概述
McAfee Total Protection for Compliance 采用基于代理和无代理技术对托管和未托管系统进行审核、评估和报告,可以将 IT 审核所需的时间从数周缩短至数天。
Total Protection for Compliance 套件包括 McAfee Policy Auditor、McAfee Vulnerability Manager、McAfee ePolicy Orchestrator (ePO) 平台、McAfee Labs Global Threat Intelligence 服务以及具备防范措施识别型风险管理功能的 McAfee Risk Advisor。
优化您的安全投资 - 我们的集成解决方案可以前瞻性地整合威胁、漏洞和防范措施信息,从而确定真正面临风险的资产。通过它,您可以准确判断安全工作的时机和重点,有效节省时间和成本。
通过统一的 IT 策略审核实现全面防护 - 我们可以通过单一解决方案定义、评估和审核任何设备和系统上的策略。通过避免各自独立的流程和集成关键工具,Total Protection for Compliance 可以有效提升效率,减少违规的风险。
集成的技术 - 集成的基于代理和无代理扫描和报告技术可以让您针对主机系统进行深入的策略评估,自动了解企业的合规性情况。Total Protection for Compliance 可以进一步将网络中的合规性范围扩展到帐户、文件、网络和系统访问的策略设置。
全面支持 - 评估和报告包括面向 PCI DSS、SOX、FDCC、FISMA、HIPAA 等法规的内容。
简化合规性工作 - 通过定制的策略和检查,您可以指定特定的资产群组、选择模板并执行审核。
特点和优势
通过集中的安全与合规性管理,显著降低成本
在 McAfee ePolicy Orchestrator (ePO) 平台的集中管理下,实现所有风险控制与合规性活动的自动化。使用这一共享的平台,您可以在基于代理和无代理系统中部署、管理和报告系统安全及策略合规性情况。只需一次性定义和选择统一的策略基准,就能应用于多种不同的资产类型。
缩短审核时间
在主机和网络系统中实现耗时的审核任务自动化。使用内部报告顺利通过外部审核。
享受实时的合规准确性
通过对 XCCDF 和 OVAL 这类基准的内置支持,严格按照相关法规和标准来评估合规性级别。始终确保实时获得用于内部和外部审核的数据。
为保护注入智能
将威胁信息与漏洞和部署的防范措施进行关联,充分了解您的风险状况及需要重点修补的区域。
通过现有安全产品实现可观的投资回报
多层防护措施在威胁出现时将起到积极作用。
提升运营效率
告别耗时的手动流程,自动关联威胁与面临风险的关键资产,从而降低修补成本。
系统要求
演示/教程
McAfee Risk Advisor (English)
Learn how McAfee Risk Advisor takes the guesswork out of protecting your critical assets.
课程
奖项/评述
ToPS for Compliance 荣膺《SC》杂志五星级评价
《SC》杂志在对 McAfee Total Protection for Compliance 进行评估后,授予迈克菲五颗星的满分评级。评估结果肯定了 Total Protection for Compliance 是一款卓越的解决方案,可以帮助您有效去顶下一笔安全投资的重点和时机。
新闻/活动
新闻
- McAfee Named a Finalist in 15 Categories of SC Magazine 2011 Awards (English)
十一月 11, 2010主题 : 电子邮件和 Web 安全保护, 风险与合规性
- McAfee Unveils Unparalleled Risk Management Solution (English)
七月 19, 2010主题 : 终端保护, 风险与合规性, Database Security
活动
未找到结果资源
Miercom Lab Test Report — McAfee Risk Management Solution (English)
Miercom conducted an extensive battery of tests that the McAfee Risk Management solution passed in four major areas, including vulnerability lifecycle management, security and compliance assessment, risk management, and reporting.
ESG Technology Brief: Real-Time Risk Management (English)
Learn about the benefits of Real-time Risk Management, a new discipline CISOs need to implement to address the rapidly changing threat landscape with up to the minute information about threats, vulnerabilities, and assets; comprehensive visibility of the entire IT infrastructure; and continuous assessment of existing security controls.
解决方案简介
白皮书
社区
论坛
未找到结果博客
- RDP+RCE=Bad News (MS12-020)
Jim Walter - 三月 14, 2012
See March 15 and 16 updates at the end of this blog. —————————————————- The March Security Bulletin release from Microsoft was relatively light in volume. Out of the six bulletins released, only one was rated as Critical. And for good reason. MS12-020 includes CVE-2012-0002. This flaw is specific to the Remote Desktop Protocol (RDP) present on Read more... - An Update on DNSChanger and Rogue DNS Servers
Jim Walter - 三月 06, 2012
In late 2011, the FBI released documents and data focusing on “Operation Ghost Click.” This malicious operation, leveraging a variety of DNSChanger-type malware, was defined by the FBI as an “international cyber ring that infected millions of computers.” Associated malware samples and events can be traced back several years, and multiple platforms were targeted. To this day many remain Read more... - McAfee Q4 Threats Report Shows Malware Surpassed 75 Million Samples in 2011
David Marcus - 二月 21, 2012
Today we released our Fourth Quarter 2011 Threat Report, revealing that malware surpassed the our estimate of 75 million unique malware samples last year. Although the release of new malware slowed a bit in Q4, mobile malware continued to increase and recorded its busiest year to date. Malware The overall growth of PC-based malware actually Read more... - Cultural Security: Promoting Security Policies Using Organizational Culture
Steven Fox - 九月 06, 2011
Most of us refer to security policies in much the same way as we refer to our car manuals – when something unexpected happens. We know these documents have useful information. However, their utility is tied to situations where answers do not present themselves readily. According to Chris Noel, SVP of Product Management at ANXeBusiness, Read more... - Building an Arsenal of Best-in-Breed Database Security Solutions
Eric Schou - 八月 19, 2011
Visit any news site on the Web, and undoubtedly you’ll come across a barrage of articles publicizing the details of yet another data breach. With the prominence of SQL injection attacks, and malicious insiders and hackers exploiting sensitive data stored on unpatched and vulnerable databases, enterprise organizations have found themselves reevaluating their security strategies. Following Read more...