McAfee Change Control

McAfee Change Control

Prevent unauthorized changes while automating regulatory compliance controls

Overview

McAfee Change Control software eliminates change activity in server environments that can lead to security breaches, data loss, and outages. Change Control makes it easy to meet regulatory compliance requirements.

Gain continuous visibility and real-time management of changes — Protect critical system, configuration, and content files across distributed and remote locations by enabling instant change detection and providing sophisticated alerting mechanisms.

Prevent tampering with critical files and registry keys — Enforce change policies and block all unauthorized changes, whether attempted maliciously or in error.

Fulfill PCI DSS regulation requirements — Change Control File Integrity Monitoring (FIM) software lets you validate PCI compliance in real time. It includes out-of-the-box FIM rules that make it easy to get started, and includes QSA-friendly reports for simple PCI reporting.

Prevent change-related outages and delays — Block unauthorized changes, while emergency fixes and other out-of-process changes are automatically documented and reconciled for easier audits.

Get rid of resource-intensive compliance policies — Eliminate the need for manual, error-prone, and resource-intensive compliance policies that are often associated with SOX mandates and other regulations. With McAfee Change Reconciliation software (optional), Change Control lets you build an automated IT control framework in which all the information required to verify compliance is available in a single reporting system.

Gain centralized change management — Change Control integrates with McAfee ePolicy Orchestrator (McAfee ePO) software for centralized IT management.

Features & Benefits

Implement continuous file integrity monitoring

Comply with PCI DSS requirements with the Change Control File Integrity Monitoring (FIM) software, and continuously track changes to file and registry keys and identify who made changes to which files.

Block unwanted changes in your server environment

Protect critical system files, directories, and configurations from tampering with Change Control’s Change Prevention software. No changes to the server environment are permitted unless they are in accordance with set policies.

Gain control from a single console

Use Change Reconciliation software (optional) to integrate Change Control with enterprise management systems through McAfee ePolicy Orchestrator (McAfee ePO) software. Change Reconciliation software includes single-click integration with BMC Remedy.

Leverage small footprint and operational overhead

Enjoy negligible impact on server performance. Memory usage is low, there is no file scanning to affect system performance, the software is easy to set up, and its operational overhead is minimal.

System Requirements

Microsoft Windows

  • Embedded: XPE, 7E, WEPOS, POS Ready 2009, WES 2009, 8 Industry, 8.1
  • Server: 2008, 2008 R2, 2012, 2012 R2
  • Desktop: Vista, 7, 8, 8.1

Linux

  • RHEL/CentOS 5, 6
  • SUSE/openSUSE 10, 11
  • OEL 5, 6
  • Ubuntu 12.04

AIX

  • AIX 6.1, 7.1

Demos / Tutorials

Demos

Learn about McAfee Change Control features: integrity monitoring, change prevention, and reconciliation.

Use a single solution and achieve continuous compliance with McAfee Configuration Control.

Learn how McAfee Risk and Compliance products scan your entire network, providing complete visibility and ensuring proper protection.

News / Events

Resources

Data Sheets

McAfee Change Control

For a technical summary on the McAfee product listed above, please view the product data sheet.

Solution Briefs

Continuous Compliance Simplified

McAfee Configuration Control combines the advanced capabilities of McAfee Policy Auditor and McAfee Change Control to put you in command of your compliance requirements.

White Papers

From Silicon to the Data: A Multi-Point Approach for Protecting Cloud Environments

Intel and McAfee, along with industry partners, are providing comprehensive solutions to better address the challenges of security for cloud computing.

Taking Back Control in Today’s Complex Threat Landscape

This document discusses the role that integrity control plays in defending networks against attack through a focus on two key areas — controlling what applications are allowed to run and how they are run, and protecting systems on the network from configuration changes and mistakes that can allow serious vulnerabilities to be exploited.

The Case for Continuous Compliance

McAfee Configuration Control eliminates manual processes and point product integration, providing single-console control for meeting compliance requirements.

Community

Blogs

  • Shedding light on ‘Shadow IT’
    David Small - January 9, 2014

    BYOD, BYOA, BYOx. The IT industry is full of acronyms depicting its constant evolution and relationship with the professional world. First came the devices; employees saw the power of personal devices and insisted on using them in the workplace. And so the consumerisation of IT was born. After the devices came the apps. Companies reported […]

    The post Shedding light on ‘Shadow IT’ appeared first on McAfee.

  • Walking the Talk on Public-Private Partnerships
    Tom Gann - August 16, 2013

    There’s been a lot of talk about the value of public-private partnerships in moving the U.S. toward a more robust cyber security posture. And let’s be honest:  there’s also been a lot of private sector skepticism about how much the Administration really believed in the concept or how much they would do to make it […]

    The post Walking the Talk on Public-Private Partnerships appeared first on McAfee.

  • Five Factors That Make D.C. Region a Cybersecurity Hub
    Tom Gann - May 29, 2013

    McAfee is based in Silicon Valley, but we know there’s more to tech than California. We recently joined the National Institute of Standards and Technology to launch the National Cybersecurity Center of Excellence, a joint effort among high-tech business, federal, state and local government and local universities located in Rockville, Md. The goal of the […]

    The post Five Factors That Make D.C. Region a Cybersecurity Hub appeared first on McAfee.

  • Getting Assurance in a Time Constrained World
    McAfee - May 20, 2013

    Nothing is as frustrating as when something goes wrong, especially when you have time constraints.  NIST has just released Special Publication 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations where a few notable items have been added to increase the confidence that security, practices, procedures and architectures of information systems […]

    The post Getting Assurance in a Time Constrained World appeared first on McAfee.

  • Response Now as Important as Prevention
    Leon Erlanger - February 24, 2012

    The National Institute of Standards and Technology (NIST) has updated its Computer Security Incident Handling Guide to take into account the increasingly dire state of cyber security. As anyone who has followed the rush of high-profile incursions over the past year knows, it’s looking less and less possible to prevent the inevitable attack, no matter […]

    The post Response Now as Important as Prevention appeared first on McAfee.