SlideShare una empresa de Scribd logo

Symantec Control Compliance Suite Standards Manager: Automate Security Configuration Assessments. Discover Rogue Networks & Assets. Harden the Data Center.

Symantec
Symantec

Symantec Control Compliance Suite (CCS) is a modular, highly scalable, and comprehensive solution for automating security and compliance assessments across the physical and virtual data centers, and across public clouds. Each of the seven Control Compliance Suite Modules is available independently or as part of a broader suite. The Control Compliance Suite Control Studio and Infrastructure combines evidence from the multiple modules as well as third party systems, and maps assets and evidence to control statements, standards, and policies and regulations to enable mandate-based reporting and risk assessments. Role-based, customizable Web-based dashboards, and reports enable the organization to measure risk and track the performance of its security and compliance programs. Workflow integration with remediation ticketing systems enable organizations to align security operations with compliance and risk management operations, prioritize risk mitigation and remediation activities, and optimize security and IT operations.

Tecnología
1 de 5
Descargar para leer sin conexión
Symantec Control Compliance Suite Standards Manager Automate Security Configuration Assessments. Discover Rogue Networks & Assets. Harden the Data Center. Data Sheet: Security Management Control Compliance Suite Standards Manager Overview Are you able to:Are you able to: • Conduct fine-grain network and asset discovery across your virtual and physical data center? • Effectively harden security configuration settings across your physical and virtual infrastructures? • Automate the assessment of technical controls and security configuration standards across your data center assets? • Deliver role-based and operational mandate-based reporting on security configuration across multiple security standards and regulatory mandates? • Prioritize technical controls for remediation across IT ops, Sec Ops, and compliance? • Optimize resource allocation for the remediation of risks and audit findings according to business priorities? • Support the new SCAP 1.2, PCI-DSS v.3, and NIST Cybersecurity standards? • Assess once and deliver reports to comply with multiple regulatory mandates as well as support IT operations and security operations requirements? • Identify which servers and databases are missing critical patch updates? • Identify which servers and databases have known default configuration settings? • Effectively handles exceptions in the configuration of security controls? Solution OverSolution Overviewview 1
Symantec™ Control Compliance Suite Standards Manager is a leading network and asset discovery and security configuration assessment solution. Organizations employ Symantec™ Control Compliance Suite Standards Manager to harden the physical and virtual infrastructure, detect configuration drifts, and evaluate if systems are secured, configured, and patched according to standards for security operations and compliance reporting. Symantec™ Control Compliance Suite Standards Manager enables a consistent, centralized approach to your organization’s security and compliance posture. It replaces manual, error-prone checks with scheduled, automated assessments. Role- based, operational, and mandate-based reporting allows IT operations, security operations, and compliance to minimize overlaps and conflicts. The capability to assess once and report to many helps IT operations, security, and compliance align their remediation priorities. What’s New in Control Compliance Suite Standards Manager 11.0.5What’s New in Control Compliance Suite Standards Manager 11.0.5 Control Compliance Suite Standards Manager offers new and enhanced capabilities for security and compliance across the physical and virtual data centers, including: • New network and asset discovery capabilities. Patented Lightspeed discovery algorithm offers a less-intrusive and non- authenticated approach for asset discovery across networks and hosts, • Ability to create blacklists and exclude specific networks for discovery and ensure critical networks are not scanned • Enhanced support for Continuous Monitoring and Cybersecurity initiatives including: ⁃ Upgrade of Windows SCAP engine to SCAP 1.2 ⁃ Enhanced support for SCAP 1.2 including Enhanced Assessment Results Reporting (ARF), ⁃ Support for OVAL 5.3, 5.8, & 5.10 Vulnerability Assessment, increased coverage of supported OVAL entities, and support for CCE & CVE id’s in SCAP results. ⁃ New APIs in CCS SCAP engine for Partner Integration. These capabilities enable the customer to create and run SCAP evaluation through API’s and export of SCAP results in ARF format. • Updated regulatory content library and technical platform support including: ⁃ Support for ISO 27001-2013 ⁃ Support for NIST Cybersecurity Framework in SCU 2014-1 ⁃ Support PCI DSS v3.0 in SCU 2014-1 ⁃ Updated platform support for UBUNTU, Windows 2012 R2 & SQL 2012 FFeatureseatures • Extensive, out-of-the-box technical content including the latest Center for Internet Security (CIS) benchmarks for OS platforms, databases, and applications • Broad and deep platform coverage for servers, endpoints, databases, hypervisors and virtual machines, and mission critical applications, including mainframes • Discovery and assessment of both hypervisor and guest operating systems for centralized, scalable security configuration management of virtualized environments • Flexible agent-based and agentless data gathering options available on a unified platform with a single management interface • Risk-based, highly customizable, out-of-the-box remediation workflows, including exception management, which supports integration with existing business processes • Scalable data framework enables the easy aggregation and normalization of technical controls data from multiple sources Data Sheet: Security Management Symantec Control Compliance Suite Standards Manager 2
• Ad hoc query interface for near real-time assessment of threat exposure CusCustomer Benefitstomer Benefits • Enable the secure migration to and deployment of a software-defined data center transformation initiative • Harden the virtual and physical infrastructure through the integration with Symantec Data Center Security: Server and Advanced Server • Improve cybersecurity and data breach prevention capabilities by enabling the efficient discovery of rogue networks and assets • Optimize assessment and reporting of security configuration standards across physical and virtual assets • Leverage role-based, automated and risk-prioritized dashboard and reporting to align priorities and optimize resource allocation for risk remediation • Improve overall security posture, discover configuration drifts, and reduce audit failures with automated security configuration assessments • Align security operations with compliance and IT risk management by automating the mapping of assets to controls, control statements, and an extensive and regularly updated library of security best practice frameworks and standards. • Reduce management complexity and minimize operational costs by combining agent-based and agentless data gathering options via a unified management interface OverOverview of Control Compliance Suiteview of Control Compliance Suite Symantec Control Compliance Suite (CCS) is a modular, highly scalable, and comprehensive solution for automating security and compliance assessments across the physical and virtual data centers, and across public clouds. Each of the seven Control Compliance Suite Modules is available independently or as part of a broader suite. The Control Compliance Suite Control Studio and Infrastructure combines evidence from the multiple modules as well as third party systems, and maps assets and evidence to control statements, standards, and policies and regulations to enable mandate-based reporting and risk assessments. Role-based, customizable Web-based dashboards, and reports enable the organization to measure risk and track the performance of its security and compliance programs. Workflow integration with remediation ticketing systems enable organizations to align security operations with compliance and risk management operations, prioritize risk mitigation and remediation activities, and optimize security and IT operations. Control Compliance Suite-ModulesControl Compliance Suite-Modules • SSymantec™ Control Compliance Suite Pymantec™ Control Compliance Suite Policolicy Managery Manager automates policy definition and policy life cycle management with out-of-the-box policy content for multiple mandates, automatically maps assets to controls, standards and regulatory mandates, identifies common controls to enable “assess once and report to multiple mandates”, and delivers content and technical standards updates on a quarterly basis. • SSymantec™ Control Compliance Suite Risk Managerymantec™ Control Compliance Suite Risk Manager aligns security and compliance operations with business priorities by defining risks according to business thresholds, mapping risks to assets, controls and owners, calculating risk scores. This information can be used to prioritize resource allocation, enable alignment of security operations with compliance, and prioritize risk mitigation and remediation. Customers also utilize Risk Manager to measure and track the performance of its compliance and risk reduction programs. • SSymantec™ Control Compliance Suite Standards Managerymantec™ Control Compliance Suite Standards Manager is a leading asset discovery and configuration assessment solution. The solution is employed to harden the physical and virtual infrastructure, detect configuration drifts, and evaluate if systems are secured, configured, and patched according to standards for security operations and compliance reporting. Data Sheet: Security Management Symantec Control Compliance Suite Standards Manager 3
• SSymantec™ Control Compliance Suite Vymantec™ Control Compliance Suite Vulnerabilitulnerability Managery Manager performs end-to-end vulnerability assessment of Web applications, databases, servers, and network devices, delivering a single view of security threats and vulnerabilities across the physical and virtual infrastructure. • SSymantec™ Control Compliance Suite Virtualization Securitymantec™ Control Compliance Suite Virtualization Security Managery Manager enables role-based separation of duties and access within the virtual infrastructure; monitors and reports on the activities of privileged users within the virtual environment, and assesses for compliance to privileged user virtualization security policies. • SSymantec™ Control Compliance Suite Assessment Managerymantec™ Control Compliance Suite Assessment Manager automates the assessment of procedural controls governing employee behavior. Assessment Manager offers out of the box, comprehensive coverage for 100+ regulations, frameworks & best practices that are translated into questionnaires to assess the effectiveness of procedural controls. These questionnaires can also be used to evaluate overall employee security awareness and to support security awareness training. • SSymantec™ Control Compliance Suite Vymantec™ Control Compliance Suite Vendor Risk Managerendor Risk Manager enables the assessment and monitoring of your vendor risk exposure including third party business process services, application developers, and cloud service providers by automating security and compliance assessments. SSysystem Requirementstem Requirements- Control Compliance Suite CoreControl Compliance Suite Core SofSofttware Requirementsware Requirements Operating SOperating Sysystemtem • Windows Server 2003 SP2 x64 Enterprise or Standard edition • Windows Server 2003 R2 SP2 x64 Enterprise or Standard edition • Windows Server 2008 SP2 x64 Enterprise or Standard edition • Windows Server 2008 R2 x64 Enterprise or Standard edition DatabaseDatabase • Microsoft SQL Server 2005 SP2 or later (32-bit and 64-bit computers) • Microsoft SQL Server 2008 SP1, SP2 (32-bit and 64-bit computers) • Microsoft SQL Server 2008 R2 (32-bit and 64-bit computers) Other SofOther Softtwareware • Microsoft .Net Framework 3.5 SP1 • Oracle Instant Client 10.2.0.4 • Internet connection for CCS service • Internet Explorer 8.0 • Internet Information Service (IIS) • ASP.NET v4.0.30319 • ASP.NET v4.0.30319 Web Service Extensions Hardware RequirementsHardware Requirements FFor deployment on a single seror deployment on a single serverver • Minimum memory: 4GB • Minimum processor: Dual Proc 3GHz • Minimum hard disk space: 140GB SQL SerSQL Serverver Data Sheet: Security Management Symantec Control Compliance Suite Standards Manager 4
• Minimum memory: 4GB • Minimum processor: Dual Proc 3GHZ • Disk Sizing: Refer to the Planning and Deployment Guide More Information Visit our website http://enterprise.symantec.com To speak with a Product Specialist in the U.S. Call toll-free 1 (800) 745 6054 To speak with a Product Specialist outside the U.S. For specific country offices and contact numbers, please visit our website. About Symantec Symantec protects the world’s information, and is a global leader in security, backup, and availability solutions. Our innovative products and services protect people and information in any environment – from the smallest mobile device, to the enterprise data center, to cloud-based systems. Our world-renowned expertise in protecting data, identities, and interactions gives our customers confidence in a connected world. More information is available at www.symantec.com or by connecting with Symantec at go.symantec.com/socialmedia. Symantec World Headquarters 350 Ellis St. Mountain View, CA 94043 USA +1 (650) 527 8000 1 (800) 721 3934 www.symantec.com Copyright © 2014 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. 21328945 04/14 Data Sheet: Security Management Symantec Control Compliance Suite Standards Manager 5

Recomendados

IT GRC with Symantec
IT GRC with SymantecIT GRC with Symantec
IT GRC with Symantec
Arrow ECS UK
 
Symantec control compliance suite
Symantec control compliance suiteSymantec control compliance suite
Symantec control compliance suite
Symantec
 
Symantec Control Compliance Suite 11, February 2012
Symantec Control Compliance Suite 11, February 2012Symantec Control Compliance Suite 11, February 2012
Symantec Control Compliance Suite 11, February 2012
Symantec
 
Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of Broadcom
Symantec
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec
 

Recomendados

IT GRC with Symantec
IT GRC with SymantecIT GRC with Symantec
IT GRC with Symantec
Arrow ECS UK
 
Symantec control compliance suite
Symantec control compliance suiteSymantec control compliance suite
Symantec control compliance suite
Symantec
 
Symantec Control Compliance Suite 11, February 2012
Symantec Control Compliance Suite 11, February 2012Symantec Control Compliance Suite 11, February 2012
Symantec Control Compliance Suite 11, February 2012
Symantec
 
Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of Broadcom
Symantec
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
Symantec
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
Symantec
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
Symantec
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
Symantec
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
Symantec
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019
Symantec
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec
 
GDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators WantGDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators Want
Symantec
 
Symantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 WebinarSymantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec
 
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec
 
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
Symantec
 
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Christopher Logan Kennedy
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 

Más contenido relacionado

Más de Symantec

Más de Symantec (20)

Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
 
GDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators WantGDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators Want
 
Symantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 WebinarSymantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 Webinar
 
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
 
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
 
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
 

Último

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Último (20)

Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 

Symantec Control Compliance Suite Standards Manager: Automate Security Configuration Assessments. Discover Rogue Networks & Assets. Harden the Data Center.

  • 1. Symantec Control Compliance Suite Standards Manager Automate Security Configuration Assessments. Discover Rogue Networks & Assets. Harden the Data Center. Data Sheet: Security Management Control Compliance Suite Standards Manager Overview Are you able to:Are you able to: • Conduct fine-grain network and asset discovery across your virtual and physical data center? • Effectively harden security configuration settings across your physical and virtual infrastructures? • Automate the assessment of technical controls and security configuration standards across your data center assets? • Deliver role-based and operational mandate-based reporting on security configuration across multiple security standards and regulatory mandates? • Prioritize technical controls for remediation across IT ops, Sec Ops, and compliance? • Optimize resource allocation for the remediation of risks and audit findings according to business priorities? • Support the new SCAP 1.2, PCI-DSS v.3, and NIST Cybersecurity standards? • Assess once and deliver reports to comply with multiple regulatory mandates as well as support IT operations and security operations requirements? • Identify which servers and databases are missing critical patch updates? • Identify which servers and databases have known default configuration settings? • Effectively handles exceptions in the configuration of security controls? Solution OverSolution Overviewview 1
  • 2. Symantec™ Control Compliance Suite Standards Manager is a leading network and asset discovery and security configuration assessment solution. Organizations employ Symantec™ Control Compliance Suite Standards Manager to harden the physical and virtual infrastructure, detect configuration drifts, and evaluate if systems are secured, configured, and patched according to standards for security operations and compliance reporting. Symantec™ Control Compliance Suite Standards Manager enables a consistent, centralized approach to your organization’s security and compliance posture. It replaces manual, error-prone checks with scheduled, automated assessments. Role- based, operational, and mandate-based reporting allows IT operations, security operations, and compliance to minimize overlaps and conflicts. The capability to assess once and report to many helps IT operations, security, and compliance align their remediation priorities. What’s New in Control Compliance Suite Standards Manager 11.0.5What’s New in Control Compliance Suite Standards Manager 11.0.5 Control Compliance Suite Standards Manager offers new and enhanced capabilities for security and compliance across the physical and virtual data centers, including: • New network and asset discovery capabilities. Patented Lightspeed discovery algorithm offers a less-intrusive and non- authenticated approach for asset discovery across networks and hosts, • Ability to create blacklists and exclude specific networks for discovery and ensure critical networks are not scanned • Enhanced support for Continuous Monitoring and Cybersecurity initiatives including: ⁃ Upgrade of Windows SCAP engine to SCAP 1.2 ⁃ Enhanced support for SCAP 1.2 including Enhanced Assessment Results Reporting (ARF), ⁃ Support for OVAL 5.3, 5.8, & 5.10 Vulnerability Assessment, increased coverage of supported OVAL entities, and support for CCE & CVE id’s in SCAP results. ⁃ New APIs in CCS SCAP engine for Partner Integration. These capabilities enable the customer to create and run SCAP evaluation through API’s and export of SCAP results in ARF format. • Updated regulatory content library and technical platform support including: ⁃ Support for ISO 27001-2013 ⁃ Support for NIST Cybersecurity Framework in SCU 2014-1 ⁃ Support PCI DSS v3.0 in SCU 2014-1 ⁃ Updated platform support for UBUNTU, Windows 2012 R2 & SQL 2012 FFeatureseatures • Extensive, out-of-the-box technical content including the latest Center for Internet Security (CIS) benchmarks for OS platforms, databases, and applications • Broad and deep platform coverage for servers, endpoints, databases, hypervisors and virtual machines, and mission critical applications, including mainframes • Discovery and assessment of both hypervisor and guest operating systems for centralized, scalable security configuration management of virtualized environments • Flexible agent-based and agentless data gathering options available on a unified platform with a single management interface • Risk-based, highly customizable, out-of-the-box remediation workflows, including exception management, which supports integration with existing business processes • Scalable data framework enables the easy aggregation and normalization of technical controls data from multiple sources Data Sheet: Security Management Symantec Control Compliance Suite Standards Manager 2
  • 3. • Ad hoc query interface for near real-time assessment of threat exposure CusCustomer Benefitstomer Benefits • Enable the secure migration to and deployment of a software-defined data center transformation initiative • Harden the virtual and physical infrastructure through the integration with Symantec Data Center Security: Server and Advanced Server • Improve cybersecurity and data breach prevention capabilities by enabling the efficient discovery of rogue networks and assets • Optimize assessment and reporting of security configuration standards across physical and virtual assets • Leverage role-based, automated and risk-prioritized dashboard and reporting to align priorities and optimize resource allocation for risk remediation • Improve overall security posture, discover configuration drifts, and reduce audit failures with automated security configuration assessments • Align security operations with compliance and IT risk management by automating the mapping of assets to controls, control statements, and an extensive and regularly updated library of security best practice frameworks and standards. • Reduce management complexity and minimize operational costs by combining agent-based and agentless data gathering options via a unified management interface OverOverview of Control Compliance Suiteview of Control Compliance Suite Symantec Control Compliance Suite (CCS) is a modular, highly scalable, and comprehensive solution for automating security and compliance assessments across the physical and virtual data centers, and across public clouds. Each of the seven Control Compliance Suite Modules is available independently or as part of a broader suite. The Control Compliance Suite Control Studio and Infrastructure combines evidence from the multiple modules as well as third party systems, and maps assets and evidence to control statements, standards, and policies and regulations to enable mandate-based reporting and risk assessments. Role-based, customizable Web-based dashboards, and reports enable the organization to measure risk and track the performance of its security and compliance programs. Workflow integration with remediation ticketing systems enable organizations to align security operations with compliance and risk management operations, prioritize risk mitigation and remediation activities, and optimize security and IT operations. Control Compliance Suite-ModulesControl Compliance Suite-Modules • SSymantec™ Control Compliance Suite Pymantec™ Control Compliance Suite Policolicy Managery Manager automates policy definition and policy life cycle management with out-of-the-box policy content for multiple mandates, automatically maps assets to controls, standards and regulatory mandates, identifies common controls to enable “assess once and report to multiple mandates”, and delivers content and technical standards updates on a quarterly basis. • SSymantec™ Control Compliance Suite Risk Managerymantec™ Control Compliance Suite Risk Manager aligns security and compliance operations with business priorities by defining risks according to business thresholds, mapping risks to assets, controls and owners, calculating risk scores. This information can be used to prioritize resource allocation, enable alignment of security operations with compliance, and prioritize risk mitigation and remediation. Customers also utilize Risk Manager to measure and track the performance of its compliance and risk reduction programs. • SSymantec™ Control Compliance Suite Standards Managerymantec™ Control Compliance Suite Standards Manager is a leading asset discovery and configuration assessment solution. The solution is employed to harden the physical and virtual infrastructure, detect configuration drifts, and evaluate if systems are secured, configured, and patched according to standards for security operations and compliance reporting. Data Sheet: Security Management Symantec Control Compliance Suite Standards Manager 3
  • 4. • SSymantec™ Control Compliance Suite Vymantec™ Control Compliance Suite Vulnerabilitulnerability Managery Manager performs end-to-end vulnerability assessment of Web applications, databases, servers, and network devices, delivering a single view of security threats and vulnerabilities across the physical and virtual infrastructure. • SSymantec™ Control Compliance Suite Virtualization Securitymantec™ Control Compliance Suite Virtualization Security Managery Manager enables role-based separation of duties and access within the virtual infrastructure; monitors and reports on the activities of privileged users within the virtual environment, and assesses for compliance to privileged user virtualization security policies. • SSymantec™ Control Compliance Suite Assessment Managerymantec™ Control Compliance Suite Assessment Manager automates the assessment of procedural controls governing employee behavior. Assessment Manager offers out of the box, comprehensive coverage for 100+ regulations, frameworks & best practices that are translated into questionnaires to assess the effectiveness of procedural controls. These questionnaires can also be used to evaluate overall employee security awareness and to support security awareness training. • SSymantec™ Control Compliance Suite Vymantec™ Control Compliance Suite Vendor Risk Managerendor Risk Manager enables the assessment and monitoring of your vendor risk exposure including third party business process services, application developers, and cloud service providers by automating security and compliance assessments. SSysystem Requirementstem Requirements- Control Compliance Suite CoreControl Compliance Suite Core SofSofttware Requirementsware Requirements Operating SOperating Sysystemtem • Windows Server 2003 SP2 x64 Enterprise or Standard edition • Windows Server 2003 R2 SP2 x64 Enterprise or Standard edition • Windows Server 2008 SP2 x64 Enterprise or Standard edition • Windows Server 2008 R2 x64 Enterprise or Standard edition DatabaseDatabase • Microsoft SQL Server 2005 SP2 or later (32-bit and 64-bit computers) • Microsoft SQL Server 2008 SP1, SP2 (32-bit and 64-bit computers) • Microsoft SQL Server 2008 R2 (32-bit and 64-bit computers) Other SofOther Softtwareware • Microsoft .Net Framework 3.5 SP1 • Oracle Instant Client 10.2.0.4 • Internet connection for CCS service • Internet Explorer 8.0 • Internet Information Service (IIS) • ASP.NET v4.0.30319 • ASP.NET v4.0.30319 Web Service Extensions Hardware RequirementsHardware Requirements FFor deployment on a single seror deployment on a single serverver • Minimum memory: 4GB • Minimum processor: Dual Proc 3GHz • Minimum hard disk space: 140GB SQL SerSQL Serverver Data Sheet: Security Management Symantec Control Compliance Suite Standards Manager 4
  • 5. • Minimum memory: 4GB • Minimum processor: Dual Proc 3GHZ • Disk Sizing: Refer to the Planning and Deployment Guide More Information Visit our website http://enterprise.symantec.com To speak with a Product Specialist in the U.S. Call toll-free 1 (800) 745 6054 To speak with a Product Specialist outside the U.S. For specific country offices and contact numbers, please visit our website. About Symantec Symantec protects the world’s information, and is a global leader in security, backup, and availability solutions. Our innovative products and services protect people and information in any environment – from the smallest mobile device, to the enterprise data center, to cloud-based systems. Our world-renowned expertise in protecting data, identities, and interactions gives our customers confidence in a connected world. More information is available at www.symantec.com or by connecting with Symantec at go.symantec.com/socialmedia. Symantec World Headquarters 350 Ellis St. Mountain View, CA 94043 USA +1 (650) 527 8000 1 (800) 721 3934 www.symantec.com Copyright © 2014 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. 21328945 04/14 Data Sheet: Security Management Symantec Control Compliance Suite Standards Manager 5