Winner: NetIQ for NetIQ Secure Configuration Manager
As workstation, server, network and security device configuration are increasingly difficult to manage and security threats and the regulatory landscape continue to evolve, organizations need tools that help them address impending risks and alleviate the administrative headaches that accompany compliance mandates. NetIQ Secure Configuration Manager (SCM) is specifically designed to provide organizations with configuration control over their heterogeneous systems so they can confidently meet their operational and compliance objectives. By assessing system configurations against defined standards, based on industry best practices or compliance mandates, SCM delivers a risk-based approach for managing configuration weaknesses, patches and other host-level vulnerabilities before they result in security breaches, failed audits or costly downtime. SCM automates the assessment of security baselines, system integrity analysis, user entitlement reporting, baselining and delta reporting, as well as business exception management. All these features help organizations not only cut the cost of compliance, but ensure that enterprise assets routinely meet compliance standards.
SCM is designed to help enterprise customers comply with multiple regulations, standards and risk objectives. Surpassing traditional or niche solutions, SCM quantifies the risks associated with security configuration and policy violations, enabling remediation prioritization. Additionally, it offers capabilities in the following areas, often above and beyond those of its competitors: baseline reporting and change reporting for critical systems; user entitlement reporting to ensure that users have access to only necessary resources; secure exception management for improved and better-managed business alignment; integrated and automated compliance and event process automation with NetIQ Aegis; threat and asset scoring that ensures highest priority items are tracked first; and security content automation protocol (SCAP) validation for Federal Desktop Core Configuration (FDCC) compliance reporting.Finalists 2009
- Archer Technologies for Archer Policy Management
- BigFix for BigFix Enterprise Suite 7.0
- NetIQ for NetIQ Secure Configuration Manager
- Shavlik Technologies for Shavlik NetChk Compliance
- Symantec Corporation for Symantec Control Compliance Suite