概述
McAfee Integrity Control 可以拦截未经授权应用程序以及对固定功能系统、服务点基础设施(包括 ATM、POS 系统和自助服务终端)的变更。由于融合了行业领先的白名单和变更控制技术,McAfee Integrity Control 在拦截违反策略的变更的同时,仍然允许应用来自经授权来源的更新。它凭借一个有效的集中管理解决方案,增强了对变更策略的控制,并能有效地保护设备。
全面实施变更策略 — 提供了持续检测变更的功能,同时还能前瞻性地防止未经授权的策略违反行为。McAfee Integrity Control 将保护与策略直接关联,并根据来源、时间窗或批准的变更单验证变更。违反策略的变更将被拦截,因此可大大降低与变更相关的停机和违规行为。
适用于固定功能设备的有效安全 — McAfee Integrity Control 将通过独有的方式将保护层延伸到使用固定 CPU 或内存的设备,包括 POS 终端、ATM 和医疗成像系统等这些执行关键功能和经常保存敏感数据的系统。低负荷占用不影响系统的性能,它对不具备网络访问功能的独立模式同样有效。
集中部署和管理 — 通过与 McAfee ePolicy Orchestrator (McAfee ePO) 软件的无缝集成,可实现轻松的部署、管理和报告。只需借助 McAfee ePO 这一款控制台即可综合管理安全和合规,消除分别管理两个系统中数据的麻烦,因此可以降低拥有成本。通过 McAfee ePO 平台可以轻松完成远程部署,因此,您可以从一个中央位置轻松管理和报告大规模的企业部署。
有效透明的解决方案 — McAfee Integrity Control 在固定功能系统上透明运行,因此,可以快速设置整个服务点基础设施,并且可以在不影响运行的情况下对其进行整体监控。这一灵活、经济且安全的解决方案可动态管理白名单,并支持多种配置,可满足不同企业的需求和设备的需要。
特点和优势
拦截未经授权的应用程序和变更行为
确保服务点基础设施上只运行经批准的软件,并且不会带来其他运营负担。McAfee Integrity Control 可以轻松拦截未经授权、易受攻击或恶意的应用程序,以防它们破坏重要系统的安全。
将变更防护与策略关联
根据来源、时间窗或经批准的变更单验证变更。违反策略的变更行为将被拦截,然后这些行为将被记录并作为警报发送给管理员,以减少停机和违规情况。
监控文件完整性和文件变更
通过检查文件和目录来确定内容、权限或者这两者是否发生了变更。McAfee Integrity Control 提供了不间断的文件完整性监控功能,这对于测试和验证环境安全以及满足重要合规要求(包括 PCI DSS)是必不可少的。它将提供有关每次变更的全面信息,包括用户和用以执行变更的程序。
更全面地控制固定功能系统
借助不影响系统性能的解决方案,将保护层延伸到使用固定 CPU 或内存的设备上,包括 POS 终端、ATM 和医疗成像系统。
符合并保持 PCI DSS 合规性
利用有关服务点基础设施上所有变更事件的信息,遵从 PCI DSS 要求。McAfee Integrity Control 将详细说明哪个服务器或哪些服务器发生了变更、何时发生了变更、变更由哪个用户完成、变更方式、被变更文件中的内容以及变更是否经过了批准。
使用来自受信任来源的动态白名单
消除 IT 管理员人工维护获批应用程序列表的麻烦。而由 IT 部门采用灵活方法,在终端上运行受信任应用程序库取而代之。这样可以避免执行未经授权的软件脚本和动态链接库 (DLL),进一步防范内存漏洞攻击。
通过 ePO 实现集中的部署和管理
借助无缝集成的 McAfee ePolicy Orchestrator (ePO) 软件,可以轻松实现部署、管理和报告。 只需这一款 McAfee ePO 控制台,即可综合管理安全与合规,降低总拥有成本 (TCO)。
系统要求
有关系统要求的完整列表,请参阅平台支持矩阵。
演示/教程
McAfee Continuous Compliance (English)
Use a single solution and achieve continuous compliance with McAfee Configuration Control.
McAfee Risk & Compliance (English)
Learn how McAfee Risk and Compliance products scan your entire network, providing complete visibility and ensuring proper protection.
课程
客户案例
MTXEPS (English)
MTXEPS relies on McAfee Integrity Control to prevent unauthorized changes on point-of-service systems, boosting compliance and ensuring availability.
产品特色
- Protected MTXEPS against malware attacks, data breaches, and unauthorized system changes
- Provided real-time, system-wide visibility into attempted or actual changes to devices
- Helped ensure that security exceeded PCI compliance standards
NYC Department of IT and Telecommunications (English)
NYC Department of IT and Telecommunications uses McAfee for for vulnerability management, endpoint encryption, and other areas of security functionality.
产品特色
- Increased protection with a savings of $18 million
- Provided centralized control across highly distributed IT environment
新闻/活动
新闻
未找到结果活动
未找到结果社区
论坛
未找到结果博客
- RDP+RCE=Bad News (MS12-020)
Jim Walter - 三月 14, 2012
See March 15 and 16 updates at the end of this blog. —————————————————- The March Security Bulletin release from Microsoft was relatively light in volume. Out of the six bulletins released, only one was rated as Critical. And for good reason. MS12-020 includes CVE-2012-0002. This flaw is specific to the Remote Desktop Protocol (RDP) present on Read more... - An Update on DNSChanger and Rogue DNS Servers
Jim Walter - 三月 06, 2012
In late 2011, the FBI released documents and data focusing on “Operation Ghost Click.” This malicious operation, leveraging a variety of DNSChanger-type malware, was defined by the FBI as an “international cyber ring that infected millions of computers.” Associated malware samples and events can be traced back several years, and multiple platforms were targeted. To this day many remain Read more... - McAfee Q4 Threats Report Shows Malware Surpassed 75 Million Samples in 2011
David Marcus - 二月 21, 2012
Today we released our Fourth Quarter 2011 Threat Report, revealing that malware surpassed the our estimate of 75 million unique malware samples last year. Although the release of new malware slowed a bit in Q4, mobile malware continued to increase and recorded its busiest year to date. Malware The overall growth of PC-based malware actually Read more... - Cultural Security: Promoting Security Policies Using Organizational Culture
Steven Fox - 九月 06, 2011
Most of us refer to security policies in much the same way as we refer to our car manuals – when something unexpected happens. We know these documents have useful information. However, their utility is tied to situations where answers do not present themselves readily. According to Chris Noel, SVP of Product Management at ANXeBusiness, Read more... - Building an Arsenal of Best-in-Breed Database Security Solutions
Eric Schou - 八月 19, 2011
Visit any news site on the Web, and undoubtedly you’ll come across a barrage of articles publicizing the details of yet another data breach. With the prominence of SQL injection attacks, and malicious insiders and hackers exploiting sensitive data stored on unpatched and vulnerable databases, enterprise organizations have found themselves reevaluating their security strategies. Following Read more...