概述
迈克菲解决方案可帮助您制定行业和政府法规,并证明企业遵从这些数量不断增长的行业和政府法规。在迈克菲的帮助下,您可以建立可持续发展的统一方法来获取遵循北美法规所需的控制力度,这些法规可保护隐私数据、财务数据及其他敏感数据,如:
- 21 CFR Part 11 (FDA)
- California AB 1950
- California SB 1386
- 公平准确信用交易法案 (FACTA)
- 公平信用报告法 (FCRA)
- 联邦能源管理委员会 (FERC)
- 金融服务现代化法 (GLBA)
- 健康保险流通与责任法案 (HIPAA)
- 支付卡行业数据安全标准 (PCI DSS)
- 个人信息保护及电子文档法案 (PIPEDA)
- 萨班斯-奥克斯利法案 (SOX)
由于法规往往会留下阐释余地,并且许多组织会受到五项或五项以上重叠法规的管制,迈克菲可帮助统一保护企业安全及证明合规性所需的控制手段,并将其演化为一套一致通用的控制方案。这种统一视图可节省您的精力,并让您逐步构建优化安全架构。
迈克菲的终端到网络产品组合可协助您广泛抵御数据丢失、内部威胁、访问缺口和恶意攻击。我们能帮助您了解监管数据所在的位置,以及如何实施策略和控制手段加以保护。报告模板可帮助您生成证明所需的文书。通过自动化和集成功能,将能够节省时间,以便实施核心业务举措。
主要优势
- 跨越多项法规和业务需求进行综合控制
将您的各项需求映射到行业最佳实践并简化控制方案,以掌控一系列通用需求并制定统一实施规划。 - 通过减少要管理的提供商,使合规工作更轻松
我们的解决方案可以满足最广泛的技术和策略需求,同时整合了终端、网络和基于云技术的控制,使您能够更加轻松地遵循行业、联邦和国家法规。通过迈克菲安全创新联盟合作体系,可以享受更进一步的支持。 - 通过任务的自动化执行显著节省时间并提高准确率
借助迈克菲自动化扫描、审核、修补、实施和报告功能,避免耗时的特殊流程和相关错误。 - 自动评估风险并排定修补次序
找出终端和网络系统上存在的问题并确定轻重缓急,然后关联漏洞、违规、资产和对策数据,以便运用有限的资源获取最大的合规回报。 - 享受简化、集中的合规报告
借助标准化的模板对基于代理和无代理系统的数据进行编辑,以实现全面查看,进而改善合规工作相关的数据采集和报告。定制报告以满足管理人员和审核人员的需要。 - 集中了解各项 IT 控制措施
使用 McAfee ePolicy Orchestrator (ePO) 单一管理平台可以全面了解 IT 控制和 PCI 要求,同时有助于减少独立产品相关的麻烦、费用和延迟。 - 借助自动化策略定义,节省时间、避免困扰
利用业界领先的自动化策略模板评估 IT 控制措施并将其映射到监管准则。 - 通过出站电子邮件控制手段避免数据丢失
利用预定义字典(仅提供英文版)启发式技术自动扫描电子邮件检查财务信息和隐私信息。根据策略拦截、监控或加密邮件以确保合规性。
客户案例
Abtran (English)
McAfee security risk management solutions help Abtran meet clients’ increasing security requirements.
产品特色
- Provided multiple layers of security risk management protection for Abtran’s clients
- Reduced IT hours spent supporting, administering, and monitoring endpoint security
- Cut time to produce weekly security reports from three or four hours to less than two minutes
- Migrated easily and seamlessly from existing anti-virus solutions
California State University, Chico (English)
California State University, Chico, remediates system vulnerabilities and mitigates risk with McAfee Vulnerability Manager.
产品特色
- Increased risk visibility at department and campus levels, enabling snapshot of security status at any time
- Accelerated time to remediation by providing clear remediation steps for systems administrators
- Reduced time spent scheduling vulnerability scans, and preparing and analyzing reports
- Improved and accelerated decision making by providing user-friendly metrics, graphical reports, and trend analysis
- Improved overall security risk posture
DSM (English)
DSM enlists McAfee to strengthen enterprise network security control and compliance.
产品特色
- Provided full visibility into network traffic and connected systems
- Simplified patch management
- Improved compliance with regulations and policies
- Increased efficiencies for significant cost savings
Idaho State Tax Commission (English)
Idaho State Tax Commission chooses McAfee to embed security in a new network infrastructure.
产品特色
- Identified vulnerabilities and blocked threats
- Delivered reliable endpoint protection
- Enabled compliance with National Institute of Standards and Technology (NIST) security guidelines
- Provided support for the commission’s defense-in-depth security strategy
- Helped increase security awareness among network users
PAETEC (English)
Telecommunications provider PAETEC watches sales skyrocket with managed service based on McAfee Network Security Platform.
产品特色
- Protected against emerging threats even before installation of new signatures
- Delivered excellent performance and reliability to PAETEC customers, who enjoy thorough and timely protection against threats without IT infrastructure burdens
- Differentiated against offerings from competitors
- Contributed to an already strong revenue stream and grew to emerge as the fastest growing area of PAETEC’s business
产品
McAfee Total Protection for Data Loss Prevention
McAfee Total Protection for Data Loss Prevention (DLP) 通过随时随地保护敏感数据(无论其位于网络、存储系统还是终端)来捍卫知识产权并确保合规性,同时通过集中式部署、管理和报告省时省钱。
McAfee Total Protection for Data
McAfee Total Protection for Data 提供了强大的加密、身份验证、数据丢失防护和策略驱动型安全控制,可随时随地帮助您保护敏感信息免遭未经授权的访问。
电子邮件和 Web 安全
McAfee Content Security Blade Server
McAfee Content Security Blade Server 可以通过单一高性能解决方案保护企业网络免于垃圾邮件、恶意软件和其他入侵行为的侵扰。Content Security Blade Server 采用新一代刀片服务器架构,有助于降低 IT 成本和复杂性,并能通过插入额外的扫描刀片轻松扩容,从而满足未来的容量需求。
终端保护
McAfee Host Intrusion Prevention for Desktop
McAfee Host Intrusion Prevention for desktop 使用全面的三重防护方法 - 签名分析、行为分析和系统防火墙监控和拦截恶意活动,从而帮助维护企业安全,保证工作效率。通过一款中央控制台 McAfee ePolicy Orchestrator (ePO) 平台即可实现对这种三重方法轻松管理。
McAfee Host Intrusion Prevention for Server
McAfee Host Intrusion Prevention for Server 可以抵御网络犯罪分子带来的各种复杂威胁。通过保护关键企业资产(包括服务器、应用程序、客户信息和数据库),确保您的业务有条不紊。
网络安全
McAfee Network Security Platform
McAfee Network Security Platform () 是业内最稳固的网络入侵防御系统 (IPS).这款系统受迈克菲实验室支持,一般可以帮助客户提前 80 天做好威胁防护措施。它可以实时拦截攻击,避免给企业带来危害,同时妥善保护每台联网设备。借助 McAfee Network Security Platform,可以自动管理风险和确保合规性,同时提高运营效率,减少 IT 部门工作量。
McAfee Network User Behavior Analysis
McAfee Network User Behavior Analysis 可实时监控用户在网络上的行为,以及他们使用重要业务应用程序的情况。这一直观的监控可以为您降低风险和满足合规要求提供必要的决策支持信息。基于数据包采集的自动化监控,以及对安全策略的分析和即时关联可以显著提升准确率,减少检测行为异常所需的时间和工作。
风险与合规性
McAfee Total Protection for Compliance
McAfee Total Protection for Compliance 通过行业首款集成的漏洞管理、合规评估和报告以及全面风险管理解决方案,让企业的合规工作更轻松!
McAfee Application Control
McAfee Application Control 可以确保服务器和终端上只能运行可靠的应用程序。它能够减少未经授权软件带来的风险,加强终端控制,降低运营成本,而且可以在不影响性能的前提下增强固定功能系统的作用。
McAfee Vulnerability Manager
McAfee Vulnerability Manager 可以发现网络中的漏洞和违反策略行为,并排定优先级。通过权衡资产关键性和漏洞严重程度,让您可以重点保护最重要的资产。
服务
事件管理检查
制定更全面、更有效的事件应急响应和管理计划。McAfee Foundstone 将对您事件管理计划中的差距 进行分析,并提供用于提升突发事件应急响应方案的建议。
数据丢失防护评估
检测并防止敏感信息的未授权传输或泄露。 McAfee Foundstone 通过识别被复制的敏感数据或当前正在从其原始预期存储区域传输的敏感数据,来降低您的风险率。
法规和合规性检查
遵循信息安全合规性要求。 McAfee Foundstone 对您企业的法规和合规性状态中的差距进行评估,并给出下一步建议。
漏洞管理检查
评估您的漏洞管理计划。 McAfee Foundstone 对您的计划进行差距分析,以确保计划中的人、流程和技术三方面维持一个完美平衡。
资源
Risk & Compliance Outlook 2011 (English)
In this global study, independent research firm Evalueserve examines the dynamic risk and compliance market, including the state of the industry, the challenges faced by enterprises, and emerging trends that will impact both consumers and vendors.
白皮书
社区
论坛
未找到结果博客
- RDP+RCE=Bad News (MS12-020)
Jim Walter - 三月 14, 2012
See March 15 and 16 updates at the end of this blog. —————————————————- The March Security Bulletin release from Microsoft was relatively light in volume. Out of the six bulletins released, only one was rated as Critical. And for good reason. MS12-020 includes CVE-2012-0002. This flaw is specific to the Remote Desktop Protocol (RDP) present on Read more... - An Update on DNSChanger and Rogue DNS Servers
Jim Walter - 三月 06, 2012
In late 2011, the FBI released documents and data focusing on “Operation Ghost Click.” This malicious operation, leveraging a variety of DNSChanger-type malware, was defined by the FBI as an “international cyber ring that infected millions of computers.” Associated malware samples and events can be traced back several years, and multiple platforms were targeted. To this day many remain Read more... - McAfee Q4 Threats Report Shows Malware Surpassed 75 Million Samples in 2011
David Marcus - 二月 21, 2012
Today we released our Fourth Quarter 2011 Threat Report, revealing that malware surpassed the our estimate of 75 million unique malware samples last year. Although the release of new malware slowed a bit in Q4, mobile malware continued to increase and recorded its busiest year to date. Malware The overall growth of PC-based malware actually Read more... - Cultural Security: Promoting Security Policies Using Organizational Culture
Steven Fox - 九月 06, 2011
Most of us refer to security policies in much the same way as we refer to our car manuals – when something unexpected happens. We know these documents have useful information. However, their utility is tied to situations where answers do not present themselves readily. According to Chris Noel, SVP of Product Management at ANXeBusiness, Read more... - Building an Arsenal of Best-in-Breed Database Security Solutions
Eric Schou - 八月 19, 2011
Visit any news site on the Web, and undoubtedly you’ll come across a barrage of articles publicizing the details of yet another data breach. With the prominence of SQL injection attacks, and malicious insiders and hackers exploiting sensitive data stored on unpatched and vulnerable databases, enterprise organizations have found themselves reevaluating their security strategies. Following Read more...