Discussion:
[clamav-users] ClamAV and DoD Approval
Albrecht, Thomas C
2016-07-12 22:55:36 UTC
Permalink
Hi,



I'm hoping someone on this list can answer this question. I work as a defense contractor, and one (frustrating) requirement that we've had for years is that we've had to install antivirus tools on our servers, no matter the context or risk. In addition, they had to be "DoD approved" AV tools, which limited us to McAfee and Symantec. Recently, a new draft guidance came out for configuring RHEL7 servers, and they had an interesting change to their policy. We were given the option of having either McAfee AV or ClamAV installed.



My question is whether anyone in the ClamAV community knows of any guidance or changes in DoD policy that would have made ClamAV an approved AV client. If we could find that supporting guidance that would have led the DoD to change their configuration documentation, it would go a long way in letting me get approval to rip out McAfee.



Thanks for any info you might have!



Tom Albrecht



--



Tom Albrecht III, CISSP-ISSEP, GPEN

Cyber Architect, Lockheed Martin MST

***@lmco.com<mailto:***@lmco.com>

610-906-4356 (mobile)



_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Joel Esler (jesler)
2016-07-13 00:59:48 UTC
Permalink
We've not made any special modifications to the code to enable it for use in the Government.

We are glad to see that it is available for use, however.

--
Joel Esler
iPhone

On Jul 12, 2016, at 6:56 PM, Albrecht, Thomas C <***@lmco.com<mailto:***@lmco.com>> wrote:

Hi,



I'm hoping someone on this list can answer this question. I work as a defense contractor, and one (frustrating) requirement that we've had for years is that we've had to install antivirus tools on our servers, no matter the context or risk. In addition, they had to be "DoD approved" AV tools, which limited us to McAfee and Symantec. Recently, a new draft guidance came out for configuring RHEL7 servers, and they had an interesting change to their policy. We were given the option of having either McAfee AV or ClamAV installed.



My question is whether anyone in the ClamAV community knows of any guidance or changes in DoD policy that would have made ClamAV an approved AV client. If we could find that supporting guidance that would have led the DoD to change their configuration documentation, it would go a long way in letting me get approval to rip out McAfee.



Thanks for any info you might have!



Tom Albrecht



--



Tom Albrecht III, CISSP-ISSEP, GPEN

Cyber Architect, Lockheed Martin MST

***@lmco.com<mailto:***@lmco.com><mailto:***@lmco.com>

610-906-4356 (mobile)



_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
TR Shaw
2016-07-13 01:14:22 UTC
Permalink
Actually they approved ClamAV for use in CI PL 4 & 5 since mid 2000s

iPhone says hi!


> On Jul 12, 2016, at 5:55 PM, Albrecht, Thomas C <***@lmco.com> wrote:
>
> Hi,
>
>
>
> I'm hoping someone on this list can answer this question. I work as a defense contractor, and one (frustrating) requirement that we've had for years is that we've had to install antivirus tools on our servers, no matter the context or risk. In addition, they had to be "DoD approved" AV tools, which limited us to McAfee and Symantec. Recently, a new draft guidance came out for configuring RHEL7 servers, and they had an interesting change to their policy. We were given the option of having either McAfee AV or ClamAV installed.
>
>
>
> My question is whether anyone in the ClamAV community knows of any guidance or changes in DoD policy that would have made ClamAV an approved AV client. If we could find that supporting guidance that would have led the DoD to change their configuration documentation, it would go a long way in letting me get approval to rip out McAfee.
>
>
>
> Thanks for any info you might have!
>
>
>
> Tom Albrecht
>
>
>
> --
>
>
>
> Tom Albrecht III, CISSP-ISSEP, GPEN
>
> Cyber Architect, Lockheed Martin MST
>
> ***@lmco.com<mailto:***@lmco.com>
>
> 610-906-4356 (mobile)
>
>
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Joel Esler (jesler)
2016-07-13 01:17:28 UTC
Permalink
Every branch of govt and even every service in the DoD, up until recently, had their own approval list.

--
Joel Esler
iPhone

On Jul 12, 2016, at 9:14 PM, TR Shaw <***@oitc.com<mailto:***@oitc.com>> wrote:

Actually they approved ClamAV for use in CI PL 4 & 5 since mid 2000s

iPhone says hi!


On Jul 12, 2016, at 5:55 PM, Albrecht, Thomas C <***@lmco.com<mailto:***@lmco.com>> wrote:

Hi,



I'm hoping someone on this list can answer this question. I work as a defense contractor, and one (frustrating) requirement that we've had for years is that we've had to install antivirus tools on our servers, no matter the context or risk. In addition, they had to be "DoD approved" AV tools, which limited us to McAfee and Symantec. Recently, a new draft guidance came out for configuring RHEL7 servers, and they had an interesting change to their policy. We were given the option of having either McAfee AV or ClamAV installed.



My question is whether anyone in the ClamAV community knows of any guidance or changes in DoD policy that would have made ClamAV an approved AV client. If we could find that supporting guidance that would have led the DoD to change their configuration documentation, it would go a long way in letting me get approval to rip out McAfee.



Thanks for any info you might have!



Tom Albrecht



--



Tom Albrecht III, CISSP-ISSEP, GPEN

Cyber Architect, Lockheed Martin MST

***@lmco.com<mailto:***@lmco.com><mailto:***@lmco.com>

610-906-4356 (mobile)



_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Jerry
2016-07-13 09:27:43 UTC
Permalink
On Tue, 12 Jul 2016 20:14:22 -0500, TR Shaw stated:

>Actually they approved ClamAV for use in CI PL 4 & 5 since mid 2000s

Interesting; can you supply any documentation to support this?

--
Jerry
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Loading...