McAfee Vulnerability Manager, with its McAfee Asset Manager feature, delivers unrivaled scalability and performance, actively or passively canvassing everything on your network. Now you can uncover devices hidden on your network as well as smartphones, tablets, and laptops that come and go between scheduled scans. What you haven’t been seeing or scanning will surprise you — and could be jeopardizing your compliance. Thousands of organizations rely on Vulnerability Manager to quickly find and prioritize vulnerabilities, with deployments ranging from a few hundred nodes to one continuously scanning more than four million IP addresses. If it has an IP address or is using your network, Vulnerability Manager can discover and assess it, automatically or on a schedule, revealing the compliance of all assets on your network.
Vulnerability Manager gives you:
Priority-based auditing and remediation — Combines vulnerability, severity, and asset criticality information to quickly identify, rank, and address violations and vulnerabilities on networked systems and devices.
Active and passive network protection — Combines active and passive network discovery and monitoring to reveal virtualized, mobile and hidden devices on your network.
Proof of “not vulnerable” — A major requirement of auditors is to prove that you’re not vulnerable to threats, which is a significant attribute of McAfee Vulnerability Manager.
New threat identification and correlation — Automatically ranks the risk potential of new threats by correlating events to your asset and vulnerability data.
Policy auditing and compliance assessments — Defines values of policy checks and determines whether your organization complies with major regulations. Through an easy-to-use wizard it gives you templates for SOX, FISMA, HIPAA, PCI, and more.
Flexible reporting — Categorizes data by asset or network, and uses powerful filters to select and organize results in your reports. You can even create reports while scans are running.
Broad and deep content coverage — Performs authenticated and unauthenticated checks, automatically updated 24/7 by McAfee Labs, the world’s top threat research center. This helps you delve deep into operating systems and network devices to find vulnerabilities and policy violations.
Conduct deep scans of web applications that allow you to know where to focus your coding efforts before hackers can exploit your business-critical data. The scans include required checks for PCI, as well as coverage of the 2010 OWASP Top 10 and CWE-25 categories.
Choose an all-in-one or custom install on your physical or virtual hardware or our hardened appliances; use existing LDAP, Active Directory, or McAfee ePolicy Orchestrator (ePO) asset management systems, or let the first scan discover your assets.
Through the combination of active and passive monitoring, penetration testing, authenticated scanning, and non-credentialed scanning, McAfee Vulnerability Manager accurately scans everything on your network making comprehensive vulnerability management simpler than ever before.
Save hours with SCAP support and predefined, up-to-date policy templates. Our extensive checks validate alignment to federal and regulatory requirements and write custom scripts and checks to test proprietary and legacy systems.
Certify to EAL Common Criteria and validate to FIPS-140-2 encryption. McAfee Vulnerability Manager includes templates for the most popular compliance templates and standards.
Go beyond ports and configurations to inspect systems, databases, and applications on all networked assets — from smartphones to secure servers.
Tailor your deployment, scans, reporting, and management consoles, regardless of whether you centralize or segregate your operations, with the speed required for even multimillion node networks.
Generate conclusive evidence — such as expected and actual scan results, any systems not scanned, and any failed scans — to document that specific systems are “not vulnerable,” an increasingly common audit requirement.
Leverage millions of sensors around the world that direct hundreds of McAfee Labs researchers to the latest changes in the threat landscape, fueling real-time risk assessments and threat advisories.
Vulnerability Manager Software
Deploy Vulnerability Manager as software on your own hardware or in a virtualized environment. Software deployment has the following minimum requirements:
Vulnerability Manager MVM3100 Appliance
Choose this purpose-built, hardened appliance for even faster, more effortless deployment. It includes all necessary software and an enterprise-grade database. Hardware deployment has the following minimum requirements:
See how McAfee Asset Manager easily detects the presence of a new smartphone on a wireless network and interacts with McAfee Vulnerability Manager to instantly scan the device.
Learn how McAfee Vulnerability Manager can continuously discover, evaluate, and monitor evolving risks from devices on your network.
Learn how McAfee Risk and Compliance products scan your entire network, providing complete visibility and ensuring proper protection.
"McAfee Vulnerability Manager provides agentless security configuration assessment, plus integration with the agent-based McAfee Policy Auditor, with coverage of DISA STIG, NSA, FDCC, and CIS controls. McAfee Vulnerability Manager has flexible asset management, remediation reporting, and workflow capabilities."
In an independent evaluation conducted by S3KUR3 Inc., McAfee Vulnerability Manager was assessed as "No other solution combines the flexibility, comprehensive scanning, and powerful remediation capabilities in a single package."
The McAfee Vulnerability Manager is a powerful appliance-based tool that provides vulnerability assessment, penetration testing and web application scanning along with rogue device detection and plug-in capability to LDAP (Lightweight Directory Access Protocol) and Microsoft Active Directory for asset management.
SANTA CLARA, Calif., August 17, 2009 - McAfee, Inc. (NYSE:MFE) today announced that McAfee VirusScan Enterprise, McAfee Anti-spyware Enterprise, McAfee ePolicy Orchestrator, and McAfee Vulnerability Manager have been verified as Citrix Ready™. The Citrix Ready program identifies trusted, third-party solutions that add the greatest value in the Citrix Delivery Center™ infrastructure. The above-mentioned McAfee products have completed a rigorous verification process to ensure compatibility with Citrix® XenApp™.
McAfee security risk management solutions help Abtran meet clients’ increasing security requirements.
Alcatel-Lucent Shanghai Bell uses McAfee Network Security Platform to secure 100 Mbps to 10 Gbps corporate networks against threats and attacks.
Arab National Bank uses McAfee ePolicy Orchestrator (ePO) software to manage endpoint protection across 5,500 endpoints.
Cardnet eliminates malware infections with comprehensive network, email, and endpoint security from McAfee.
CEMEX relies on McAfee to find system vulnerabilities and prevent data loss.
Citrix reduces risk with McAfee’s integrated security risk management platform.
With robust integration features built into ePO, users can handle data events and achieve stronger monitoring and control easily and quickly through the platform.
DSM enlists McAfee to strengthen enterprise network security control and compliance.
HCF gets comprehensive anti-malware protection and streamlined security management with McAfee.
Idaho State Tax Commission chooses McAfee to embed security in a new network infrastructure.
Integral Energy proactively assesses and manages vulnerabilities with McAfee Vulnerability Manager.
Intelsat trusts McAfee to protect user and network devices globally.
Volvo Group uses McAfee for for worldwide vulnerability management.
Xinjiang Mobile's comprehensive assessment of data protection products in the market lead them to choose and deploy McAfee’s solution.
Topics : Security Management, SIEM
Topics : Risk & Compliance, Security Management, SIEM
Topics : Risk & Compliance, Security Management, SIEM
Topics : Mobile Security
Topics : Risk & Compliance
For a technical summary on the McAfee product listed above, please view the product data sheet.