Other product variants may be available, please contact usor
request a call back
if you cannot see what you are looking for.
Product Information
By mapping IT controls against predefined policy content, McAfee Policy Auditor helps you report consistently and accurately against key industry mandates and internal policies across your infrastructure or on specific targeted systems. Policy Auditor is an agent-based IT audit solution that leverages the Security Content Automation Protocol (SCAP) to automate the processes required for internal and external IT audits.
Streamlined deployment and management — The McAfee ePolicy Orchestrator (ePO) platform provides easy Policy Auditor deployment, and simplified reporting and compliance management.
Flexible policy formation — Within minutes, Policy Auditor allows for the creation of new policies designed by you, set by corporate governance, or from authoritative sites such as Federal Desktop Core Configuration (FDCC). Real-time audits and controls for setting the frequency of data capture deliver timely information for compliance.
Predefined templates and controls — Policy Auditor comes with predefined benchmark templates and the ability to ensure protection of the business by employing blackout windows that halt data capture during key business periods.
Policy Auditor simplifies the process of demonstrating compliance, increases efficiency, and reduces uncertainty. With regularly updated policy templates combined with agent-based software, you’ll be able to take inventory more accurately, assess risk, and prioritise remediation of managed assets.
Documents & Downloads
» McAfee Policy Auditor DataSheet
Features
Predefined templates for industry regulations
Choose from a selection of predefined guideline templates established by government legislation and industry regulations, such as SOX, HIPPAA, Payment Card Industry (PCI), GLBA and more; select the policy that matches your network requirements and customise it
Audit a full spectrum of vulnerabilities
Check for all types of vulnerabilities on managed systems; perform compliance audits for software defects, unnecessary services, unsecured accounts, misconfigurations, and back doors
Define risk from all angles
Determine a device's overall risk status; measure business risk, technical asset rating, and vulnerabilities
Continuous updates 24/7
Stay updated on vulnerabilities and exploits—and the remediation action to handle them
Works with popular operating systems and applications
Conduct audits on popular operating systems, like Microsoft Windows, AIX, HP-UX, Solaris, Linux; assesses common applications like Microsoft Office, Microsoft FrontPage, Microsoft SQL Server, Apache, OpenSSL, and McAfee security products
Integrates with McAfee Remediation Manager
Remediate noncompliant and vulnerable systems automatically; Policy Auditor notifies Remediation Manager about what actions need to be taken and the order of priority
Benefits
Demonstrate compliance accurately
Minimise the guesswork; quickly determine your level of compliance by automating the manual audit process to determine your compliance with internal and external policies, government and industry regulations, and security requirements
Save time and resources
Cut down the amount of time it takes your IT staff to inventory your assets, collect policy data, map IT controls to policy, and perform host-based assessments
Reduce the high cost of risk
Lower recovery costs of security breaches that can result in business disruption; eliminate fines due to failed audits
Simplify management
Integrate with ePolicy Orchestrator for simplified deployment of the Policy Auditor agent; import asset data from ePO to eliminate the headaches of managing your critical asset data in two places
Prioritise your actions
Find out which devices pose the greatest risk for your network; integrate with Remediation Manager for automated remediation of critical vulnerabilities and policy violations
Reduce financial risk of credit card transactions
Stay on top of compliance requirements set by credit card associations with our easy-to-use compliance templates
System Req.
Operating systems
- Microsoft Windows Server 2003 Standard Edition, SP1
- Windows Server 2003 Enterprise Edition, SP1
The server cannot be installed on the following types of machines:
- Primary Domain Controller (PDC)
- Backup Domain Controller (BDC)
- Active Directory Controller (ADC)
Processor
- Intel Pentium compatible, 3 GHz or above Network
Network Interface
Memory
Number of devices — Server memory requirements
- 2000 — 1 GB
- 4000 — 1.5 GB
- 6000 — 2 GB
Free disk space
- Policy Auditor Server: 2.8 GB for server installation, allow an additional 10 MB/device. * * Policy Auditor Download Server: 2.8 GB and 20 GB for file downloads
Graphics
- VGA graphics, 1024x768 resolution
Software
- Microsoft ASP.NET
- Microsoft.NET Framework v1.1, SP2
- Web server IIS 6.0
- Web browser—Microsoft Internet Explorer 6.0
(IIS and web browser must be installed prior to installing the server.)
- Microsoft SQL Server 2005 with reporting services
(TCP/IP must be enabled as a protocol for SQL Server 2005.)