STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Trellix Application Control 8.x Security Technical Implementation Guide

V-213327

CAT I (High)

The Solidcore client Command Line Interface (CLI) must be in lockdown mode.

Rule ID

SV-213327r961470_rule

STIG

Trellix Application Control 8.x Security Technical Implementation Guide

Version

V3R2

CCIs

CCI-001762

Discussion

By default, when an endpoint's Solidcore installation is managed by the ePO server, the CLI will automatically be in lockdown mode. This will ensure the endpoint receives all of its Solidcore configuration settings from the ePO server. The CLI can, however, be activated for troubleshooting efforts during which time the ePO settings will not be enforced. Leaving the CLI in an allowed status will prevent the endpoint from receiving changes from the ePO server for the Solidcore client.

Check Content

Determine CLI status.

Access the system being reviewed. From an operating system command line, execute the following command:

sadmin status <enter>

If the status for CLI is "Allowed" or "Recovered", this is a finding.

Fix Text

From the ePO server console System Tree, select the "Systems" tab.

Select "This Group and All Subgroups".
Select the asset.
Select "Actions".
Select "Agent".
Click "Actions".
Select "New Client Task Assignment" to open the Client Task Assignment Builder page.

Select the "Solidcore 8.x product", "SC: Change Local CLI Access" task type, then click "Create New Task" to open the Client Task Catalog page.

Change "CLI status" to "Restrict".

Click "Save".