概述
无论在什么情况下,您都需要借助实时的信息持续管理风险。这样您可以有效识别和评估风险,量化问题,并根据针对性信息及时采取相应措施。如何以合适的成本在风险与安全保护力度之间取得平衡是企业要面临的一项挑战。迈克菲可以解决这一问题,通过在一个中央平台集中进行安全管理,让您高效地监控和管理 IT 环境,从而更好地控制风险。您能够全面了解风险状况,同时减少 IT 风险管理相关的麻烦、复杂性和成本。
主要优势
- 实时了解风险情况
使用 McAfee ePolicy Orchestrator (ePO) 平台和 McAfee Risk Advisor 实时显示您的风险情况。 - 关注最相关的风险
即时了解安全工作的着重点。仅显示针对关键威胁的警告,充分缩短分析和应对攻击所需的时间。 - 通过自动化管理显著节省时间并提高准确率
通过对扫描、修补、实施和报告功能的自动化监控和管理,避免耗时的安全培训、特殊流程和相关错误,并为更多系统提供保护。 - 享受简化、集中的风险报告
借助标准化的模板对基于代理和无代理系统的数据进行编辑,以实现全面查看,进而改善风险管理相关的数据采集和报告。定制报告以满足管理层、主管人员和董事会成员的需要。 - 充分发挥现有安全产品投资的作用
了解具体的威胁会对哪项法规要求产生影响,以及需要采取何种补救措施。 - 确保合规性
作为经过认证的合格安全评估商 (QSA) 和认可的扫描服务提供商 (ASV),我们可以为您提供一套精心打造的合规方案,帮助您更好地了解信息风险,并根据其严重程度进行排序。 - 避免“紧急修补造成的恐慌”
准确确定哪些关键系统面临风险以及针对哪些方面采取修补措施。
产品
McAfee Host Intrusion Prevention System for Server
McAfee Host Intrusion Prevention for Server 可以抵御网络犯罪分子带来的各种复杂威胁。通过保护关键企业资产(包括服务器、应用程序、客户信息和数据库),确保您的业务有条不紊。
网络安全
McAfee Network Security Platform
McAfee Network Security Platform 是业内最稳固的网络入侵防御系统 (IPS)。这款系统受迈克菲实验室支持,一般可以帮助客户提前 80 天做好威胁防护措施。它可以实时拦截攻击,避免给企业带来危害,同时妥善保护每台联网设备。借助 McAfee Network Security Platform,可以自动管理风险和确保合规性,同时提高运营效率,减少 IT 部门工作量。
风险与合规性
McAfee Vulnerability Manager
McAfee Vulnerability Manager 可以发现网络中的漏洞和违反策略行为,并排定优先级。通过权衡资产关键性和漏洞严重程度,让您可以重点保护最重要的资产。
McAfee Vulnerability Manager for Databases
McAfee Vulnerability Manager for Databases 可以评估所有已知威胁的风险,通过不同的优先级别明确区分威胁程度,并提供修补脚本和建议。
安全管理
McAfee ePolicy Orchestrator
McAfee ePolicy Orchestrator (ePO) 是 McAfee Security Management Platform 的关键组件,也是唯一能够提供终端、网络和数据安全统一管理的企业级软件。凭借可有效缩短事件响应时间的端到端监控和强大的自动化功能,McAfee ePO 软件能够显著增强保护、降低风险和安全管理的成本及复杂性。
服务
事件管理检查
制定更全面、更有效的事件应急响应和管理计划。McAfee Foundstone 将对您事件管理计划中的差距 进行分析,并提供用于提升突发事件应急响应方案的建议。
漏洞管理检查
评估您的漏洞管理计划。 McAfee Foundstone 对您的计划进行差距分析,以确保计划中的人、流程和技术三方面维持一个完美平衡。
身份信息窃取红色警示规则服务
符合合规性要求,改善您企业的整体安全状态。 Foundstone 专家将帮助您实施身份窃取防范计划,分析数据流和风险,以及开发用于检测、防止和缓解身份信息窃取的策略。
资源
Risk & Compliance Outlook 2011 (English)
In this global study, independent research firm Evalueserve examines the dynamic risk and compliance market, including the state of the industry, the challenges faced by enterprises, and emerging trends that will impact both consumers and vendors.
社区
论坛
未找到结果博客
- RDP+RCE=Bad News (MS12-020)
Jim Walter - 三月 14, 2012
See March 15 and 16 updates at the end of this blog. —————————————————- The March Security Bulletin release from Microsoft was relatively light in volume. Out of the six bulletins released, only one was rated as Critical. And for good reason. MS12-020 includes CVE-2012-0002. This flaw is specific to the Remote Desktop Protocol (RDP) present on Read more... - An Update on DNSChanger and Rogue DNS Servers
Jim Walter - 三月 06, 2012
In late 2011, the FBI released documents and data focusing on “Operation Ghost Click.” This malicious operation, leveraging a variety of DNSChanger-type malware, was defined by the FBI as an “international cyber ring that infected millions of computers.” Associated malware samples and events can be traced back several years, and multiple platforms were targeted. To this day many remain Read more... - McAfee Q4 Threats Report Shows Malware Surpassed 75 Million Samples in 2011
David Marcus - 二月 21, 2012
Today we released our Fourth Quarter 2011 Threat Report, revealing that malware surpassed the our estimate of 75 million unique malware samples last year. Although the release of new malware slowed a bit in Q4, mobile malware continued to increase and recorded its busiest year to date. Malware The overall growth of PC-based malware actually Read more... - Cultural Security: Promoting Security Policies Using Organizational Culture
Steven Fox - 九月 06, 2011
Most of us refer to security policies in much the same way as we refer to our car manuals – when something unexpected happens. We know these documents have useful information. However, their utility is tied to situations where answers do not present themselves readily. According to Chris Noel, SVP of Product Management at ANXeBusiness, Read more... - Building an Arsenal of Best-in-Breed Database Security Solutions
Eric Schou - 八月 19, 2011
Visit any news site on the Web, and undoubtedly you’ll come across a barrage of articles publicizing the details of yet another data breach. With the prominence of SQL injection attacks, and malicious insiders and hackers exploiting sensitive data stored on unpatched and vulnerable databases, enterprise organizations have found themselves reevaluating their security strategies. Following Read more...