Automated enforcement of the central company and IT security guidelines
In addition to the Network Access Control, detailed monitoring of the authorised systems with respect to compliance with the security guidelines is increasingly important. In many situations, small “security breaches“ are adequate to provide easily accessible points of attack. Permanent monitoring of the “compliance status“ and automated enforcement of guidelines is thus indispensable. As a specialist for Network Access Control, macmon secure is aware of this requirement. With macmon compliance, macmon is the first manufacturer to offer the option to use multiple, connectable components in order to effectively enforce the company guidelines.
Use of any manufacturer independent sources for ascertaining compliance status. The decisive factor here is that 99% of companies already use systems that is capable of ascertaining the compliance status of the endpoints and informing the administrators about any discrepancies. However, almost all of them commonly require manual enforcement of the guidelines or the enforcement is reactive at best.
Here, macmon Network Access Control solution offers the required, decisive support: The macmon compliance add on module includes four different components: Depending on the requirements, the compliance status can be received from external sources, actively solicited through connection to external databases or actively determined by macmon agents. Additionally, macmon can use events from the integrated IF-MAP technology. The key function therefore takes over the open interface of macmon, that can smartly use any manufacturer independent source to transfer the compliance status of an endpoint to macmon. Connection of multiple and different sources is also easily possible at the same time.
The compliance status for every endpoint is displayed within the macmon GUI. If the status is changed by another system, such as Endpoint Security, Intrusion Prevention, Security Incident and Event Management, Patch Management or Vulnerability Management, the change including information about the source and the reason for the change are displayed. The flexible macmon policy enables configuration of the reaction to the change in status in the usual, simple way. Endpoints that are not compliant any more are then, for example, moved to quarantine and moved back to their original network area after healing and corresponding change to the new status. The options for combination are therefore free from limitations and allows you to use macmon as the central force in the network.
Complete vendor independence at this stage adds again value to the investments that have been made by you. Existing systems with the task of monitoring the guidelines obtain an automatically enforcement instance from macmon. A key advantage of the combination of different solutions is that the responsibilities of the individual IT departments are not altered. The administrator of the respective system decides on how and when a violation of the guidelines will be reacted to. With macmon, the network department offers automation for isolation tasks. They do not have to interfere in any way as isolation and restoration take place automatically as per the policy.
Speak to ITB about macmon Partner Compliance licences today:
CALL for Information and Pricing