Proactive Network Security

McAfee Vulnerability Manager gives IT admins valuable tools to assess and manage risk.

Tony Bradley writes and blogs on network security and other technology topics. You can follow Tony on his Facebook page, or contact him by e-mail at tony_bradley@pcworld.com. He also tweets as @TheTonyBradley.

Threats and vulnerabilities are a way of life for IT administrators. With the continued rise of computer and network attacks, the threat is virtually constant. McAfee Vulnerability Manager enables an organization to identify vulnerabilities and policy violations and prioritize them based on the risk they represent within the organization's unique infrastructure. McAfee Vulnerability Manager also helps IT departments monitor and maintain compliance with regulatory and industry security requirements.

End-User Advantages

Let's face it: When it comes to managing risk, protecting government data and securing the PC, the primary concern for users is simply that the tools used stay out of the way. McAfee Vulnerability Manager does an excellent job of running unobtrusively and getting the job done without getting in the way of the user's job.

Why It Works for IT

McAfee offers Vulnerability Manager as software you can install on your own physical or virtualized servers, or as a hardened appliance. Each has pros and cons, but you get the same underlying McAfee Vulnerability Manager either way. It's also available as SaaS (Software as a Service) or through several companies as a managed service.

The software integrates with common asset management systems such as LDAP and Microsoft Active Directory, as well as McAfee ePolicy Orchestrator (ePO). McAfee Vulnerability Manager conducts network discovery to map every asset on the network and helps identify and inventory virtual computers, rogue devices and other connected systems to maintain an accurate inventory.

The risk assessment relies on McAfee's patented FoundScore, a unique algorithm based on asset criticality, resource type, identified vulnerabilities and their associated risks, and other variables. Vulnerability Manager also supports the Common Vulnerability Scoring System (CVSS) and provides base, temporal and environmental scores for each vulnerability to help prioritize them. In addition, McAfee Vulnerability Manager takes into account other security controls already in place when determining the actual exposure of a vulnerable asset to a given threat.

McAfee Vulnerability Manager also helps IT admins harness compliance. Often treated as competing one-off projects, compliance efforts are frequently implemented and maintained separately and inefficiently. Compliance audits represent only a snapshot in time, but passing is often the only goal, and ongoing monitoring usually is not conducted to ensure compliance between audits.

McAfee Vulnerability Manager provides vulnerability scanning templates for all of the most common compliance frameworks, including: Sarbanesâ€“Oxley (SOX); Health Insurance Portability and Accountability Act (HIPAA); PCI; Federal Information Security Management Act (FISMA); BASEL II; and Grammâ€“Leachâ€“Bliley Act (GLBA), among others. The scans and reports from McAfee Vulnerability Manager provide IT admins with critical information that can be used to maintain compliance more effectively and efficiently, especially in organizations burdened by multiple compliance mandates.

One of the more interesting reports I found was the ability to identify what could be fixed or avoided if the right tools were in place. With a few clicks, IT admins can generate a report spelling out the number of affected systems, and the number of applicable threats that might be addressed if another solution were in place. Quantifiable, real-world data such as this is an invaluable tool for making the case to executives to allocate funds for additional security purchases or to validate existing investments.

Disadvantages

While McAfee Vulnerability Manager provides value in and of itself, much of the value of the solution lies in integrating it with McAfee ePolicy Orchestrator and other McAfee enterprise security tools. Organizations that don't use these tools will have a more limited experience with Vulnerability Manager.

The starting price for the McAfee Vulnerability Scanner appliance might also be a little steep for a lot of small and medium-size agencies.

Overall, though, McAfee Vulnerability Scanner performed admirably. Both the scope of its capabilities and the depth of its assessments and reports provide valuable, actionable data that IT admins need. McAfee Vulnerability Manager can quickly pay for itself by reducing or eliminating exposure to risk and proactively securing the network.