McAfee Risk and Compliance Manager

McAfee Risk and Compliance Manager Overview:

Synthesizing data from your disparate security systems for a holistic view of security risks and compliance issues is time- and labor-intensive. McAfee Risk and Compliance Manager (formerly McAfee Preventsys®) automates data gathering from your security solutions, leveraging their value while reducing the time and costs of identifying risks, addressing gaps and demonstrating compliance.

Description:

Your company has substantial investments in your existing proactive security systems. As you’re not likely to rip and replace these systems any time soon, you need to ensure you maximize their ROI. The trouble is, consolidating information from all these disparate sources take an inordinate amount of time and monopolizes precious human and IT resources.

Thanks to its open architecture, McAfee Risk and Compliance Manager automatically synthesizes security information from your existing security systems and serves it up in a variety of formats—from high-level dashboard views to detailed IT-focused reports. These aggregated views helps you identify and prioritize risks, address gaps, and demonstrate compliance to auditors, managers, your board of directors, shareholders, and customers.

By automating security data consolidation across your infrastructure, you can easily establish and implement effective, repeatable methodologies for your security risk management and compliance reporting processes. As a result of this automation, you reduce business risk while saving time, money, and resources.

Another advantage of Risk and Compliance Manager is the ability to audit both discrete network segments and the entire network on daily, weekly, monthly, or quarterly intervals—as well as on demand. Compare this with manual audits based on extrapolated findings, and you’ll see that you gain a much more accurate picture of actual business risk and opportunities for addressing them. You can also better prioritize your company’s security risks and exposure.

A key component of Risk and Compliance Manager is PolicyLab, our patent-pending policy development environment. PolicyLab allows you to input your corporate policies, edit pre-populated regulatory policies, and add your own administrative controls or manual audit tasks. This way, you’re better able to meet regulatory and corporate policies and save time, greatly improving overall compliance posture.

Figure 1: The McAfee Risk and Compliance Manager dashboard view of an enterprise’s compliance with the Sarbanes-Oxley Act per business unit

Figure 2: The Risk and Compliance Manager user view shows policy violations, their severity level, and their priority for the enterprise or business unit.

Figure 3: The Risk and Compliance Manager PolicyLab user view shows policies on the left, the viewed policy in the middle, and the rules on the right.

Benefits and Features:

Pre-packaged templates for fast and easy customization and configuration
 

System Requirements:

Note: The following are minimum system requirements only. Actual requirements vary depending on the nature of your environment.

Management Server (ESM Server) Appliance

Dell PowerEdge 1950 III 

• Quad Core Xeon E5440, 2.83GHz, 1333MHz
• 4GB RAM
• 4x73 GB 10,000RPM 2.5" SAS Hard Drives in a RAID 5 configuration (3+1)
• 1 Gigabit NIC
• Redundant power supply with 2 cords
• 1 CD-ROM drive
• No operating system
• Rack chassis with sliding rapid/versa rails and cable management arm.

Assessment Server Appliance

PowerEdge R200

• Intel Core 2 Duo E4500, 2.2GHz, 2MB Cache,  800MHz FSB
• 1 GB DDR2, 800MHz, 2x512MB
• 1 80GB, Serial ATA 7,200 RPM Hard Drive
• On-Board Dual Gigabit Network Adapter
• 1 DVD-ROM Drive
• No Operating System Configuration
• Rack chassis with versarails

Documentation:

Download the McAfee Risk and Compliance Manager Datasheet (PDF).