[clamav-users] ClamAV and DoD Approval

[Joel Esler (jesler)]

Every branch of govt and even every service in the DoD, up until recently, had their own approval list.

--
Joel Esler
iPhone

On Jul 12, 2016, at 9:14 PM, TR Shaw <tshaw at oitc.com<mailto:tshaw at oitc.com>> wrote:

Actually they approved ClamAV for use in CI PL 4 & 5 since mid 2000s

iPhone says hi!


On Jul 12, 2016, at 5:55 PM, Albrecht, Thomas C <thomas.c.albrecht at lmco.com<mailto:thomas.c.albrecht at lmco.com>> wrote:

Hi,



I'm hoping someone on this list can answer this question.  I work as a defense contractor, and one (frustrating) requirement that we've had for years is that we've had to install antivirus tools on our servers, no matter the context or risk.  In addition, they had to be "DoD approved" AV tools, which limited us to McAfee and Symantec.  Recently, a new draft guidance came out for configuring RHEL7 servers, and they had an interesting change to their policy.  We were given the option of having either McAfee AV or ClamAV installed.



My question is whether anyone in the ClamAV community knows of any guidance or changes in DoD policy that would have made ClamAV an approved AV client.  If we could find that supporting guidance that would have led the DoD to change their configuration documentation, it would go a long way in letting me get approval to rip out McAfee.



Thanks for any info you might have!



Tom Albrecht



--



Tom Albrecht III, CISSP-ISSEP, GPEN

Cyber Architect, Lockheed Martin MST

thomas.c.albrecht at lmco.com<mailto:thomas.c.albrecht at lmco.com><mailto:thomas.c.albrecht at lmco.com>

610-906-4356 (mobile)



_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml