McAfee Policy Auditor
Integration + Innovation = Compliance
Efficiency
Need reliable proof of compliance? Never fear. McAfee Policy
Auditor was built from the ground up to automate the processes
required for internal and external IT audits. Its proven agent,
extensive support for content standards, and transparent
integration with McAfee ePolicy Orchestrator® (ePO™) mean accurate,
efficient audits, every time. So you can get back to managing risk,
not paperwork.
Benefits:
- Simplify operations
Unify management of policy audits and endpoint security to
eliminate manual steps and reduce effort and error
- Reduce time to compliance
Run consolidated audits across both managed (agent-based) and
unmanaged (agentless) systems
- Prove compliance consistently
Leverage pre-built policy templates that map IT controls to policy,
eliminating manual effort and demonstrating adherence to key
industry mandates and internal governance policies
- Eliminate need to purchase separate solution for file
integrity monitoring
Leverage basic file integrity monitoring capabilities to meet key
compliance requirements
- Automate manual audits
Schedule automatic reports with up-to-date data, create custom
dashboards and reports, and apply built-in waiver management to
speed every step of compliance validation
- Enforce compliance
Go beyond identifying problems. Import Policy Auditor results into
McAfee Remediation Manager for automated remediation of
non-compliant systems
Features:
- Predefined templates for industry
regulation
Policy Auditor ships with a variety of templates including PCI DSS,
SOX, GLBA, HIPAA, FISMA, and the best practice frameworks ISO 27001
and COBiT.
- New standards in compliance validation
New standards in compliance validation McAfee Policy
Auditor is Security Content Automation Protocol (SCAP) validated
enabling agencies to comply with the Federal Desktop Core
Configuration (FDCC) standard.
- Unprecedented integration with ePO and Vulnerability
Manager
The single ePO console lowers cost of ownership by consolidating
endpoint security management and compliance management, easing
agent deployment, management, and reporting. Integration with
Vulnerability Manager enables organizations to consolidate agent
and agentless audits.
- Fast, automated import of industry
benchmarks
Download benchmarks from authoritative sites, and, within minutes,
view detailed security guidance can confirm regulatory compliance
or design your own internal governance policies based on security
community best practices
- Continuous Audit Model and Blackout
Window
Security and audit teams can set the frequency of data capture to
support automated reports with accurate data. To prevent disruption
to critical business applications, a blackout window lets IT
operations block audit data capture during key business
periods
- Scripting Further Extends Policy Auditor
capabilities
Organizations also have the ability to create rules from any
scripting language supported by the system being audited to extend
the check capabilities of Policy Agents further. Sample languages
include VBScript, Batch files, Perl and Python.
