Total Protection (ToPS) for Compliance v7.x
Strengths: Visualization tools, mobile device support, vulnerability management capabilities.
Weaknesses: Only a cosmetic one: The vulnerability manager tool is outside of ePO with separate interfaces.
Verdict: The added capabilities for asset management and vulnerability management made a good tool even better.
ToPS for Compliance and ePolicy Orchestrator (ePO) software is an extensible management platform that enables centralized policy management and enforcement of security products and the systems where they are installed. There are multiple modules supported under the ePO platform. ToPS for Compliance enables organizations to conduct compliance audits, configuration assessment, vulnerability assessment, asset management, threat correlation and risk assessment for a range of technologies. It provides these functionalities by integrating McAfee Vulnerability Manager, McAfee Asset Manager and McAfee Policy Auditor on a single management platform, McAfee ePolicy Orchestrator. For this review we focus on the risk, policy, asset and vulnerability manager modules.
The asset and vulnerability modules are new or updated in this version. The integration of McAfee Asset Manager and McAfee Vulnerability Manager provides added network visibility for the enterprise, enabling a comprehensive view of security, configuration, compliance and risk management on the network. McAfee Asset Manager provides complete network visibility with real-time network, device and user intelligence, enabling McAfee Vulnerability Manager to maintain network-wide, up-to-date, total risk visibility. By leveraging the integration between McAfee Asset Manager and McAfee Vulnerability Manager, total risk visibility can be combined with threat information in near real-time, creating a view of total risk intelligence that reflects the actual risk state of a network.
ToPS for Compliance conducts agent/agent-less scans on anything with an IP address - from print servers to smartphones to critical infrastructure devices. The same console serves as the "single pane of glass" from which detailed analytics can be viewed and reported. All risk, policy and asset management and reporting is contained in ePO. The Vulnerability Manager is a separate interface, but data is exchanged automatically and rolled-up reporting is available in ePO. The Vulnerability Manager does have its own reporting capabilities and can actually stand alone.
Key features include active and passive network protection, where network information is continuously collected in real time to reflect the current state of the network. The active and passive network discovery and monitoring reveals servers, laptops, networking equipment virtualized, and mobile and hidden devices on a network, including mobile devices such as such as Windows, BlackBerry, iOS and Android devices. Threat identification and correlation is offered, as the tool automatically ranks the risk potential of new threats by correlating events to assets and vulnerability data. It also automates manual audits and the configuration assessment and compliance assessment (SOX/PCI/HIPAA/FDCC/ISO27002) of environments. Priority-based auditing and remediation combines vulnerability, severity and asset criticality information to quickly identify, rank and address violations and vulnerabilities. Additionally, the threat detection capabilities for even non-managed (agentless) devices using the information fingerprinted on the device and McAfee's threat database is a great source of information. Reporting was very strong and the usability/visualization capabilities, such as the drilldown to vulnerability root cause/remediation information, is great.
ToPS for Compliance is delivered as software or appliance and can also be installed on virtual machines. It can be implemented and collecting data for analysis in a matter of minutes. ToPS deploys on Windows Server 2003 or 2008 R2 and supports SQL Server 2005, 2008 Express or 2008 R2 database platforms.
Support includes 24/7 access to phone, email and website resources. There are several premium options available. The fee for the support varies with the implementation size and support options selected.