McAfee Total Protection for Compliance

McAfee Total Protection for Compliance

IT ポリシーの監査とリスク管理の統合で、コンプライアンス対応を簡単に

概要

McAfee Total Protection for Compliance は、エージェントベースとエージェントレスの技術を使用して、管理対象システムと管理対象外システムの監査、評価、報告を行います。IT 監査の所要時間を数週間から数日に短縮できます。

Total Protection for Compliance スイートは、McAfee Policy Auditor for Desktops、McAfee Vulnerability Manager、McAfee ePolicy Orchestrator (ePO)、McAfee Labs Global Threat Intelligence service、McAfee Risk Advisor から構成されたリスク管理ソリューションです。

セキュリティに対する投資の最適化 - この統合ソリューションでは、脅威、脆弱性、対応策の情報を組み合わせて、真に危険な資産をピンポイントで特定します。勘や経験に頼らず、対策が必要な場所を特定できるので、時間を短縮し、コストを削減できます。

統合された IT ポリシー監査による総合的な保護 - 1 つのソリューションで、様々なデバイスとデスクトップにポリシーを定義し、評価することができます。Total Protection for Compliance では、個別のプロセスを実行するのではなく、重要なツールを統合することで処理を効率化し、非対応状況を短い時間で解消できます。

テクノロジの統合 - エージェント ベースのスキャン、エージェントレスのスキャン、レポート機能が統合されています。ホスト システムのスナップショットを自動的に生成し、ポリシーを詳しく分析できます。 Total Protection for Compliance では、ネットワークのコンプライアンスからアカウント、ファイル、ネットワーク、システムに対するアクセス ポリシーを設定できます。

包括的なサポート - PCI DSS、SOX、FDCC。FISMA、HIPAA などの対応状況を評価し、報告できます。

コンプライアンス作業の簡素化 - カスタム ポリシーと検査により、特定のグループの資産を対象に検査を実行したり、テンプレートを選択して監査を実行できます。

特徴・利点

セキュリティとコンプライアンスの一元管理でコストを削減

McAfee ePolicy Orchestrator (ePO) により、リスクとコンプライアンスを自動化し、一元管理できます。この共有プラットフォームを使用して、システム セキュリティの配備と管理を行います。また、エージェント ベースのシステムとエージェントを使用しないシステムの対応状況を報告します。ポリシー ベンチマークを定義して選択し、異なるタイプの資産に適用できます。

監査時間の短縮

ホストとネットワーク システムの両方で、手間のかかる監査タスクを自動化します。内部レポートを外部監査で使用できます。

リアルタイムで正確なコンプライアンス

XCCDF や OVAL などのベンチマークを使用して、法規制に対する対応状況を評価できます。内部監査と外部監査で常に最新のデータを使用できます。

新しい情報で保護状態を評価

脅威情報と脆弱性、配備された対応策を関連付けることで、リスク状況を把握し、緊急性の高い修復箇所を特定できます。

セキュリティ製品の投資効果を分かりやすく表示

脅威を具体的に示しながら、多層型防御のメリットを説明できます。

運用効率の向上

危険な状態の重要資産と脅威を関連付ける作業は時間と手間のかかるプロセスです。これらのプロセスを自動化することで、パッチ適用のコストを削減できます。

システム要件

システム要件については、個々の Web ページをご覧ください。

ニュース/イベント

リソース

ソリューション概要

Disrupt Targeted Attacks (英語)

Intel Security recommends that you unify the protect, detect, and correct stages of managing threats so you can build a comprehensive security model to combat targeted attacks. While each stage has its own unique set of tactics, they all work together to provide context and leverage insights. This concept—an adaptive security model—applies learning immediately throughout a collaborative architecture and provides the overall cyber-resilience required to outmaneuver adversaries, contain intrusions quickly, and avoid excessive financial damage.

Create a Least Risk Microsoft Windows Desktop (英語)

Avecto Privilege Guard and McAfee ePolicy Orchestrator (ePO) software enable organizations worldwide to deploy secure and compliant desktops—without compromising a user's ability to perform their day to day tasks.

Secure Network-Attached Storage (英語)

McAfee offers cost-effective solutions for securing your data, files, and peace of mind, no matter how large or how diverse your storage environment.

Keep Your Data Safe for Office 365 (英語)

McAfee DLP offers expansive, yet flexible, polices and templates that can help address risky employee behavior by protecting sensitive data from day-today user actions.

Protocol-Based IPS Architecture (英語)

This brief discusses the Intel Security approach to protocol-based Intrusion Prevention System inspection and how it differs from other security vendors. Intel Security uses protocol inspection as the foundation of IPS solutions and builds advanced intelligence on top of this architecture to provide superior protection and IPS performance.

Adobe Flash エクスプロイトの阻止

Policies, procedures, and products that can protect against firmware attacks.

McAfee Network Security Platform for the Data Center (英語)

McAfee Network Security Platform combines extraordinary performance, advanced signature-less inspection, deep integration with other security systems, intelligent central management, and scalability to secure the very largest environments, making it the IPS of choice for the world’s most demanding data centers.

ランサムウェアから 大切なデータを守

Learn how to stop ransomware before it strikes.

ファームウェ /BIOS 操作に対する対策

A practical approach to detect and protect against Adobe Flash exploits.

マイナンバー セキュリティ対策 ソリューションガイド

住民票を持つすべての人に1つの番号が付与されるマイナンバー制度(社会保障・税番号制度)。この制度に対応するため、マイナンバーの取扱いについて定めたガイドラインが出されています。本ソリューションガイドではガイドラインの要件に対応するために必要な技術の項目のうち、特に「外部からの不正アクセス等の防止」策を中心に解説しています。

KIOSK and Intel Security Offer the Enhanced Security Suite (英語)

Kiosks offer consumers convenience and drive lower costs for deployers, but they are also on the frontline of a new cyberattack environment outside the perimeter of corporate networks. With Enhanced Security Suite, Intel Security and KIOSK Information Systems have joined forces to provide advanced security and compliance protection to self-services devices. Now you can secure and differentiate your self-service platform while addressing today’s most pressing customer issues.

McAfee Enterprise Security Manager, Services Solutions for Managed Service Providers (MSPs) (英語)

McAfee Enterprise Security Manager offers the advanced scalability, flexibility, and control you need to protect your customers’ business, and grow yours.

McAfee Next Generation Firewall Application Layer Exfiltration Protection (英語)

McAfee Next Generation Firewall uses Application Layer Exfiltration Protection technology to get detailed insight into endpoint processes, users, and connections, enabling highly granular control of applications and the connections they attempt to establish.

The 1-2-3- Security Approach for Windows Server 2003 EOS (英語)

End of Support for Windows Server 2003 is approaching, but that doesn’t mean your business has to lack security. Learn about the three migration paths available to remain compliant and secure.

データシート

McAfee SIEM Supported Devices (英語)

For a technical summary on the McAfee product integration listed above, please view the product data sheet.

McAfee Complete Data Protection — Essential

上に表示されているマカフィー製品の技術概要は製品データシートをご参照ください

McAfee DLP Endpoint

上に表示されているマカフィー製品の技術概要は製品データシートをご参照ください

McAfee ePolicy Orchestrator

上に表示されているマカフィー製品の技術概要は製品データシートをご参照ください

McAfee Next Generation Firewall

上に表示されているマカフィー製品の技術概要は製品データシートをご参照ください

Application Threat Modeling, including Architecture and Design Assessment (英語)

For a technical summary on the McAfee service listed above, please view the data sheet.

Emergency Incident Response (英語)

For a technical summary on the McAfee service listed above, please view the data sheet.

External Security Assessment (英語)

For a technical summary on the McAfee service listed above, please view the data sheet.

Forensic Investigation (英語)

For a technical summary on the McAfee service listed above, please view the data sheet.

Host Security Configuration Assessment (英語)

For a technical summary on the McAfee service listed above, please view the data sheet.

Incident Response Program Development (英語)

For a technical summary on the McAfee service listed above, please view the data sheet.

McAfee Advanced Threat Defense

上に表示されているマカフィー製品の技術概要は製品データシートをご参照ください

McAfee Endpoint Protection for OEMs (英語)

For a technical summary on the McAfee product listed above, please view the product data sheet.

Professional Services Data Risk Assessment (英語)

Identify the risks to your vital information that exist within your organization so that you can take appropriate measures to prevent exposure and potentially damaging consequences.

Risk Assessment (英語)

For a technical summary on the McAfee service listed above, please view the data sheet.

Strategic Security Roadmap Planning (英語)

For a technical summary on the McAfee service listed above, please view the data sheet.

Virtual Infrastructure Security Assessment (英語)

For a technical summary on the McAfee service listed above, please view the data sheet.

パラメータシート

McAfee Application Control

マカフィー製品のパラメーターシートを掲載しています。詳細は上のリンクをご参照ください。

ホワイトペーパー

SANS Survey: Maturing and Specializing: Incident Response Capabilities Needed (英語)

SANS released the 2015 findings from their Incident Response survey. The good news is results show that incident response (IR) and even detection are maturing. The shrinking window of response time, along with more automated tools and the specialized job titles to support the IR function are all indicators of this maturation. Now for the bad news: Organizations are short on the skills and technologies they need for full visibility and integrated response.

Don’t Jeopardize Security When Moving to Office 365 (英語)

This paper provides an overview of some of the issues facing enterprises as they move to Office 365 and other cloud-based applications, and suggests how comprehensive solutions from Intel Security can help address those issues.

McAfee Gateway Anti-Malware Technology Sets the Bar for Web Threat Protection (英語)

This white paper discusses the flagship McAfee Gateway Anti-Malware technology, how it adapts to new threats, and sets the stage to protect against future threats with a modular design that allows for the easy addition of components for maximum flexibility.

Protect Critical Assets with Virtual Patching (英語)

This white paper discusses virtual patching and how using predictive threat coverage, automated vulnerability scanning, and risk visualization is a scalable and cost-effective approach to protecting critical assets.

レポート

Securing Hybrid Networks for Dummies (英語)

Hybrid networks and data centers combine traditional network infrastructure with virtualized infrastructure to improve efficiency and flexibility. Learn how to keep your networks and data centers secure when transitioning to these new, next generation architectures.

Miercom: Threat Detection Test Results (英語)

Miercom Threat Detection Testing – Testing shows that Advanced Threat Defense detection performance was notably above industry average.

Gartner Magic Quadrant for SIEM (英語)

The security information and event management (SIEM) market is defined by the customer's need to apply security analytics to event data in real time for the early detection of targeted attacks and data breaches, and to collect, store, analyze and report on log data for incident response, forensics and regulatory compliance. The vendors included in the Magic Quadrant analysis have technologies that have been designed for this purpose, and they actively market and sell these technologies to the security buying center.

[Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.]

Magic Quadrant for Secure Email Gateways (英語)

Gartner recognizes Intel Security as a visionary in the Gartner Magic Quadrant for Secure Email Gateways, as published on June 29, 2015.

[Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.]

Critical Infrastructure Readiness Report: Holding the Line Against Cyberthreats (英語)

Technology and security professionals in North America and Europe profess a great deal of confidence in their cyberdefenses despite the current spate of high-profile breaches worldwide, according to a new survey made possible by the Aspen Institute Homeland Security Program and Intel Security.

The Top Five Network Attack Methods (英語)

This report offers insight into five of the most common network attack methods cybercriminals love to use. It provides valuable insight on how attackers target sensitive data and steal intellectual property, as well as guidance on what you can do to minimize the likelihood of a breach and its repercussions.

McAfee脅威レポート:2015年第1四半期

McAfee Labsが第1四半期に確認したランサムウェアの数は他の四半期の2倍になっています。

Phishing Deceives the Masses: Lessons Learned from a Global Assessment (英語)

This report reviews the lessons learned from the McAfee Phishing Quiz. At the time of this report, over 50,000 business users in 49 countries have completed the quiz and the results are enlightening.

Market Quadrant: McAfee Advanced Threat Defense is Top Player (英語)

This edition of Radicati Market Quadrants reviews products that offer protection from advanced persistent threats.

Throughput and Scalability Report McAfee NGFW 5206 — Miercom (英語)

Independent testing lab Miercom performed comprehensive throughput and scalability testing on the McAfee NGFW 5206 appliance. Testing was performed with application control, deep packet inspection, antivirus enabled, and in configurations of one to four clusters.

技術的な設計図

Combatting Advanced Targeted Attacks: PROTECT (英語)

Intel Security recommends a three-pronged approach for disrupting advanced targeted attacks, starting with enhanced protection, described in this guide. The goal of this Protect stage is two-part: to stop the most pervasive attack vectors while disrupting never-before-seen techniques and payloads, and to derive insights that can strengthen countermeasures and inform investigators of unfolding activities.

Combatting Advanced Targeted Attacks: DETECT (英語)

This guide covers advanced monitoring to identify anomalous, outlier behavior to perceive low-threshold attacks that would otherwise go unnoticed. As you uncover evidence, your system should share findings to enrich decision-making throughout your security infrastructure.

Combatting Advanced Targeted Attacks: CORRECT (英語)

This guide describes ways to facilitate triage and prioritization for fluid investigation and rapid remediation. As you learn, your solution should apply insights immediately throughout a collaborative infrastructure.

設計と実装

Data Center Design Guide: Implement McAfee Next Generation Firewall with Cisco Nexus 9000 Series Switches (英語)

The Data Center Design Guide provides information about design considerations and implementation steps when deploying McAfee Next Generation Firewall in a data center. The scenarios in this document were designed to simulate a typical data center deployment and were validated in an internal test environment at McAfee. Customers can use these best practices to design and implement similar configurations in their environments.