McAfee Total Protection for Compliance

McAfee Total Protection for Compliance

IT ポリシーの監査とリスク管理の統合で、コンプライアンス対応を簡単に

次のステップ:

概要

McAfee Total Protection for Compliance は、エージェントベースとエージェントレスの技術を使用して、管理対象システムと管理対象外システムの監査、評価、報告を行います。IT 監査の所要時間を数週間から数日に短縮できます。

Total Protection for Compliance スイートは、McAfee Policy Auditor for Desktops、McAfee Vulnerability Manager、McAfee ePolicy Orchestrator (ePO)、McAfee Labs Global Threat Intelligence service、McAfee Risk Advisor から構成されたリスク管理ソリューションです。

セキュリティに対する投資の最適化 - この統合ソリューションでは、脅威、脆弱性、対応策の情報を組み合わせて、真に危険な資産をピンポイントで特定します。勘や経験に頼らず、対策が必要な場所を特定できるので、時間を短縮し、コストを削減できます。

統合された IT ポリシー監査による総合的な保護 - 1 つのソリューションで、様々なデバイスとデスクトップにポリシーを定義し、評価することができます。Total Protection for Compliance では、個別のプロセスを実行するのではなく、重要なツールを統合することで処理を効率化し、非対応状況を短い時間で解消できます。

テクノロジの統合 - エージェント ベースのスキャン、エージェントレスのスキャン、レポート機能が統合されています。ホスト システムのスナップショットを自動的に生成し、ポリシーを詳しく分析できます。 Total Protection for Compliance では、ネットワークのコンプライアンスからアカウント、ファイル、ネットワーク、システムに対するアクセス ポリシーを設定できます。

包括的なサポート - PCI DSS、SOX、FDCC。FISMA、HIPAA などの対応状況を評価し、報告できます。

コンプライアンス作業の簡素化 - カスタム ポリシーと検査により、特定のグループの資産を対象に検査を実行したり、テンプレートを選択して監査を実行できます。

特徴・利点

セキュリティとコンプライアンスの一元管理でコストを削減

McAfee ePolicy Orchestrator (ePO) により、リスクとコンプライアンスを自動化し、一元管理できます。この共有プラットフォームを使用して、システム セキュリティの配備と管理を行います。また、エージェント ベースのシステムとエージェントを使用しないシステムの対応状況を報告します。ポリシー ベンチマークを定義して選択し、異なるタイプの資産に適用できます。

監査時間の短縮

ホストとネットワーク システムの両方で、手間のかかる監査タスクを自動化します。内部レポートを外部監査で使用できます。

リアルタイムで正確なコンプライアンス

XCCDF や OVAL などのベンチマークを使用して、法規制に対する対応状況を評価できます。内部監査と外部監査で常に最新のデータを使用できます。

新しい情報で保護状態を評価

脅威情報と脆弱性、配備された対応策を関連付けることで、リスク状況を把握し、緊急性の高い修復箇所を特定できます。

セキュリティ製品の投資効果を分かりやすく表示

脅威を具体的に示しながら、多層型防御のメリットを説明できます。

運用効率の向上

危険な状態の重要資産と脅威を関連付ける作業は時間と手間のかかるプロセスです。これらのプロセスを自動化することで、パッチ適用のコストを削減できます。

システム要件

システム要件については、個々の Web ページをご覧ください。

McAfee ePolicy Orchestrator (ePO)

McAfee Policy Auditor

McAfee Vulnerability Manager

ニュース/イベント

リソース

FAQ

McAfee Client Proxy (英語)

This technical FAQ covers web protection for the mobile workforce.

インフォグラフィック

IDC Business Value Snapshot

This snapshot of the IDC white paper "The Business Value of Network-Based Intrusion Prevention Systems," provides key data about McAfee Network Security Platform performance.

ソリューション概要

Protecting Against Mobile App SSL Vulnerabilities (英語)

Many mobile apps are vulnerable to man-in-the-middle attacks. Learn how to protect against them.

Defeating the Angler Exploit Kit (英語)

The Angler exploit kit has become one of the most popular and powerful attack kits. Learn how to protect against it.

Protecting Against Potentially Unwanted Programs (英語)

PUPs are applications that have legitimate uses but have functions and behaviors that can be exploited against the user without the user’s consent. Learn about PUPs and how to contain them.

McAfee Threat Intelligence Exchange and Endpoint Protection (英語)

McAfee Threat Intelligence Exchange and McAfee Advanced Threat Defense work together to provide enterprises with automated, adaptive threats response, which reduces time-to-containment of malicious files. The moment a file is convicted, the entire security infrastructure is informed and updated immediately, providing greatly enhanced visibility and control, from endpoint to network.

A Well-Connected Sandbox (英語)

A well-connected sandbox that is integrated from the network edge to endpoints is one of the most effective defenses against today’s constantly morphing and evasive advanced threats. This brief explains how McAfee Advanced Threat Defense, when integrated with other Intel Security solutions, provides an effective defense against zero-day threats.

McAfee Next Generation Firewall Advanced Malware Protection (英語)

McAfee Next Generation Firewall provides superior network protection through intelligence aware security controls that leverage information from global sources as well as other solutions, including McAfee Global Threat Intelligence, McAfee Advanced Threat Defense, McAfee ePolicy Orchestrator, and McAfee Enterprise Security Manager.

McAfee Next Generation Firewall Built-in SSL VPN (英語)

McAfee Next Generation Firewall includes McAfee SSL VPN, providing users with lightweight, fine-grained connectivity to remote and mobile enterprise network resources. Client-based and clientless SSL VPN alternatives enable enterprises to secure traffic across a wide variety of use cases.

McAfee Next Generation Firewall — Botnet Prevention (英語)

Enterprises can bolster their defenses against botnets with McAfee Next Generation Firewall, which has built-in capabilities specifically for detecting and blocking botnet malware.

McAfee NGFW — Flexible and Scalable Security for Educational Institutions (英語)

McAfee Next Generation Firewall helps educational institutions to safeguard sensitive information and meet regulatory compliance while controlling IT costs. Advanced intelligence aware security controls leverage the latest threat information to guard against zero-day attacks and block persistent data breach attempts.

Secure the Data Center: Applying Next Generation Firewalls at the Edge and Core (英語)

Built to address challenges unique to virtualized and hybrid data center environments, McAfee Next Generation Firewall provides future-proof security, scalability, and performance to solve your most demanding problems. Advanced technologies secure access to mission critical applications, as well as lateral "east-west” traffic between servers.

Securing the Internet of Things (英語)

The Internet of Things (IoT, or Internet-connected smart devices) is rapidly changing the way we live and the way we do business. McAfee is working closely with OEMs to address the expanding security requirements of IoT devices for every layer—devices, connections, the cloud, and data centers.

Intel Securityと エンパシが小売業決済 システムのセキュリティ を強化

B2C取引の保護は現在でも重要な問題となっています。最近、米国のHome DepotやTarget Storesで発生した事件で明らかなように、セキュリティ侵害は重大なリスクとなります。顧客の信用や信頼を失うだけではありません。セキュリティ侵害が発生した企業は規制当局の調査を受け、マスコミや投資家の厳しい目にさらされることになります。決済システムOEMの大半がセキュリティ対策の実施を小売業者に任せていますが、このような組織の多くはIT/セキュリティ管理のリソースが不足しているのが現実です。

McAfee Endpoint Protection for SMB (英語)

McAfee Endpoint Protection for SMB—a part of the Intel Security product offering—contains the security performance and robust management of an endpoint product, in a solution that can be easily and cost-effectively rolled out and managed on-premises or through the cloud.

Advanced Threat Defense for the Email Gateway (英語)

Email is a vital communication vehicle for just about every business these days—and it is also a key threat vector for cybercrooks who are looking to steal valuable data or execute inbound attacks. As part of our unified, integrated Security Connected framework, McAfee Email Gateway and McAfee Advanced Threat Defense work together to find and freeze new, unknown, and stealthy advanced threats. For a complete end-to-end solution, add McAfee Real Time to the mix to quickly identify and fix systems impacted by advanced malware.

McAfee Advanced Threat Defense for McAfee Web Gateway (英語)

Social networks, cloud applications, and content-sharing sites have become essential business tools and IT organizations are struggling to make them safely accessible from inside and outside the corporate environment. Read this Solution Brief and see how McAfee Threat Defense for McAfee Web Gateway helps overcome the obstacles.

McAfee Enterprise Security Manager, Services Solutions for Managed Service Providers (MSPs) (英語)

McAfee Enterprise Security Manager offers the advanced scalability, flexibility, and control you need to protect your customers’ business, and grow yours.

User Classification Reduces Data Loss (英語)

Together, Boldon James Classifier and McAfee Network Data Loss Prevention reduce the risk of data loss by applying the insight of each knowledge worker to data loss prevention decisions. Classifier captures the user’s knowledge of the business value of data in the form of visual and metadata markings applied to messages and documents.

データシート

Avionics Security Assessment (英語)

The McAfee Foundstone Avionics Security Assessment — part of the Intel Security product and service offering — is designed to give you peace of mind that your avionics network is analyzed and fortified to reduce risk.

Embedded Systems Assessment (英語)

The McAfee Foundstone Embedded Systems Assessment — part of the Intel Security product and service offering — is designed to reduce risk by discovering security vulnerabilities in your embedded systems. It’s based on a proven methodology used by skilled consultants trained to analyze the critical components of any embedded system.

McAfee Content Security Reporter (英語)

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Endpoint Protection Suite (英語)

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee SIEM Supported Devices (英語)

For a technical summary on the McAfee product integration listed above, please view the product data sheet.

McAfee Web Gateway Appliance Specifications (英語)

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Advanced Threat Defense (英語)

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Endpoint Protection for SMB (英語)

For a technical summary on the McAfee product listed above, please view the product data sheet.

Enterprise Risk Assessment (英語)

The McAfee Foundstone Professional Services Enterprise Risk Assessment (ERA) 4-day, instructor-led course provides comprehensive, hands-on training for technology professionals seeking to elevate their skills and awareness around identifying security risks.

McAfee Solution Services — Advanced Threat Defense (英語)

For a technical summary on the McAfee product listed above, please view the product data sheet.

ホワイトペーパー

Securosis: Leveraging Threat Intelligence In Incident Response/Management (英語)

To contain an advanced attack you need to respond faster and smarter. Focusing on shortening the window between attack and detection, coupled with a solid plan to contain and remediate an attack provides the best chance to overcome the attack. This is one of the key pieces of knowledge for security experts.

The Business Value of Using McAfee IPS — IDC (英語)

In this white paper, leading market intelligence firm IDC provides a compelling view of the business value and benefits gained from using McAfee Network Security Platform. Derived from in-depth interviews with existing McAfee IPS customers, the report data shows how an IPS can provide cost and time savings across an organization.

Signature-less IPS: Secure Beyond the Signature (英語)

Learn how the McAfee signature-less intrusion prevention system (IPS) technology is changing the way malware is detected and blocked. Signature-based detection provides an important foundation for intrusion inspection, but a layered signature-less architecture greatly enhances malware detection and reduces the risk. Read about the seven signature-less detection methods McAfee offers and how they are transforming IPS.

Beyond Layer-7 Visibility: A Simpler Path to Endpoint Intelligence (英語)

Security products with layer-7 visibility are great. But in order to dramatically improve your understanding of security events, you need to extend your vision to the specific application processes responsible for initiating a connection. It’s something we call Beyond Layer-7 Visibility.

Microsoft Office 365 for the Enterprise: How to Strengthen Security, Compliance and Control - Osterman Research (英語)

Despite the range of functionality offered in Office 365, like any cloud-based offering, it cannot be all things to all customers. There are some missing features in Office 365 that will prompt some customers to consider the use of third-party, cloud-based, or on-premise tools to enhance Office 365’s native capabilities. In this white paper, Osterman Research dives into the current limitations of Office 365 with recommendations on how organizations can strengthen security, compliance, and control in their environment.

Should IT Vendor Consolidation Extend to Endpoint Security? (英語)

As IT organizations try to simplify vendor management, many are asking if consolidating on a single endpoint security vendor makes sense. It could hinge on the existence of an overall security framework. This white paper examines the questions IT executives should ask themselves and their security technology partners.

Healthcare-Friendly Security (英語)

This white paper addresses the need for healthcare-friendly security as a means of minimizing the potential for data breaches while enabling its safe, transit, and storage of patient information in a clinical setting. McAfee, a part of Intel Security, provides solutions that integrate security software with hardware to empower healthcare practitioners with flexible technology options that enable them to deliver the best possible care.

Low Hanging Fruits: The Top Five Easiest Ways to Hack or Get Hacked (英語)

How familiar are you with low-hanging fruit — the easiest ways for attackers to gain entry to your network and potentially run off with your valuable data? This white paper explores penetration tests that you can perform at your organization to gain an understanding of how to apply the proper defenses to prevent exploitation of the top five low-hanging fruit.

Achieving Security through Compliance (英語)

This paper will illustrate how a well-structured security governance program with fully developed and implemented policies, plans, and procedures will strengthen an organization’s security posture.

レポート

McAfee Labs Threats Report: February 2015 (英語)

McAfee Labs’ quarterly analysis of key threat topics and trends.

Hacking the Human Operating System (英語)

This in-depth report examines social engineering as an attack vector. It details the psychological levers employed by social engineers to influence victims, communication channels used for attacks, and controls businesses should establish to reduce risk.

人の心理や行動を悪用 するハッキング — エグゼクティブサマリー

This executive summary provides an overview of social engineering as an attack vector. It lists the psychological levers employed by social engineers to influence victims, communication channels used for attacks, and controls businesses should establish to reduce risk.

Gartner Report: Avoid These Dirty Dozen Network Security Worst Practices (英語)

This report identifies 12 commonly observed network security practices that reduce network availability, increase expenditure or risks, and alienate end users.

Gartner Report: Magic Quadrant for Endpoint Protection Platforms (英語)

Intel Security named a Leader in 2015 Gartner Magic Quadrant for Endpoint Protection Platforms.

McAfee rated in Gartner Critical Capabilities for SIEM. (英語)

As a companion to the Gartner Magic Quadrant for SIEM, the Gartner Critical Capabilities report for SIEM helps IT security organizations compare their requirements with the most common SIEM use cases. Discover in-depth how Gartner rates McAfee SIEM by critical capabilities.

NSS Labs Product Assessment Brief: McAfee Advanced Threat Defense (英語)

This report reviews McAfee Advanced Threat Defense, outlining strengths, weaknesses, opportunities and threats.

When Minutes Count (英語)

How experts fight advanced threats with real-time SIEM and identification of eight key indicators of attack.

Magic Quadrant for Intrusion Prevention Systems: Leader and Visionary (英語)

Leading research firm Gartner, Inc. has placed Intel Security in the leaders quadrant in its “Magic Quadrant for Intrusion Prevention Systems”. This marks the eighth consecutive time that McAfee was named a leader in this quadrant.

Phishing Deceives the Masses: Lessons Learned from a Global Assessment (英語)

This report takes an in-depth look at what can be learned from the McAfee Phishing Quiz, and how business can build defenses against phishing attacks.

Best Practices for Data Loss Prevention: A Process, Not a Technology (英語)

Most effective DLP solutions are implemented as a business process, rather than a “set and forget” technology. This latest Gartner report identifies some key challenges CISOs face and provides guidance on a business process approach to a successful DLP implementation.

25 years of firewalls. What's next? (英語)

2014 marked the 25th anniversary of the firewall. While this humble innovation has evolved to become one of the must-have solutions of today, the question is, are firewalls ready to deal with the security threats of the next 25 years? To get to the core of this question, Intel Security commissioned IBRS, an IT advisory services company located in Asia Pacific, to facilitate a series of roundtables in November 2014, where IT security managers and security executives discussed the evolution of firewalls and the future of this technology. This report is a summary and analysis of the key conversations covered at those events.