McAfee Total Protection (ToPS) for Compliance reduces remediation time from months to days by providing unique, countermeasure-aware, impact/risk assessment capabilities. The tool correlates endpoint and network countermeasures with new vulnerabilities and provides a third dimension to the vulnerability impact assessment by adding the status of the current countermeasure to vulnerability severity and asset criticality.
It enables organizations to conduct (agent-less, agent-based or hybrid) compliance audits, configuration assessment, vulnerability assessment, asset management and countermeasure-aware risk assessment for a range of technologies.
It runs on a Microsoft platform and requires MS Server 2003-2008 and SQL Server 2005-2008. A spokesperson at the company claimed deployment of the software was within a few hours. Certainly, users can be up and running within a few days depending on the level of customization, workflow complexity and integration with non-McAfee products.
The solution addresses risk at the IT risk level using the OVAL (open vulnerability and assessment language) standard for risk assessment. ToPS proactively correlates threats with system state information – including vulnerability data, patch level, configuration information, application data and countermeasure information – to find critical assets at risk so as to optimize remediation/patch efforts.
The agentless option allows users to gather valuable information from systems with zero footprint on those devices. The agent-based, agentless or hybrid collectors can co-exist in the same environment so one has numerous deployment options. New to this release is the ability to assess desktop risks, such as Adobe- and Java-based threats. ToPS has also added the ability to conduct file integrity checks to recognize changes made, to report and track changes, and to specify entitlement to certain files. Other additions to this release that caught our attention include the ability to now track risk associated with BYOD devices through mobile vulnerability assessments.
This information is consumed from integration of McAfee Asset Manager (part of McAfee Vulnerability Manager) to passively fingerprint a device, user, OS and app.
Reporting was solid before and has been updated substantially for this release. It now includes an attractive risk summary graphic, a “threats over time” visual, new canned reports, a report builder and a new PCI dashboard. ToPS has also added a tool to allow a user with no SQL skills to write a custom query for reporting using a simple, drag-and-drop programming feature. McAfee has also created an application programming interface (API) to allow other security and network product vendors to integrate with the tool. The isolation was a drawback in the past, so this added capability will help resolve that issue. However, at press time, there was not yet a list of other supported integrations available.
This video is about McAfee Total Protection for Compliance Product Overview by E-SPIN that will give you more information regarding this product.
For those who can not join us for the session, please see the summary and highlight clip for the event.
E-SPIN recently run a McAfee Total Protection for Compliance what’s new session cover what new for new user and existing users.
If you have any inquiry or questions, feel free to contact E-SPIN for solution, product and project requirements.