McAfee Total Protection (ToPS) for Compliance v7.X
Ranges from $16.38 to $103.54 per node based on the number of nodes.
Strengths: One of the few products we reviewed that can actually automate remediation; strong reporting and dashboarding; manage risk, don’t just report it.
Weaknesses: Vulnerability scanning is cloud-based only; still relies on other McAfee products for most of its great capabilities.
Verdict: The product is very good for IT risk in any environment, but is outstanding in a pure McAfee environment.
McAfee Total Protection for Compliance uses agent-based and agentless technology to audit, assess and report across managed and unmanaged systems, reducing the time and effort required for impact assessment of new threats and patching and compliance audits of IT systems. The tool combines McAfee's Vulnerability Manager, Risk Advisor and Policy Auditor offerings and integrates them with its ePO tool to create a single platform for risk analysis and compliance reporting.
ToPS for Compliance is delivered as standalone software or via an appliance-based offering. It also can be installed on physical or virtual machines. It requires MS Windows 2003 or 2008 and MS SQL (standard or Express) 2005 or 2008. Typical deployments were reported to be a few days. We would expect to add in further time to customize reports, build the initial audits and tune the product for specific use.
ToPS addresses risk at the IT risk level. This product assumes compliance is a by-product of good security and focuses on assessing one's IT, network and endpoint risk posture. The agentless option for gathering data from endpoints is a strong feature, allowing one to gather valuable information from systems with a zero footprint on those devices. The agent-based and agentless collectors can co-exist in the same environment so one has numerous deployment options.
ToPS proactively correlates threats with system-state information, including vulnerability data (cloud-based scanning only), patch level, configuration information, application data and countermeasure information to find critical assets at risk and optimize remediation/patch efforts. ToPS is integrated with McAfee products and several third-party products to deliver closed-loop remediation. While last year we saw a very McAfee-centric offering, we did see more support this year for non-McAfee products and were told that the intent was to continue enhancing support for further third-party integrations.
The content library was complete and contained and supported standards, like XCCDF and OVAL. The correlation was efficient, taking a single policy and applying it to all asset types and compliance requirements. The audit dashboard is an effective tool for viewing IT risk at a high level with the ability to drill down into detailed data. There is a built-in exception capability workflow allowing users to create "waivers" and manage the automated approval process. The risk management what-if analysis option gives one a solid tool for justifying IT spending. Too, one can model changes and show the risk impact to the environment. The reporting tools are powerful, allowing users to create, roll up and automate items and even use several reports to create a single report for the auditors. The correlation of threat, vulnerability and countermeasure data provides users with a very powerful prioritization capability for premier risks.Support pricing was not provided, but we were told that 24/7 support is available for a fee based on size. Documentation was not supplied, so we cannot comment on that portion either. ToPS allows users to get the real measure of one's security and risk compliance.