Symantec Control Compliance Suite Standards Manager: Automate Security Configuration Assessments. Discover Rogue Networks & Assets. Harden the Data Center.
Symantec Control Compliance Suite (CCS) is a modular, highly scalable, and comprehensive solution for automating security and compliance assessments across the physical and virtual data centers, and across public clouds. Each of the seven Control Compliance Suite Modules is available independently or as part of a broader suite. The Control Compliance Suite Control Studio and Infrastructure combines evidence from the multiple modules as well as third party systems, and maps assets and evidence to control statements, standards, and policies and regulations to enable mandate-based reporting and risk assessments. Role-based, customizable Web-based dashboards, and reports enable the organization to measure risk and track the performance of its security and compliance programs. Workflow integration with remediation ticketing systems enable organizations to align security operations with compliance and risk management operations, prioritize risk mitigation and remediation activities, and optimize security and IT operations.
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Symantec Control Compliance Suite Standards Manager: Automate Security Configuration Assessments. Discover Rogue Networks & Assets. Harden the Data Center.
1. Symantec Control Compliance Suite
Standards Manager
Automate Security Configuration Assessments. Discover Rogue Networks
& Assets. Harden the Data Center.
Data Sheet: Security Management
Control Compliance Suite Standards Manager Overview
Are you able to:Are you able to:
• Conduct fine-grain network and asset discovery across your virtual and physical data center?
• Effectively harden security configuration settings across your physical and virtual infrastructures?
• Automate the assessment of technical controls and security configuration standards across your data center assets?
• Deliver role-based and operational mandate-based reporting on security configuration across multiple security
standards and regulatory mandates?
• Prioritize technical controls for remediation across IT ops, Sec Ops, and compliance?
• Optimize resource allocation for the remediation of risks and audit findings according to business priorities?
• Support the new SCAP 1.2, PCI-DSS v.3, and NIST Cybersecurity standards?
• Assess once and deliver reports to comply with multiple regulatory mandates as well as support IT operations and
security operations requirements?
• Identify which servers and databases are missing critical patch updates?
• Identify which servers and databases have known default configuration settings?
• Effectively handles exceptions in the configuration of security controls?
Solution OverSolution Overviewview
1
2. Symantec™ Control Compliance Suite Standards Manager is a leading network and asset discovery and security
configuration assessment solution. Organizations employ Symantec™ Control Compliance Suite Standards Manager to
harden the physical and virtual infrastructure, detect configuration drifts, and evaluate if systems are secured, configured,
and patched according to standards for security operations and compliance reporting.
Symantec™ Control Compliance Suite Standards Manager enables a consistent, centralized approach to your organization’s
security and compliance posture. It replaces manual, error-prone checks with scheduled, automated assessments. Role-
based, operational, and mandate-based reporting allows IT operations, security operations, and compliance to minimize
overlaps and conflicts. The capability to assess once and report to many helps IT operations, security, and compliance
align their remediation priorities.
What’s New in Control Compliance Suite Standards Manager 11.0.5What’s New in Control Compliance Suite Standards Manager 11.0.5
Control Compliance Suite Standards Manager offers new and enhanced capabilities for security and compliance across the
physical and virtual data centers, including:
• New network and asset discovery capabilities. Patented Lightspeed discovery algorithm offers a less-intrusive and non-
authenticated approach for asset discovery across networks and hosts,
• Ability to create blacklists and exclude specific networks for discovery and ensure critical networks are not scanned
• Enhanced support for Continuous Monitoring and Cybersecurity initiatives including:
⁃ Upgrade of Windows SCAP engine to SCAP 1.2
⁃ Enhanced support for SCAP 1.2 including Enhanced Assessment Results Reporting (ARF),
⁃ Support for OVAL 5.3, 5.8, & 5.10 Vulnerability Assessment, increased coverage of supported OVAL entities, and
support for CCE & CVE id’s in SCAP results.
⁃ New APIs in CCS SCAP engine for Partner Integration. These capabilities enable the customer to create and run SCAP
evaluation through API’s and export of SCAP results in ARF format.
• Updated regulatory content library and technical platform support including:
⁃ Support for ISO 27001-2013
⁃ Support for NIST Cybersecurity Framework in SCU 2014-1
⁃ Support PCI DSS v3.0 in SCU 2014-1
⁃ Updated platform support for UBUNTU, Windows 2012 R2 & SQL 2012
FFeatureseatures
• Extensive, out-of-the-box technical content including the latest Center for Internet Security (CIS) benchmarks for OS
platforms, databases, and applications
• Broad and deep platform coverage for servers, endpoints, databases, hypervisors and virtual machines, and mission
critical applications, including mainframes
• Discovery and assessment of both hypervisor and guest operating systems for centralized, scalable security
configuration management of virtualized environments
• Flexible agent-based and agentless data gathering options available on a unified platform with a single management
interface
• Risk-based, highly customizable, out-of-the-box remediation workflows, including exception management, which
supports integration with existing business processes
• Scalable data framework enables the easy aggregation and normalization of technical controls data from multiple
sources
Data Sheet: Security Management
Symantec Control Compliance Suite Standards Manager
2
3. • Ad hoc query interface for near real-time assessment of threat exposure
CusCustomer Benefitstomer Benefits
• Enable the secure migration to and deployment of a software-defined data center transformation initiative
• Harden the virtual and physical infrastructure through the integration with Symantec Data Center Security: Server and
Advanced Server
• Improve cybersecurity and data breach prevention capabilities by enabling the efficient discovery of rogue networks and
assets
• Optimize assessment and reporting of security configuration standards across physical and virtual assets
• Leverage role-based, automated and risk-prioritized dashboard and reporting to align priorities and optimize resource
allocation for risk remediation
• Improve overall security posture, discover configuration drifts, and reduce audit failures with automated security
configuration assessments
• Align security operations with compliance and IT risk management by automating the mapping of assets to controls,
control statements, and an extensive and regularly updated library of security best practice frameworks and standards.
• Reduce management complexity and minimize operational costs by combining agent-based and agentless data
gathering options via a unified management interface
OverOverview of Control Compliance Suiteview of Control Compliance Suite
Symantec Control Compliance Suite (CCS) is a modular, highly scalable, and comprehensive solution for automating
security and compliance assessments across the physical and virtual data centers, and across public clouds. Each of the
seven Control Compliance Suite Modules is available independently or as part of a broader suite. The Control Compliance
Suite Control Studio and Infrastructure combines evidence from the multiple modules as well as third party systems, and
maps assets and evidence to control statements, standards, and policies and regulations to enable mandate-based
reporting and risk assessments. Role-based, customizable Web-based dashboards, and reports enable the organization to
measure risk and track the performance of its security and compliance programs. Workflow integration with remediation
ticketing systems enable organizations to align security operations with compliance and risk management operations,
prioritize risk mitigation and remediation activities, and optimize security and IT operations.
Control Compliance Suite-ModulesControl Compliance Suite-Modules
• SSymantec™ Control Compliance Suite Pymantec™ Control Compliance Suite Policolicy Managery Manager automates policy definition and policy life cycle management
with out-of-the-box policy content for multiple mandates, automatically maps assets to controls, standards and
regulatory mandates, identifies common controls to enable “assess once and report to multiple mandates”, and delivers
content and technical standards updates on a quarterly basis.
• SSymantec™ Control Compliance Suite Risk Managerymantec™ Control Compliance Suite Risk Manager aligns security and compliance operations with business priorities
by defining risks according to business thresholds, mapping risks to assets, controls and owners, calculating risk scores.
This information can be used to prioritize resource allocation, enable alignment of security operations with compliance,
and prioritize risk mitigation and remediation. Customers also utilize Risk Manager to measure and track the
performance of its compliance and risk reduction programs.
• SSymantec™ Control Compliance Suite Standards Managerymantec™ Control Compliance Suite Standards Manager is a leading asset discovery and configuration assessment
solution. The solution is employed to harden the physical and virtual infrastructure, detect configuration drifts, and
evaluate if systems are secured, configured, and patched according to standards for security operations and compliance
reporting.
Data Sheet: Security Management
Symantec Control Compliance Suite Standards Manager
3
4. • SSymantec™ Control Compliance Suite Vymantec™ Control Compliance Suite Vulnerabilitulnerability Managery Manager performs end-to-end vulnerability assessment of Web
applications, databases, servers, and network devices, delivering a single view of security threats and vulnerabilities
across the physical and virtual infrastructure.
• SSymantec™ Control Compliance Suite Virtualization Securitymantec™ Control Compliance Suite Virtualization Security Managery Manager enables role-based separation of duties and
access within the virtual infrastructure; monitors and reports on the activities of privileged users within the virtual
environment, and assesses for compliance to privileged user virtualization security policies.
• SSymantec™ Control Compliance Suite Assessment Managerymantec™ Control Compliance Suite Assessment Manager automates the assessment of procedural controls
governing employee behavior. Assessment Manager offers out of the box, comprehensive coverage for 100+ regulations,
frameworks & best practices that are translated into questionnaires to assess the effectiveness of procedural controls.
These questionnaires can also be used to evaluate overall employee security awareness and to support security
awareness training.
• SSymantec™ Control Compliance Suite Vymantec™ Control Compliance Suite Vendor Risk Managerendor Risk Manager enables the assessment and monitoring of your vendor
risk exposure including third party business process services, application developers, and cloud service providers by
automating security and compliance assessments.
SSysystem Requirementstem Requirements- Control Compliance Suite CoreControl Compliance Suite Core
SofSofttware Requirementsware Requirements
Operating SOperating Sysystemtem
• Windows Server 2003 SP2 x64 Enterprise or Standard edition
• Windows Server 2003 R2 SP2 x64 Enterprise or Standard edition
• Windows Server 2008 SP2 x64 Enterprise or Standard edition
• Windows Server 2008 R2 x64 Enterprise or Standard edition
DatabaseDatabase
• Microsoft SQL Server 2005 SP2 or later (32-bit and 64-bit computers)
• Microsoft SQL Server 2008 SP1, SP2 (32-bit and 64-bit computers)
• Microsoft SQL Server 2008 R2 (32-bit and 64-bit computers)
Other SofOther Softtwareware
• Microsoft .Net Framework 3.5 SP1
• Oracle Instant Client 10.2.0.4
• Internet connection for CCS service
• Internet Explorer 8.0
• Internet Information Service (IIS)
• ASP.NET v4.0.30319
• ASP.NET v4.0.30319 Web Service Extensions
Hardware RequirementsHardware Requirements
FFor deployment on a single seror deployment on a single serverver
• Minimum memory: 4GB
• Minimum processor: Dual Proc 3GHz
• Minimum hard disk space: 140GB
SQL SerSQL Serverver
Data Sheet: Security Management
Symantec Control Compliance Suite Standards Manager
4