McAfee Integrity Control

McAfee Integrity Control

Protect point-of-service systems from unauthorized change

Next Steps:

Overview

McAfee Integrity Control blocks unauthorized applications and change on fixed-function, point-of-service infrastructures, including ATMs, point-of-sale (POS) systems, and kiosks. Combining industry-leading whitelisting and change control technology, Integrity Control prevents out-of-policy changes while still allowing updates from authorized sources. It boosts control over change policies and effectively secures devices, using a centrally-managed and efficient solution.

Comprehensive change policy enforcement — Get continuous change detection capabilities, while proactively preventing unauthorized, out-of-policy change attempts. Integrity Control links protection directly to policy and verifies changes against the source, time window, or approved change ticket. Changes outside of policy are blocked, greatly reducing change-related outages and compliance violations.

Viable security for fixed-function devices — Integrity Control uniquely extends a layer of protection to devices with a fixed CPU or memory, including POS terminals, ATMs, and medical imaging systems that perform critical functions and often store sensitive data. A low-overhead footprint does not impact system performance, and it is equally effective in standalone mode, without network access.

Centralized deployment and management — Get seamless integration with McAfee ePolicy Orchestrator (McAfee ePO) software to ease deployment, management, and reporting. The single McAfee ePO console lowers the cost of ownership by consolidating security and compliance management, eliminating the need to manage data in two separate systems. Streamlined remote deployment via the McAfee ePO platform easily manages and reports on large enterprise rollouts, all from a central location.

An efficient, transparent solution — Integrity Control runs transparently on fixed-function systems, enables the entire point-of-service infrastructure to be monitored without impact, and can be set up quickly. This flexible, affordable, and secure solution dynamically manages whitelists and supports multiple configurations for different business needs and devices.

Features & Benefits

Block unauthorized applications and change attempts

Ensure that only approved software runs on the point-of-service infrastructure, without imposing additional operational overhead. McAfee Integrity Control easily blocks unauthorized, vulnerable, or malicious applications that can compromise the security of critical systems.

Link change protection to policy

Verify changes against the source, time window, or approved change ticket. Changes attempted outside of policy are blocked, and the attempt is logged and sent as an alert to administrators, reducing outages and compliance violations.

Monitor file integrity and file changes

Check files and directories for changes to content, permissions, or both. Integrity Control provides continuous file integrity monitoring, essential for testing and verifying the security of an environment and meeting critical compliance requirements, including PCI DSS. It delivers comprehensive information about every change, including the user and the program used to make the change.

Gain increased control over fixed-function systems

Extend a layer of protection to devices with a fixed CPU or memory, including POS terminals, ATMs, and medical imaging systems, with a solution that does not impact system performance.

Meet and sustain PCI DSS compliance

Count on continuous information about change events across the point-of-service infrastructure to comply with PCI DSS requirements. Integrity Control details which server or servers originated the change, when it was made, which user made the change, how the change was made, what content inside the file changed, and whether the change was approved.

Get dynamic whitelisting via a trusted source

Eliminate the need for IT administrators to manually maintain lists of approved applications. Instead, IT departments can adopt a flexible approach, relying on a repository of trusted applications that run on endpoints. This prevents execution of all unauthorized software scripts and dynamic link libraries (DLLs), and further defends against memory exploits.

Centralize deployment and management through McAfee ePO

Get seamless integration with McAfee ePolicy Orchestrator (McAfee ePO) software to ease deployment, management, and reporting. The single McAfee ePO console consolidates security and compliance management, lowering TCO.

System Requirements

For a complete list of system requirements, see the Platform Support Matrix.

Demos / Tutorials

Demos

Use a single solution and achieve continuous compliance with McAfee Configuration Control.

Learn how McAfee Risk and Compliance products scan your entire network, providing complete visibility and ensuring proper protection.

Tutorials

For guidance on how to use Integrity Monitor, watch this Quick Tips video.

News / Events

Resources

Data Sheets

McAfee Embedded Control

For a technical summary on the McAfee product listed above, please view the product data sheet.

Solution Briefs

Continuous Compliance Simplified

McAfee Configuration Control combines the advanced capabilities of McAfee Policy Auditor and McAfee Change Control to put you in command of your compliance requirements.

Security and PCI Compliance for Retail Point-of-Sale Systems

This solution brief examines how McAfee POS solutions meet retailers’ unique compliance and operational needs.

McAfee Integrity Control

McAfee Integrity Control software uses a trusted source model, so that even when systems are locked down, software updates from authorized sources are still allowed.

White Papers

The Case for Continuous Compliance

McAfee Configuration Control eliminates manual processes and point product integration, providing single-console control for meeting compliance requirements.

Community

Blogs

  • Shedding light on ‘Shadow IT’
    David Small - January 9, 2014

    BYOD, BYOA, BYOx. The IT industry is full of acronyms depicting its constant evolution and relationship with the professional world. First came the devices; employees saw the power of personal devices and insisted on using them in the workplace. And so the consumerisation of IT was born. After the devices came the apps. Companies reported […]

    The post Shedding light on ‘Shadow IT’ appeared first on McAfee.

  • Walking the Talk on Public-Private Partnerships
    Tom Gann - August 16, 2013

    There’s been a lot of talk about the value of public-private partnerships in moving the U.S. toward a more robust cyber security posture. And let’s be honest:  there’s also been a lot of private sector skepticism about how much the Administration really believed in the concept or how much they would do to make it […]

    The post Walking the Talk on Public-Private Partnerships appeared first on McAfee.

  • Five Factors That Make D.C. Region a Cybersecurity Hub
    Tom Gann - May 29, 2013

    McAfee is based in Silicon Valley, but we know there’s more to tech than California. We recently joined the National Institute of Standards and Technology to launch the National Cybersecurity Center of Excellence, a joint effort among high-tech business, federal, state and local government and local universities located in Rockville, Md. The goal of the […]

    The post Five Factors That Make D.C. Region a Cybersecurity Hub appeared first on McAfee.

  • Getting Assurance in a Time Constrained World
    McAfee - May 20, 2013

    Nothing is as frustrating as when something goes wrong, especially when you have time constraints.  NIST has just released Special Publication 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations where a few notable items have been added to increase the confidence that security, practices, procedures and architectures of information systems […]

    The post Getting Assurance in a Time Constrained World appeared first on McAfee.

  • Response Now as Important as Prevention
    Leon Erlanger - February 24, 2012

    The National Institute of Standards and Technology (NIST) has updated its Computer Security Incident Handling Guide to take into account the increasingly dire state of cyber security. As anyone who has followed the rush of high-profile incursions over the past year knows, it’s looking less and less possible to prevent the inevitable attack, no matter […]

    The post Response Now as Important as Prevention appeared first on McAfee.