Manualshelf

Product guide

ManualsBrandsVMware ManualsComputer equipmentVCENTER CONFIGURATION MANAGER 5.3 - SOFTWARE CONTENT REPOSITORY TOOL GUIDE
61626364656667686970
A
SVA security requirements
The following security measures are implemented on the SVA.
Security
measure
Description
apparmor
apparmor is a kernel module that envelops processes and limits their system access
to predefined items as defined in their profile.
The MOVE scanning process, mvsvc, contains this profile: /etc/apparmor.d/opt
.McAfee.move.bin.mvsvc. There are two apparmor modes: complain and enforce. By
default, mvsvc is in enforce mode. You can change the mode to complain with the aa
complain mvsvc command. To enable enforce mode, use the aaenforce mvsvc
command.
While in complain mode, you can use the command aalogprof to analyze any
requests that the process has made outside of its profile.
For more information, visit this website: https://help.ubuntu.com/12.04/
serverguide/apparmor.html
iptables The sva-firewalls script enables the built-in firewall. Usage is sva-firewalls: start | stop
| restart. By default, the firewall rules allow:
TCP port 22 (SSH)
TCP port 8081 (McAfee Agent default port)
UDP 67, 68 (DHCP)
The script name is sva-firewall. It is located at etc/init.d/ and starts
automatically.
SVA .vmx
configuration
file settings
Add these options to harden the SVA from a VM perspective:
isolation.tools.diskWiper.disable=TRUE
isolation.tools.diskShrink.disable=TRUE
isolation.device.connectable.disable=TRUE
isolation.device.edit.disable=TRUE
RemoteDisplay.maxConnections=1
vmci0.unrestricted=FALSE
log.rotateSize=1000000
log.keepOld=10
For more information, visit this website: http://www.vmware.com/security/
hardening-guides
McAfee MOVE AntiVirus (Agentless) 3.6.0 Product Guide
69