McAfee Total Protection for Compliance

McAfee Total Protection for Compliance

IT ポリシーの監査とリスク管理の統合で、コンプライアンス対応を簡単に

概要

McAfee Total Protection for Compliance は、エージェントベースとエージェントレスの技術を使用して、管理対象システムと管理対象外システムの監査、評価、報告を行います。IT 監査の所要時間を数週間から数日に短縮できます。

Total Protection for Compliance スイートは、McAfee Policy Auditor for Desktops、McAfee Vulnerability Manager、McAfee ePolicy Orchestrator (ePO)、McAfee Labs Global Threat Intelligence service、McAfee Risk Advisor から構成されたリスク管理ソリューションです。

セキュリティに対する投資の最適化 - この統合ソリューションでは、脅威、脆弱性、対応策の情報を組み合わせて、真に危険な資産をピンポイントで特定します。勘や経験に頼らず、対策が必要な場所を特定できるので、時間を短縮し、コストを削減できます。

統合された IT ポリシー監査による総合的な保護 - 1 つのソリューションで、様々なデバイスとデスクトップにポリシーを定義し、評価することができます。Total Protection for Compliance では、個別のプロセスを実行するのではなく、重要なツールを統合することで処理を効率化し、非対応状況を短い時間で解消できます。

テクノロジの統合 - エージェント ベースのスキャン、エージェントレスのスキャン、レポート機能が統合されています。ホスト システムのスナップショットを自動的に生成し、ポリシーを詳しく分析できます。 Total Protection for Compliance では、ネットワークのコンプライアンスからアカウント、ファイル、ネットワーク、システムに対するアクセス ポリシーを設定できます。

包括的なサポート - PCI DSS、SOX、FDCC。FISMA、HIPAA などの対応状況を評価し、報告できます。

コンプライアンス作業の簡素化 - カスタム ポリシーと検査により、特定のグループの資産を対象に検査を実行したり、テンプレートを選択して監査を実行できます。

特徴・利点

セキュリティとコンプライアンスの一元管理でコストを削減

McAfee ePolicy Orchestrator (ePO) により、リスクとコンプライアンスを自動化し、一元管理できます。この共有プラットフォームを使用して、システム セキュリティの配備と管理を行います。また、エージェント ベースのシステムとエージェントを使用しないシステムの対応状況を報告します。ポリシー ベンチマークを定義して選択し、異なるタイプの資産に適用できます。

監査時間の短縮

ホストとネットワーク システムの両方で、手間のかかる監査タスクを自動化します。内部レポートを外部監査で使用できます。

リアルタイムで正確なコンプライアンス

XCCDF や OVAL などのベンチマークを使用して、法規制に対する対応状況を評価できます。内部監査と外部監査で常に最新のデータを使用できます。

新しい情報で保護状態を評価

脅威情報と脆弱性、配備された対応策を関連付けることで、リスク状況を把握し、緊急性の高い修復箇所を特定できます。

セキュリティ製品の投資効果を分かりやすく表示

脅威を具体的に示しながら、多層型防御のメリットを説明できます。

運用効率の向上

危険な状態の重要資産と脅威を関連付ける作業は時間と手間のかかるプロセスです。これらのプロセスを自動化することで、パッチ適用のコストを削減できます。

システム要件

システム要件については、個々の Web ページをご覧ください。

ニュース/イベント

リソース

FAQ

McAfee Total Protection for Endpoint Suite (英語)

Suite End-of-Life (EOL) and Auto-Migration Q&A

インフォグラフィック

Improved healthcare shouldn't come with increased risk. (英語)

This infographic highlights the benefits and risks of the IoT in healthcare devices.

ソリューション概要

KIOSK and Intel Security Offer the Enhanced Security Suite (英語)

Kiosks offer consumers convenience and drive lower costs for deployers, but they are also on the frontline of a new cyberattack environment outside the perimeter of corporate networks. With Enhanced Security Suite, Intel Security and KIOSK Information Systems have joined forces to provide advanced security and compliance protection to self-services devices. Now you can secure and differentiate your self-service platform while addressing today’s most pressing customer issues.

McAfee Enterprise Security Manager, Services Solutions for Managed Service Providers (MSPs) (英語)

McAfee Enterprise Security Manager offers the advanced scalability, flexibility, and control you need to protect your customers’ business, and grow yours.

The 1-2-3- Security Approach for Windows Server 2003 EOS (英語)

End of Support for Windows Server 2003 is approaching, but that doesn’t mean your business has to lack security. Learn about the three migration paths available to remain compliant and secure.

Embrace Public Clouds with Confidence (英語)

Gain all of the benefits of public cloud services without compromising security. Learn how to secure your servers wherever they are with McAfee Public Cloud Server Security Suite.

McAfee SaaS Web Protection Service Solution Guide (英語)

Learn how the McAfee SaaS Web Protection service can help any business tap into the power and efficiency of the Internet while keeping threats—from inside and outside of the business—in check.

McAfee Web Reporter (英語)

McAfee Web Reporter provides a real-time view of web traffic, allowing enterprises to refine and enforce Internet use policies and ensure compliance.

McAfee Next Generation Firewall — Securing global healthcare networks (英語)

Learn how McAfee Next Generation Firewall secures global healthcare networks with the highest level of network defense while enabling greater efficiency and cost savings.

McAfee Next Generation Firewall — Securing global retail networks (英語)

Discover how McAfee Next Generation Firewall provides a high level of network protection for global retail environments across multiple geographic locations.

Advanced Threat Defense for SIEM (英語)

When advanced detection solutions, known as sandboxes, collaborate with SIEM solutions, enterprises can better understand and respond to unknown, advanced attacks. McAfee Advanced Threat Defense and McAfee Enterprise Security Manager work in concert to extract relevant data from advanced malware and dramatically reduce time to response by minimizing uncertainty and accelerating remediation.

Management of Native Encryption (英語)

With the rapid increase of PCs, tablets, and other devices in the enterprise environment, it’s critical to ensure that sensitive data is secure, and one of the best ways to achieve it is with encryption. Intel Security data protection solutions offer a variety of encryption capabilities and solutions to cover both Windows and Apple devices.

望ましくない進化

Learn how to protect against polymorphic worms like W/32Worm-AAEH.

モバイル アプリの 脆弱なSSLに対する 攻撃を阻止する

Many mobile apps are vulnerable to man-in-the-middle attacks. Learn how to protect against them.

Defeating the Angler Exploit Kit

The Angler exploit kit has become one of the most popular and powerful attack kits. Learn how to protect against it.

Protecting Against Potentially Unwanted Programs

PUPs are applications that have legitimate uses but have functions and behaviors that can be exploited against the user without the user’s consent. Learn about PUPs and how to contain them.

データシート

McAfee Endpoint Protection for OEMs (英語)

For a technical summary on the McAfee product listed above, please view the product data sheet.

Building Secure Software (英語)

For a technical summary on the McAfee service listed above, please view the data sheet.

McAfee Advanced Threat Defense (英語)

For a technical summary on the McAfee product listed above, please view the product data sheet.

Enterprise Log Manager

上に表示されているマカフィー製品の技術概要は製品データシートをご参照ください

McAfee Network Security Platform (NS-Series)

上に表示されているマカフィー製品の技術概要は製品データシートをご参照ください

McAfee Public Cloud Server Security Suite

上に表示されているマカフィー製品の技術概要は製品データシートをご参照ください

McAfee Security Information and Event Management (SIEM) Administration (英語)

McAfee MOVE AntiVirus

上に表示されているマカフィー製品の技術概要は製品データシートをご参照ください

Avionics Security Assessment (英語)

The McAfee Foundstone Avionics Security Assessment — part of the Intel Security product and service offering — is designed to give you peace of mind that your avionics network is analyzed and fortified to reduce risk.

Embedded Systems Assessment (英語)

The McAfee Foundstone Embedded Systems Assessment — part of the Intel Security product and service offering — is designed to reduce risk by discovering security vulnerabilities in your embedded systems. It’s based on a proven methodology used by skilled consultants trained to analyze the critical components of any embedded system.

ブローシャ

マカフィーの最新ネットワークセキュリティのご案内

現在導入しているマカフィー製品に、McAfee Advanced Threat Defense を組み合わせることで、標的型攻撃で使用されるような検知が困難とされている未知のマルウェアに対しても、強力な検知と防御を実現します。 また、少ない人員でも効率的なセキュリティ対策を構築するのに役立つSIEM(Security Information and Event Management)は不審な情報への気づきを強化し、対策の早期実現に貢献します。

Protect, Detect, Correct: Security Connected for Healthcare Providers (英語)

The Security Connected framework enables healthcare providers to operate more successfully and securely in their complex, heterogeneous environments. This approach helps healthcare providers take charge and secure sensitive data; safely embrace web portals, web services, and mobile devices; leverage situation awareness to better manage security incidents; and maintain compliance with strict industry mandates and regulations.

McAfee Product Entitlement Definitions (英語)

This document contains legal definitions that apply to McAfee products and solutions.

ホワイトペーパー

Protect Critical Assets with Virtual Patching (英語)

This white paper discusses virtual patching and how using predictive threat coverage, automated vulnerability scanning, and risk visualization is a scalable and cost-effective approach to protecting critical assets.

Best Practices for Dealing with Phishing and Next-Generation Malware (英語)

To combat phishing attempts and next-generation malware, organizations of all sizes should consider a variety of issues related to security. This Osterman white paper shows trends in how malware infiltrates organizations, efficacy of security technology and user training, and a variety of actions that organizations should undertake.

Best Practices for Migrating to Office 365 (英語)

This white paper is intended to help decision makers understand the implications of migrating to Microsoft Office 365 and offers practical advice for doing so. It also provides data from a survey of current and prospective Office 365-enabled organizations conducted specifically for this white paper in March 2015.

Real-World Data Breach Protection Techniques

This white paper explains the strategies and techniques used by McAfee Network Data Loss Prevention to protect data-in-motion. Understand the importance of both the content and context of sensitive data when detecting and preventing data exfiltration.

Securosis: Applied Threat Intelligence (英語)

One of the most compelling uses for threat intelligence is helping to detect attacks earlier. Examining for attack patterns identified via threat intelligence in your security monitoring and analytics processes shortens the window between compromise and detection. This Securosis white paper focuses on how to use threat intelligence to improve your ability to detect, prevent, and investigate attacks.

Protecting Mobile Devices from Malware Attack — An Osterman Research White Paper (英語)

How can you protect your employees’ computers against malware attack regardless of their location? How can you enforce acceptable usage policies for employees located remotely or mobile? The best way to protect against web threats is to redirect all web traffic through a proxy or web gateway that can block blacklisted or unsuitable sites, filter malware downloads, and enforce rules preventing sensitive data from being lost. In this white paper, Osterman Research describes the four ways to reroute web traffic from a mobile device or remote computer through a gateway, and highlights the strengths and weaknesses of each approach.

Secure Coding for Android Applications (英語)

More than one billion Android devices have been activated to date, and it’s estimate that 1.4 million devices are activated per day. The rapidly increasing popularity of this mobile OS demands that developers understand how to create secure Android applications. This white paper focuses on secure coding practices for Android applications.

PCI Guidance: Microsoft Windows Logging (英語)

This paper discusses what is involved in establishing logging for Microsoft Windows systems, and discusses how those settings will also be useful in detecting system anomalies that could be indicative of system misuse or even a system breach.

Securosis: Leveraging Threat Intelligence In Incident Response/Management (英語)

To contain an advanced attack you need to respond faster and smarter. Focusing on shortening the window between attack and detection, coupled with a solid plan to contain and remediate an attack provides the best chance to overcome the attack. This is one of the key pieces of knowledge for security experts.

レポート

Market Quadrant: McAfee Advanced Threat Defense is Top Player (英語)

This edition of Radicati Market Quadrants reviews products that offer protection from advanced persistent threats.

Throughput and Scalability Report McAfee NGFW 5206 — Miercom (英語)

Independent testing lab Miercom performed comprehensive throughput and scalability testing on the McAfee NGFW 5206 appliance. Testing was performed with application control, deep packet inspection, antivirus enabled, and in configurations of one to four clusters.

ESG Lab Validation Report: McAfee Next Generation SIEM (英語)

ESG Lab focused on the McAfee Enterprise Security Manager (ESM), the core product of McAfee’s end-to-end solution for addressing comprehensive threat detection and remediation. Testing was designed to explore how the solution accurately detects advanced threats using a layered approach, the speed and effectiveness of responding to an attack, and the operational efficiencies of this integrated solution.

ESG Report: Tackling Attack Detection and Incident Response (英語)

This report examines organizations’ security strategies, cyber-attack environments, incident response challenges and needs. A survey found that security professionals are inundated with security incidents and struggle with timely identification and resolution of targeted attacks. A lack of visibility into user and network activity, shortage of investigative skills and experience, and poor security analytics capabilities are key factors in slowing organizations’ response to incidents.

検出が困難な: ポリモーフィック型 ボットネット

This in-depth report discusses the polymorphic worm W/32Worm-AAEH, the control infrastructure behind it, and what it took to take it down.

SANS Data Center Server Security Survey 2014 (英語)

Learn how organizations are tackling the difficult problem of data center security, as well as the best practices for meeting data center compliance demands while reducing overall risk and management complexity.

Gartner Digital Newsletter: Best Practices Against Advanced Threats (英語)

The newsletter includes access to Gartner research ‘Five Styles of Advanced Threat Defense’ and discusses how Intel Security solutions help organizations with every aspect of their advanced threat defense strategy and has uniquely integrated them to provide a powerful security platform.

The Healthcare Internet of Things: Rewards and Risks (英語)

This report makes the case that industry must build security into healthcare devices and networks from the outset rather than as an afterthought.

レポートサマリー — 医療業界におけるIoT: メリットとリスク

医療機器に最初からセキュリティを組み込む必要性

McAfee脅威レポート:2014年第4四半期

マカフィー製品の様々なレポートを掲載しています。詳細は上のリンクをご参照ください。

Hacking the Human Operating System (英語)

This in-depth report examines social engineering as an attack vector. It details the psychological levers employed by social engineers to influence victims, communication channels used for attacks, and controls businesses should establish to reduce risk.

設計と実装

Data Center Design Guide: Implement McAfee Next Generation Firewall with Cisco Nexus 9000 Series Switches (英語)

The Data Center Design Guide provides information about design considerations and implementation steps when deploying McAfee Next Generation Firewall in a data center. The scenarios in this document were designed to simulate a typical data center deployment and were validated in an internal test environment at McAfee. Customers can use these best practices to design and implement similar configurations in their environments.