McAfee Total Protection for Compliance

McAfee Total Protection for Compliance

Simplified compliance through unified IT policy auditing and risk management

Next Steps:


McAfee Total Protection for Compliance uses agent-based and agentless technology to audit, assess, and report across managed and unmanaged systems, reducing the time and effort required for IT audits from weeks to days.

The Total Protection for Compliance suite includes McAfee Policy Auditor for Desktops, McAfee Vulnerability Manager, McAfee ePolicy Orchestrator (ePO) platform, McAfee Labs Global Threat Intelligence service, and McAfee Risk Advisor with countermeasure-aware risk management.

Optimize your security investment — Our integrated solution proactively combines threat, vulnerability, and countermeasure information to pinpoint assets that are truly at risk. It takes the guesswork out of when and where to focus your security efforts, saving you time and money.

Total protection through unified IT policy auditing — Our single solution defines, assesses, and reviews policies across the widest range of devices and desktops. By eliminating standalone processes and integrating critical tools, Total Protection for Compliance boosts efficiency and reduces the window of noncompliance.

Integrated technology — Integrated agent-based and agentless scanning and reporting give you deep policy assessments on host systems for automated snapshots of compliance. Total Protection for Compliance further extends compliance coverage across your network into policy settings for account, file, network, and system access.

Comprehensive support — Assessments and reports include content for PCI DSS, SOX, FDCC, FISMA, HIPAA, and many more.

Simplified compliance — With customized policies and checks, you can target a specific group of assets, select a template, and conduct an audit.

Features & Benefits

Reduce costs with centralized management of security and compliance

Automate all risk and compliance activities under the centralized management of the McAfee ePolicy Orchestrator (ePO) platform. Use this shared platform to deploy, manage, and report on system security and policy compliance in both agent-based and agentless systems. Define and select a policy benchmark once, then apply it across many different asset types.

Reduce audit time

Automate time-consuming auditing tasks on both host and network systems. Successfully pass external audits using internal reports.

Get real-time compliance accuracy

Assess compliance levels against regulations and standards with built-in support for benchmarks like XCCDF and OVAL content. Ensure data is always current for internal and external audits.

Add intelligence to protection

Correlate threat information with vulnerabilities and deployed countermeasures to understand your risk posture and where to focus remediation efforts.

Demonstrate measurable ROI for existing security products

Illuminate the positive impact of multilayered defenses as threats materialize.

Improve operational efficiencies

Reduce patching costs by automating the manual and time-consuming process of correlating threats to critical assets at risk.

System Requirements

Please see individual web pages for system requirements.

Demos / Tutorials


For guidance on how to use this McAfee product, watch the Quick Tips video listed above.

For guidance on how to use this McAfee product, watch the Quick Tips video listed above.

For guidance on how to use this McAfee product, watch the Quick Tips video listed above.

This collection of Quick Tips videos details some of the key features of McAfee Vulnerability Manager, including custom reports, asset discovery, and remediation workflow.


Solution Briefs

Total Protection for Compliance: Unified IT Policy Auditing

McAfee Total Protection for Compliance combines the power of McAfee Vulnerability Manager and McAfee Policy Auditor, and integrates them with McAfee ePolicy Orchestrator (McAfee ePO) to create a single platform for deployment, management, risk analysis, and compliance reporting.

Agent or Agentless Policy Assessments: Why Choose?

McAfee Total Protection for Compliance combines agent and agent-less assessments to simplify audits.

White Papers

Conquer the Top 20 Critical Security Controls

Critical Security Controls (CSCs) help organizations break down operational silos by providing a pragmatic blueprint detailing where to focus efforts to achieve the greatest results. This white paper maps the quick wins within the first five CSCs to associated McAfee products, services, and partner solution capabilities — all part of the Security Connected platform.

Operational Efficiencies of Proactive Vulnerability Management

Learn how automating and integrating Vulnerability Management Activities can reduce the operational cost of vulnerability management.

SANS Institute: Correlating Event Data for Vulnerability Detection & Remediation

Learn how network attacks can be avoided by utilizing a SIEM platform that combines historical data with real-time data from network sources and security policies to provide context around application usage, user behaviors, and other operations — for better, more accurate reporting.

The Case for Continuous Compliance

McAfee Configuration Control eliminates manual processes and point product integration, providing single-console control for meeting compliance requirements.



  • We Tried the NIST Framework and It Works
    Kent Landfield - February 11, 2015

    By Kent Landfield, Director of Standards and Technology Policy, Intel Security, and Malcolm Harkins, Chief Security and Privacy Officer at Intel When the Administration released the Framework for Improving Critical Infrastructure Cybersecurity (the Framework) on February 12, 2014, many of us at Intel and Intel Security were familiar with the details, as we had participated […]

    The post We Tried the NIST Framework and It Works appeared first on McAfee.

  • Shedding light on ‘Shadow IT’
    David Small - January 9, 2014

    BYOD, BYOA, BYOx. The IT industry is full of acronyms depicting its constant evolution and relationship with the professional world. First came the devices; employees saw the power of personal devices and insisted on using them in the workplace. And so the consumerisation of IT was born. After the devices came the apps. Companies reported […]

    The post Shedding light on ‘Shadow IT’ appeared first on McAfee.

  • Walking the Talk on Public-Private Partnerships
    Tom Gann - August 16, 2013

    There’s been a lot of talk about the value of public-private partnerships in moving the U.S. toward a more robust cyber security posture. And let’s be honest:  there’s also been a lot of private sector skepticism about how much the Administration really believed in the concept or how much they would do to make it […]

    The post Walking the Talk on Public-Private Partnerships appeared first on McAfee.

  • Five Factors That Make D.C. Region a Cybersecurity Hub
    Tom Gann - May 29, 2013

    McAfee is based in Silicon Valley, but we know there’s more to tech than California. We recently joined the National Institute of Standards and Technology to launch the National Cybersecurity Center of Excellence, a joint effort among high-tech business, federal, state and local government and local universities located in Rockville, Md. The goal of the […]

    The post Five Factors That Make D.C. Region a Cybersecurity Hub appeared first on McAfee.

  • Getting Assurance in a Time Constrained World
    Intel Security, Inc. - May 20, 2013

    Nothing is as frustrating as when something goes wrong, especially when you have time constraints.  NIST has just released Special Publication 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations where a few notable items have been added to increase the confidence that security, practices, procedures and architectures of information systems […]

    The post Getting Assurance in a Time Constrained World appeared first on McAfee.