Tactical Advice

Proactive Network Security

McAfee Vulnerability Manager gives IT admins valuable tools to assess and manage risk.
Proactive Network Security

Threats and vulnerabilities are a way of life for IT administrators. With the continued rise of computer and network attacks, the threat is virtually constant. McAfee Vulnerability Manager lets a business identify vulnerabilities and policy violations and prioritize them based on the risk they represent within the organization's unique infrastructure. McAfee Vulnerability Manager also helps IT departments monitor and maintain compliance with regulatory and industry security requirements.

End-User Advantages

Let's face it: When it comes to managing risk, protecting company data and securing the PC, the primary concern for users is simply that the tools used stay out of the way. McAfee Vulnerability Manager does an excellent job of running unobtrusively and getting the job done without getting in the way of the user's job.

Why It Works for IT

McAfee offers Vulnerability Manager as software you can install on your own physical or virtualized servers, or as a hardened appliance. Each has pros and cons, but you get the same underlying McAfee Vulnerability Manager either way. It's also available as SaaS (Software as a Service) or through several companies as a managed service.

The software integrates with common asset management systems such as LDAP and Microsoft Active Directory, as well as McAfee ePolicy Orchestrator (ePO). McAfee Vulnerability Manager conducts network discovery to map every asset on the network and helps identify and inventory virtual computers, rogue devices and other connected systems to maintain an accurate inventory.

The risk assessment relies on McAfee's patented FoundScore, a unique algorithm based on asset criticality, resource type, identified vulnerabilities and their associated risks, and other variables. Vulnerability Manager also supports the Common Vulnerability Scoring System (CVSS) and provides base, temporal and environmental scores for each vulnerability to help prioritize them. In addition, McAfee Vulnerability Manager takes into account other security controls already in place when determining the actual exposure of a vulnerable asset to a given threat.

McAfee Vulnerability Manager also helps IT admins harness compliance. Often treated as competing one-off projects, compliance efforts are frequently implemented and maintained separately and inefficiently. Compliance audits represent only a snapshot in time, but passing is often the only goal, and ongoing monitoring usually is not conducted to ensure compliance between audits.

McAfee Vulnerability Manager provides vulnerability scanning templates for all of the most common compliance frameworks, including: Sarbanes–Oxley (SOX); Health Insurance Portability and Accountability Act (HIPAA); PCI; Federal Information Security Management Act (FISMA); BASEL II; and Gramm–Leach–Bliley Act (GLBA), among others. The scans and reports from McAfee Vulnerability Manager provide IT admins with critical information that can be used to maintain compliance more effectively and efficiently, especially in organizations burdened by multiple compliance mandates.

One of the more interesting reports I found was the ability to identify what could be fixed or avoided if the right tools were in place. With a few clicks, IT admins can generate a report spelling out the number of affected systems, and the number of applicable threats that might be addressed if another solution were in place. Quantifiable, real-world data such as this is an invaluable tool for making the case to executives to allocate funds for additional security purchases or to validate existing investments.

Disadvantages

While McAfee Vulnerability Manager provides value in and of itself, much of the value of the solution lies in integrating it with McAfee ePolicy Orchestrator and other McAfee enterprise security tools. Organizations that don't use these tools will have a more limited experience with Vulnerability Manager.

The starting price for the McAfee Vulnerability Scanner appliance might also be a little steep for a lot of small and medium-size businesses.

Overall, McAfee Vulnerability Scanner performed admirably. Both the scope of its capabilities and the depth of its assessments and reports provide valuable, actionable data that IT admins need. McAfee Vulnerability Manager can quickly pay for itself by reducing or eliminating exposure to risk and proactively securing the network.

You can follow Tony on his Facebook page, or contact him by e-mail at tony_bradley@pcworld.com. He also tweets as @TTheTonyBradley.
Sign up for our e-newsletter

About the Author

Tony Bradley

Tony Bradley

Tony Bradley writes and blogs on network security and other technology topics. You can follow Tony on his Facebook page, or contact him by e-mail at tony_bradley@pcworld.com. He also tweets as @TheTonyBradley.

Security

Three Ways to Integrate Fire... |
Follow these tips to align the devices with log management and incident tracking systems.
Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...

Storage

The New Backup Utility Proce... |
Just getting used to the Windows 8 workflow? Prepare for a change.
How to Perform Traditional W... |
With previous versions going unused, Microsoft radically reimagined the backup utility in...
5 Easy Ways to Build a Bette... |
While large enterprises have the resources of an entire IT department behind them, these...

Infrastructure Optimization

Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Ensure Uptime Is in Your Dat... |
Power and cooling solutions support disaster recovery and create cost savings and...
The Value of Converged Infra... |
Improvements in security, management and efficiency are just a few of the benefits CI can...

Networking

Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...
How to Maximize WAN Bandwidt... |
Understand six common problems that plague wide area networks — and how to address them.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Mobile & Wireless

Now that Office for iPad Is... |
After waiting awhile for Microsoft’s productivity suite to arrive, professionals who use...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Hardware & Software

New Challenges in Software M... |
IT trends such as cloud, virtualization and BYOD pose serious hurdles for software...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.
The Tools That Power Busines... |
Ever-evolving analytic software can greatly improve financial institutions’ decision-...