On 4/25/10 11:22 PM, Tracy Reed wrote: > This is a small requirement of the standard but major operational pain > in the butt. Daily updates (at least) is the standard for antivirus > definitions these days. Can you imagine somehow ferrying virus > definition files into your private network which has no direct > Internet access because PCI says your AIX machine needs antivirus? Who > is going to sell you antivirus for AIX anyway? > While PCI may not specifically say that it requires anti-virus on platform X, Y, or Z it is up to the QSA to make the final decision. The QSA used at my previous company required without question that all in-scope servers be running some form of anti-virus. Using a weekly ClamAV scan was acceptable in this case. One server was configured to download the updates and all in-scope servers downloaded updates from it.
At my new $WORK, we are preparing for a Level 1 Service Provider audit and thus have decided to install ClamAV everywhere in-scope. While most know it is a complete waste of time, it should be one less thing that needs done during remediation. F-Prot sells antivirus for AIX, FreeBSD, Linux, Solaris, etc. I'm not sure how good it is but that was not your question. :-) http://www.f-prot.com/products/corporate_users/ _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
