001308, Rule-ID|SV-207319r961161_rule, STIG-ID|EX13-MB-000265, STIG-Legacy|SV-84667, STIG-Legacy|V-70045, Vuln-ID|V-207319

Plugin: Windows

Control ID: 395bfea2901f8c0d63f976fb517e4e854acc81d57fb69d6b7cef131fc3ee820d