- Chat with McAfee Ready to make a purchase or have questions before you buy? Chat with a McAfee expert. Available Monday to Friday.
- Find a Reseller
- Contact Me
- Get Security Notifications Now
- Call: 1-800-620-475
Overview
McAfee Configuration Control automates and enforces compliance configurations for critical servers, saving time and money on audit activity by blocking unauthorized changes. Designed with a flexible and easy-to-use interface, Configuration Control delivers change alerts with configuration and policy enforcement, and helps you quickly address or create your own IT compliance standards — with no expertise required.
Audit, control, and enforce — Easily maintain continuous compliance through our methodical three-step approach. Refine and automate IT audit processes, control changes in your environment by monitoring system integrity, and enforce policies to stop unauthorized changes and keep your enterprise compliant.
Comprehensive change prevention — Stop unwanted or unauthorized changes. McAfee’s unique change policy enforcement allows changes by predetermined time window, trusted source, or approved work ticket. Trusted changes can be automatically allowed; those that are outside of the authorized change profile are denied.
Real-time visibility and alerts to change events — Get alerts to changes occurring in the environment. Using profiles, Configuration Control gives you the power to define the most critical components, files, or objects within a server to monitor.
Lowered audit costs — Configuration Control dramatically cuts audit preparation time, while eliminating the hidden costs of ad hoc and unwanted change.
Features & Benefits
Automate audits and configuration assessments
Get up-to-date data, powerful dashboards and reports, and built-in waiver management to simplify every step of your audit and configuration process.
Control integrity
Track changes in real time with instant alerts, reducing risks that can compromise integrity and compliance.
Enforce change policies and processes
Implement IT controls at the server to allow only authorized changes to the system, eliminating ad hoc alterations, drift, or unwanted configurations.
Focus on critical issues
Define new profiles and focus on what’s critical to monitor by implementing new benchmark standards within minutes. McAfee Configuration Control increases the visibility and curtails the escalating and hidden costs of managing compliance requirements.
Document defensible proof of continuous compliance
Leverage your investment in the McAfee ePolicy Orchestrator (ePO) platform by creating and scheduling reports to show assessments, alerts, change event details, and enforcement policies.
Integrate industry benchmarks
Adapt to changing compliance standards and industry requirements. Download and easily update benchmarks from authoritative sources, such as the National Institute of Standards and Technology (NIST), and view detailed security guidance in minutes.
Incorporate other change management solutions
Use Configuration Control with change management, data center automation, and configuration management database (CMDB) solutions from HP, BMC, IBM, and others. It also works with McAfee Change Reconciliation, which increases efficiency by automatically allowing changes to occur based on the creation and execution of the workflow of a trouble ticket. Change Reconciliation encapsulates the system change details that occur during the workflow, as recorded by Configuration Control, and integrates them with the ticket history and report.
System Requirements
For a complete list of system requirements, see the Platform Support Matrix.
Demos / Tutorials
McAfee Continuous Compliance
Use a single solution and achieve continuous compliance with McAfee Configuration Control.
McAfee Risk & Compliance
Learn how McAfee Risk and Compliance products scan your entire network, providing complete visibility and ensuring proper protection.
News / Events
News
No results foundEvents
No results foundOn Demand
No results foundResources
McAfee Configuration Control
For a technical summary on the McAfee product listed above, please view the product data sheet.
Solution Briefs
White Papers
Community
Forums
No results foundBlogs
- RDP+RCE=Bad News (MS12-020)
Jim Walter - March 14, 2012
See March 15 and 16 updates at the end of this blog. —————————————————- The March Security Bulletin release from Microsoft was relatively light in volume. Out of the six bulletins released, only one was rated as Critical. And for good reason. MS12-020 includes CVE-2012-0002. This flaw is specific to the Remote Desktop Protocol (RDP) present on Read more... - An Update on DNSChanger and Rogue DNS Servers
Jim Walter - March 06, 2012
In late 2011, the FBI released documents and data focusing on “Operation Ghost Click.” This malicious operation, leveraging a variety of DNSChanger-type malware, was defined by the FBI as an “international cyber ring that infected millions of computers.” Associated malware samples and events can be traced back several years, and multiple platforms were targeted. To this day many remain Read more... - McAfee Q4 Threats Report Shows Malware Surpassed 75 Million Samples in 2011
David Marcus - February 21, 2012
Today we released our Fourth Quarter 2011 Threat Report, revealing that malware surpassed the our estimate of 75 million unique malware samples last year. Although the release of new malware slowed a bit in Q4, mobile malware continued to increase and recorded its busiest year to date. Malware The overall growth of PC-based malware actually Read more... - Cultural Security: Promoting Security Policies Using Organizational Culture
Steven Fox - September 06, 2011
Most of us refer to security policies in much the same way as we refer to our car manuals – when something unexpected happens. We know these documents have useful information. However, their utility is tied to situations where answers do not present themselves readily. According to Chris Noel, SVP of Product Management at ANXeBusiness, Read more... - Building an Arsenal of Best-in-Breed Database Security Solutions
Eric Schou - August 19, 2011
Visit any news site on the Web, and undoubtedly you’ll come across a barrage of articles publicizing the details of yet another data breach. With the prominence of SQL injection attacks, and malicious insiders and hackers exploiting sensitive data stored on unpatched and vulnerable databases, enterprise organizations have found themselves reevaluating their security strategies. Following Read more...