At the heart of the risk management lineup is Foundstone Enterprise 5.0, a revamped threat management solution that companies can use to identify areas of vulnerability in their networks, said George Kurtz, senior vice president of risk management at McAfee, Santa Clara, Calif. Foundstone includes a realtime threat information feed and automated reporting that helps organizations to figure out where to focus remediation efforts.
Previous versions of Foundstone couldn't scan non-Windows systems, but version 5.0 enables companies to conduct authentication checks in Unix and Linux systems, including the latest versions of Red Hat Enterprise, Solaris and AIX. "We're now getting much broader coverage with credentialed assessment," Kurtz said.
Deeper integration and bidirectional communication between Foundstone and third-party trouble-ticketing systems such as BMC Remedy is another enhancement that helps companies stay up to date with tasks such as patch management, he added.
Part of the thought process behind McAfee's 2004 acquisition of Foundstone was to leverage its ePolicy Orchestrator (ePO) platform, which manages security policies for more than 40 million endpoints, to provide a complete view of the state of network assets, according to Kurtz. Though Foundstone 5.0 hasn't yet been integrated with ePO, Foundstone eventually will be able to gather threat information from agent-based and non-agent-based systems, he said.
"We believe visualization into the agent and non-agent side can provide a better picture into what's happening in the environment," Kurtz said.
Foundstone 5.0 is designed work with two products McAfee gained in its acquisition of threat management vendor Preventsys in June. Preventsys Compliance Auditor takes data from Foundstone and compares it with corporate security policies to verify that compliance goals are being met, and Preventsys Risk Analyzer gathers vulnerability data from multiple vendors to spotlight a company's risks, said Michelle Johnson Cobb, group product marketing manager at McAfee.
McAfee partners with risk management certification are approved to sell McAfee Preventsys without additional certification requirements. However, when partners come up for renewal of their risk management certification, they will be required to take the new Preventsys certification module, which will be part of new risk management certification requirements that McAfee is developing, Cobb said.