McAfee Policy Auditor First Enterprise Ready Product to Complete U.S. Federal SCAP Validation Requirement

McAfee Policy Auditor First Enterprise Ready Product to Complete U.S. Federal SCAP Validation Requirement

SANTA CLARA, Calif., Sept. 10 /PRNewswire-FirstCall/ -- McAfee Inc. (NYSE: MFE - News), the world's largest dedicated security provider, today announced the Security Content Automation Protocol (SCAP) validation of McAfee® Policy Auditor 5.0. Classified as a Federal Desktop Core Configuration (FDCC) Scanner and Authenticated Configuration Scanner, Policy Auditor 5.0 is the first enterprise-ready product to achieve this validation, enabling U.S. Federal agencies to comply with the FDCC mandate.

In March 2007, The U.S. Office of Management and Budget (OMB) announced that Federal organizations must meet a core configuration standard for desktop computers. The FDCC mandate, as it is known today, aims to increase overall system security and reduce the cost of system and application maintenance. To help agencies meet these requirements, the National Institute of Standards and Technology (NIST) devised the SCAP validation program, which standardized the process by providing a list of best-practice solutions that would help individual agencies meet the requirements, including the implementation of FDCC scanners into continuous monitoring practices. While implementing SCAP validated solutions is currently a Federal requirement, it is quickly moving toward adoption in state and local governments as well as the healthcare industry.

Policy Auditor 5.0 has been built from the ground up to support SCAP. Its ease of implementation allows customers to quickly demonstrate compliance. Once authoritative templates are published in SCAP format, they are immediately compatible with Policy Auditor. Enabling customers to use authoritative templates minimizes misinterpretation between auditors and security teams, greatly reducing the manual efforts of audits and required IT staff bandwidth.

Policy Auditor is also completely integrated with McAfee ePolicy® Orchestrator (ePO(TM)), providing seamless management and reporting capabilities. Because both McAfee's Network Access Control (MNAC) and Policy Auditor share the same engine, federal customers now have the ability to use MNAC to quarantine devices that do not meet government specifications. This integration also allows compliance assessment and enforcement of products within minutes via one authoritative template.

"Maintaining compliance today requires a significant commitment of both cost and management oversight," said McAfee Public Sector Chief Technology Officer John Bordwine. "As a trusted security advisor to the federal government, McAfee is dedicated to providing our federal customers with comprehensive security solutions that interoperate with other McAfee technologies, in order to maintain federal mandates and compliance, while reducing unnecessary costs and management upkeep efforts."

This newly achieved SCAP validation again exemplifies McAfee's commitment to the federal marketplace, where it will continue to focus on the needs of government customers by providing products that meet federal requirements for certifications, regulations, and other requirements for greater security, which is vital to the public sector. In addition to SCAP and FDCC support, McAfee's broader portfolio also supports FISMA (NIST 800-53) requirements, as well as other government guidelines. This validation amplifies McAfee's customer dedication, enhancing the ability of currently deployed products while enabling government customers to meet compliance mandates.

Policy Auditor 5.0 can be purchased stand-alone or as part of the existing McAfee Total Protection for Endpoint -- Advanced. For more information, please visit http://www.mcafee.com.

About McAfee, Inc.

McAfee, Inc., headquartered in Santa Clara, California, is the world's largest dedicated security technology company. It delivers proactive and proven solutions and services that secure systems and networks around the world, allowing users to browse and shop the Web securely. With its unmatched security expertise and commitment to innovation, McAfee empowers home users, businesses, the public sector and service providers by enabling them to comply with regulations, protect data, prevent disruptions, identify vulnerabilities and continuously monitor and improve their security. http://www.mcafee.com.

McAfee, ePolicy Orchestrator, ePO and/or other noted McAfee related products contained herein are registered trademarks or trademarks of McAfee, Inc., and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. Any other non-McAfee related products, registered and/or unregistered trademarks contained herein is only by reference and are the sole property of their respective owners.

© 2008 McAfee, Inc. All rights reserved.