U.S. Federal Government

Regulations and the corresponding audits are becoming the bane of IT providers in the federal government. The greatest of these regulations is the Federal Information Security Management Act (FISMA) of 2002. Moreover, many federal agencies and contractors are in the throes of implementing ITIL-based service management. Generally starting with four of the foundational processes – configuration, incident, problem and change management – ITIL has significant implications for IT providers in the federal government.

At NetIQ, we develop easy to use, modularly integrated systems and security management solutions that assist customers with compliance while enabling these organizations to secure their IT assets and manage risk.

Business Problem

Federal agencies and contractors are under continuous pressure from reduced budgets while having to do more to comply with federal regulations and evolving threats to security and service reliability. FISMA mandates each federal agency to create and implement a comprehensive information security program and report compliance to Congress on an annual basis. As part of FISMA, federal agencies are navigating through mountains of standards, largely promulgated by the National Institute of Standards and Technology, such as FIPS PUB 199, Standards for Security Categorization of Federal Information and Information Systems and SP 800-53, Guide for the Security Certification and Accreditation of Federal Information Systems. Meanwhile, implementing ITIL necessitates changes to organization, processes and technologies.

Key hurdles include:

• Implementing a process-based approach to security management and compliance
• Demonstrating compliance while still meeting service levels and business objectives
• Aligning security initiatives with federal and agency priorities
• Reducing the long-term cost of providing IT services

The NetIQ Solution

NetIQ solutions in Performance & Availability, Security Management and Windows Administration assist you in demonstrating compliance with regulations such as policies, organizational policies, and best practices such as ITIL. NetIQ has a variety of products for assuring compliance, including systems performance and availability monitoring, IT system access control and segregation of IT personnel duties. NetIQ solutions also provide auditing and reporting on IT security policy assessment and monitoring systems to detect attacks and intrusions.

• Performance Management – Meet service level commitment, end-user expectation and business-driven IT performance objectives, while reducing your operating costs.
• Security Management – Monitor your diverse security environment, resolve incidents and satisfy log management requirements without consuming all your time and resources.
• Configuration Management – Demonstrate IT compliance with policies and regulations through security configuration management, regulatory mapping and reporting.
• Change Control – Control and audit system changes to assure the integrity of your distributed IT infrastructure through time-based, task-specific permissions management.
• Windows Administration – Delegate and automate administrative tasks to streamline your work, while maximizing your return on Windows and Active Directory.

Key Features

In helping federal organizations assure compliance, secure assets and manage risk, NetIQ products can:

• Develop policies quickly and easily throughout the enterprise, including policies for security configuration, education and awareness. With NetIQ VigilEnt Policy Center, stakeholders can easily create, review and approve policies online to expedite consensus and reduce time and effort.
• Check for policy compliance, security vulnerabilities, and patches across all your systems on an automated schedule. With NetIQ Secure Configuration Manager, you automatically receive information on the latest vulnerabilities, exploits, patches and policy best practices so you can immediately identify and correct any issues.
• Protect sensitive information by defending against denial of service attacks, detecting when a service account is used for interactive logons, detecting rogue processes and alerting on suspicious failed logon attempts. With NetIQ Security Manager, you can also protect attacked systems from further harm by taking actions such as automatically logging off unauthorized users, shutting down rogue processes and reconfiguring firewall rules.
• Consolidate event logs in real time for investigation of security incidents and compliance with regulatory requirements. With NetIQ Security Manager, you can store event log entries from all types of systems in a centralized repository and correlate them with other types of events. This prevents intruders from covering their tracks and maintains a chain of custody for evidence purposes.
• Provide secure and automated management of your Windows environment, leading to further compliance with regulatory mandates. NetIQ Security Administration Suite products help you manage information access by managing Active Directory permissions for user accounts, groups and computer accounts, controlling file and folder permissions throughout the file system and monitoring changes to Group Policy-permissions in real time.

 

Solutions
	Overview
	Enterprise Sys. & App. Management
	Security & Compliance Management
	Operational VMware Management
	IT Process Automation
	Regulations & Standards
	Platforms & Applications
	Industry Solutions
	Financial Services Health Care / Pharmaceuticals U.S. Federal Government   Contact Us Contracts Events
	IT Infrastructure Library (ITIL)
	By Roles & Responsibilities

	Simplify, Automate, and Accelerate FDCC Implementations
	NetIQ Security Management Solutions for the Federal Sector
	Customer Story: AppManager Helps U.S. Army Manage Web Access to Millions of Personnel Documents