McAfee Total Protection for Compliance

McAfee Total Protection for Compliance

IT ポリシーの監査とリスク管理の統合で、コンプライアンス対応を簡単に

概要

McAfee Total Protection for Compliance は、エージェントベースとエージェントレスの技術を使用して、管理対象システムと管理対象外システムの監査、評価、報告を行います。IT 監査の所要時間を数週間から数日に短縮できます。

Total Protection for Compliance スイートは、McAfee Policy Auditor for Desktops、McAfee Vulnerability Manager、McAfee ePolicy Orchestrator (ePO)、McAfee Labs Global Threat Intelligence service、McAfee Risk Advisor から構成されたリスク管理ソリューションです。

セキュリティに対する投資の最適化 - この統合ソリューションでは、脅威、脆弱性、対応策の情報を組み合わせて、真に危険な資産をピンポイントで特定します。勘や経験に頼らず、対策が必要な場所を特定できるので、時間を短縮し、コストを削減できます。

統合された IT ポリシー監査による総合的な保護 - 1 つのソリューションで、様々なデバイスとデスクトップにポリシーを定義し、評価することができます。Total Protection for Compliance では、個別のプロセスを実行するのではなく、重要なツールを統合することで処理を効率化し、非対応状況を短い時間で解消できます。

テクノロジの統合 - エージェント ベースのスキャン、エージェントレスのスキャン、レポート機能が統合されています。ホスト システムのスナップショットを自動的に生成し、ポリシーを詳しく分析できます。 Total Protection for Compliance では、ネットワークのコンプライアンスからアカウント、ファイル、ネットワーク、システムに対するアクセス ポリシーを設定できます。

包括的なサポート - PCI DSS、SOX、FDCC。FISMA、HIPAA などの対応状況を評価し、報告できます。

コンプライアンス作業の簡素化 - カスタム ポリシーと検査により、特定のグループの資産を対象に検査を実行したり、テンプレートを選択して監査を実行できます。

特徴・利点

セキュリティとコンプライアンスの一元管理でコストを削減

McAfee ePolicy Orchestrator (ePO) により、リスクとコンプライアンスを自動化し、一元管理できます。この共有プラットフォームを使用して、システム セキュリティの配備と管理を行います。また、エージェント ベースのシステムとエージェントを使用しないシステムの対応状況を報告します。ポリシー ベンチマークを定義して選択し、異なるタイプの資産に適用できます。

監査時間の短縮

ホストとネットワーク システムの両方で、手間のかかる監査タスクを自動化します。内部レポートを外部監査で使用できます。

リアルタイムで正確なコンプライアンス

XCCDF や OVAL などのベンチマークを使用して、法規制に対する対応状況を評価できます。内部監査と外部監査で常に最新のデータを使用できます。

新しい情報で保護状態を評価

脅威情報と脆弱性、配備された対応策を関連付けることで、リスク状況を把握し、緊急性の高い修復箇所を特定できます。

セキュリティ製品の投資効果を分かりやすく表示

脅威を具体的に示しながら、多層型防御のメリットを説明できます。

運用効率の向上

危険な状態の重要資産と脅威を関連付ける作業は時間と手間のかかるプロセスです。これらのプロセスを自動化することで、パッチ適用のコストを削減できます。

システム要件

システム要件については、個々の Web ページをご覧ください。

McAfee ePolicy Orchestrator (ePO)

McAfee Policy Auditor

McAfee Vulnerability Manager

ニュース/イベント

リソース

FAQ

McAfee Client Proxy (英語)

This technical FAQ covers web protection for the mobile workforce.

インフォグラフィック

Improved healthcare shouldn't come with increased risk. (英語)

This infographic highlights the benefits and risks of the IoT in healthcare devices.

IDC Business Value Snapshot

This snapshot of the IDC white paper "The Business Value of Network-Based Intrusion Prevention Systems," provides key data about McAfee Network Security Platform performance.

ソリューション概要

Advanced Threat Defense for SIEM (英語)

When advanced detection solutions, known as sandboxes, collaborate with SIEM solutions, enterprises can better understand and respond to unknown, advanced attacks. McAfee Advanced Threat Defense and McAfee Enterprise Security Manager work in concert to extract relevant data from advanced malware and dramatically reduce time to response by minimizing uncertainty and accelerating remediation.

Management of Native Encryption (英語)

With the rapid increase of PCs, tablets, and other devices in the enterprise environment, it’s critical to ensure that sensitive data is secure, and one of the best ways to achieve it is with encryption. Intel Security data protection solutions offer a variety of encryption capabilities and solutions to cover both Windows and Apple devices.

モバイル アプリの 脆弱なSSLに対する 攻撃を阻止する

Many mobile apps are vulnerable to man-in-the-middle attacks. Learn how to protect against them.

Defeating the Angler Exploit Kit (英語)

The Angler exploit kit has become one of the most popular and powerful attack kits. Learn how to protect against it.

Protecting Against Potentially Unwanted Programs (英語)

PUPs are applications that have legitimate uses but have functions and behaviors that can be exploited against the user without the user’s consent. Learn about PUPs and how to contain them.

McAfee Threat Intelligence Exchange and Endpoint Protection (英語)

McAfee Threat Intelligence Exchange delivers innovative endpoint protection with a system that adapts and learns from threat encounters, and immediately neutralizes emerging attacks.

A Well-Connected Sandbox (英語)

A well-connected sandbox that is integrated from the network edge to endpoints is one of the most effective defenses against today’s constantly morphing and evasive advanced threats. This brief explains how McAfee Advanced Threat Defense, when integrated with other Intel Security solutions, provides an effective defense against zero-day threats.

McAfee Next Generation Firewall Advanced Malware Protection (英語)

McAfee Next Generation Firewall provides superior network protection through intelligence aware security controls that leverage information from global sources as well as other solutions, including McAfee Global Threat Intelligence, McAfee Advanced Threat Defense, McAfee ePolicy Orchestrator, and McAfee Enterprise Security Manager.

McAfee Next Generation Firewall Built-in SSL VPN (英語)

McAfee Next Generation Firewall includes McAfee SSL VPN, providing users with lightweight, fine-grained connectivity to remote and mobile enterprise network resources. Client-based and clientless SSL VPN alternatives enable enterprises to secure traffic across a wide variety of use cases.

McAfee Next Generation Firewall — Botnet Prevention (英語)

Enterprises can bolster their defenses against botnets with McAfee Next Generation Firewall, which has built-in capabilities specifically for detecting and blocking botnet malware.

McAfee NGFW — Flexible and Scalable Security for Educational Institutions (英語)

McAfee Next Generation Firewall helps educational institutions to safeguard sensitive information and meet regulatory compliance while controlling IT costs. Advanced intelligence aware security controls leverage the latest threat information to guard against zero-day attacks and block persistent data breach attempts.

Secure the Data Center: Applying Next Generation Firewalls at the Edge and Core (英語)

Built to address challenges unique to virtualized and hybrid data center environments, McAfee Next Generation Firewall provides future-proof security, scalability, and performance to solve your most demanding problems. Advanced technologies secure access to mission critical applications, as well as lateral "east-west” traffic between servers.

Securing the Internet of Things (英語)

The Internet of Things (IoT, or Internet-connected smart devices) is rapidly changing the way we live and the way we do business. McAfee is working closely with OEMs to address the expanding security requirements of IoT devices for every layer—devices, connections, the cloud, and data centers.

Intel Securityと エンパシが小売業決済 システムのセキュリティ を強化

B2C取引の保護は現在でも重要な問題となっています。最近、米国のHome DepotやTarget Storesで発生した事件で明らかなように、セキュリティ侵害は重大なリスクとなります。顧客の信用や信頼を失うだけではありません。セキュリティ侵害が発生した企業は規制当局の調査を受け、マスコミや投資家の厳しい目にさらされることになります。決済システムOEMの大半がセキュリティ対策の実施を小売業者に任せていますが、このような組織の多くはIT/セキュリティ管理のリソースが不足しているのが現実です。

McAfee Endpoint Protection for SMB (英語)

McAfee Endpoint Protection for SMB—a part of the Intel Security product offering—contains the security performance and robust management of an endpoint product, in a solution that can be easily and cost-effectively rolled out and managed on-premises or through the cloud.

Advanced Threat Defense for the Email Gateway (英語)

Email is a vital communication vehicle for just about every business these days—and it is also a key threat vector for cybercrooks who are looking to steal valuable data or execute inbound attacks. As part of our unified, integrated Security Connected framework, McAfee Email Gateway and McAfee Advanced Threat Defense work together to find and freeze new, unknown, and stealthy advanced threats. For a complete end-to-end solution, add McAfee Real Time to the mix to quickly identify and fix systems impacted by advanced malware.

データシート

Enterprise Log Manager (英語)

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Network Security Platform (NS-Series) (英語)

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Public Cloud Server Security Suite (英語)

For a technical summary on the McAfee product integration listed above, please view the product data sheet.

Avionics Security Assessment (英語)

The McAfee Foundstone Avionics Security Assessment — part of the Intel Security product and service offering — is designed to give you peace of mind that your avionics network is analyzed and fortified to reduce risk.

Embedded Systems Assessment (英語)

The McAfee Foundstone Embedded Systems Assessment — part of the Intel Security product and service offering — is designed to reduce risk by discovering security vulnerabilities in your embedded systems. It’s based on a proven methodology used by skilled consultants trained to analyze the critical components of any embedded system.

McAfee Content Security Reporter (英語)

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Endpoint Protection Suite (英語)

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Network Security Platform (M-Series) (英語)

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee SIEM Supported Devices (英語)

For a technical summary on the McAfee product integration listed above, please view the product data sheet.

McAfee Web Gateway Appliance Specifications (英語)

For a technical summary on the McAfee product listed above, please view the product data sheet.

ホワイトペーパー

PCI Guidance: Microsoft Windows Logging (英語)

This paper discusses what is involved in establishing logging for Microsoft Windows systems, and discusses how those settings will also be useful in detecting system anomalies that could be indicative of system misuse or even a system breach.

Securosis: Leveraging Threat Intelligence In Incident Response/Management (英語)

To contain an advanced attack you need to respond faster and smarter. Focusing on shortening the window between attack and detection, coupled with a solid plan to contain and remediate an attack provides the best chance to overcome the attack. This is one of the key pieces of knowledge for security experts.

The Business Value of Using McAfee IPS — IDC (英語)

In this white paper, leading market intelligence firm IDC provides a compelling view of the business value and benefits gained from using McAfee Network Security Platform. Derived from in-depth interviews with existing McAfee IPS customers, the report data shows how an IPS can provide cost and time savings across an organization.

Signature-less IPS: Secure Beyond the Signature (英語)

Learn how the McAfee signature-less intrusion prevention system (IPS) technology is changing the way malware is detected and blocked. Signature-based detection provides an important foundation for intrusion inspection, but a layered signature-less architecture greatly enhances malware detection and reduces the risk. Read about the seven signature-less detection methods McAfee offers and how they are transforming IPS.

Beyond Layer-7 Visibility: A Simpler Path to Endpoint Intelligence (英語)

Security products with layer-7 visibility are great. But in order to dramatically improve your understanding of security events, you need to extend your vision to the specific application processes responsible for initiating a connection. It’s something we call Beyond Layer-7 Visibility.

Microsoft Office 365 for the Enterprise: How to Strengthen Security, Compliance and Control - Osterman Research (英語)

Despite the range of functionality offered in Office 365, like any cloud-based offering, it cannot be all things to all customers. There are some missing features in Office 365 that will prompt some customers to consider the use of third-party, cloud-based, or on-premise tools to enhance Office 365’s native capabilities. In this white paper, Osterman Research dives into the current limitations of Office 365 with recommendations on how organizations can strengthen security, compliance, and control in their environment.

Should IT Vendor Consolidation Extend to Endpoint Security? (英語)

As IT organizations try to simplify vendor management, many are asking if consolidating on a single endpoint security vendor makes sense. It could hinge on the existence of an overall security framework. This white paper examines the questions IT executives should ask themselves and their security technology partners.

Healthcare-Friendly Security (英語)

This white paper addresses the need for healthcare-friendly security as a means of minimizing the potential for data breaches while enabling its safe, transit, and storage of patient information in a clinical setting. McAfee, a part of Intel Security, provides solutions that integrate security software with hardware to empower healthcare practitioners with flexible technology options that enable them to deliver the best possible care.

Low Hanging Fruits: The Top Five Easiest Ways to Hack or Get Hacked (英語)

How familiar are you with low-hanging fruit — the easiest ways for attackers to gain entry to your network and potentially run off with your valuable data? This white paper explores penetration tests that you can perform at your organization to gain an understanding of how to apply the proper defenses to prevent exploitation of the top five low-hanging fruit.

Achieving Security through Compliance (英語)

This paper will illustrate how a well-structured security governance program with fully developed and implemented policies, plans, and procedures will strengthen an organization’s security posture.

レポート

Gartner Digital Newsletter: Best Practices Against Advanced Threats (英語)

The newsletter includes access to Gartner research ‘Five Styles of Advanced Threat Defense’ and discusses how Intel Security solutions help organizations with every aspect of their advanced threat defense strategy and has uniquely integrated them to provide a powerful security platform.

The Healthcare Internet of Things: Rewards and Risks (英語)

This report makes the case that industry must build security into healthcare devices and networks from the outset rather than as an afterthought.

レポートサマリー — 医療業界におけるIoT: メリットとリスク

医療機器に最初からセキュリティを組み込む必要性

McAfee脅威レポート:2014年第4四半期

マカフィー製品の様々なレポートを掲載しています。詳細は上のリンクをご参照ください。

Hacking the Human Operating System (英語)

This in-depth report examines social engineering as an attack vector. It details the psychological levers employed by social engineers to influence victims, communication channels used for attacks, and controls businesses should establish to reduce risk.

人の心理や行動を悪用 するハッキング — エグゼクティブサマリー

ソーシャル エンジニアリングの脅威は蔓延しています。サイバー犯罪者は、ソーシャル エンジニアリングで 不正に情報を入手し、犯罪行為に利用しています。この脅威に対処するには、ソーシャル エンジニアリングの特性をよく理解する必要があります。攻撃者、手口、リソースなどを把握し、リスクを回避するための手段を講じる必要があります。

Gartner Report: Avoid These Dirty Dozen Network Security Worst Practices (英語)

This report identifies 12 commonly observed network security practices that reduce network availability, increase expenditure or risks, and alienate end users.

Gartner Report: Magic Quadrant for Endpoint Protection Platforms (英語)

Intel Security named a Leader in 2015 Gartner Magic Quadrant for Endpoint Protection Platforms.

McAfee rated in Gartner Critical Capabilities for SIEM. (英語)

As a companion to the Gartner Magic Quadrant for SIEM, the Gartner Critical Capabilities report for SIEM helps IT security organizations compare their requirements with the most common SIEM use cases. Discover in-depth how Gartner rates McAfee SIEM by critical capabilities.

NSS Labs Product Assessment Brief: McAfee Advanced Threat Defense (英語)

This report reviews McAfee Advanced Threat Defense, outlining strengths, weaknesses, opportunities and threats.

小冊子

McAfee Product Entitlement Definitions (英語)

This document contains legal definitions that apply to McAfee products and solutions.