October 26, 2010
NetIQ Supplies Large Federal Agency with Unparalleled Security and Compliance Management
Solution Helps Protect Sensitive Data and Demonstrate Compliance with Federal Security Mandates
NetIQ today announced its agreement to provide a large federal agency with a solution for monitoring, measuring and reporting on the effectiveness of their security controls. NetIQ will help this federal agency achieve compliance with federal regulations including the Federal Information Security Management Act (FISMA) and the U.S. Government Configuration Baseline (USGCB) standard while enabling the agency to improve data security.
NetIQ partnered with MED Trends, Inc.—an information technology systems integrator and a CVE Certified Service-Disabled Veteran Owned Small Business—to provide the knowledge, skills, technology and support required by this large federal agency. With over 6,500 servers and up to 150,000 desktops in their environment, this agency needs a scalable, flexible and reliable security and compliance management solution to ensure data protection and address regulatory requirements.
Comprising the following products, the NetIQ solution intelligently audits and reports on server and desktop security configurations, while automating compliance and security processes to address the most significant security problems this federal agency faces:
- NetIQ® Secure Configuration Manager™: Provides out-of-the-box assessment capabilities to rapidly generate compliance reports, identify non-compliant systems and track exceptions. Delivered with the NetIQ Security Content Automation Protocol (SCAP) module, NetIQ Secure Configuration Manager generates compliance reports using the National Institute of Standards and Technology (NIST)-defined and SCAP-based reporting formats, supports USGBC across Windows and performs standardized UNIX assessments.
- NetIQ Aegis®: Delivers automated workflow capabilities for security and compliance processes, bringing control and automation to IT Operations and Security departments, reducing workload, shortening time to compliance and providing superior process documentation.
In conjunction with NetIQ products, MED Trends is implementing complementary components to support the agency's requirements. A Common Control Framework will map controls across federal regulations and frameworks, linking policy to technical standards. A presentation engine will deliver management reporting and risk-based dashboards to enable rapid identification of high-risk areas and review and prioritize areas of non-compliance. "As a CMMI Level II certified and an ISO 9001:2008 registered company, MED Trends brings proven capabilities to the project for this large federal agency," stated Kevin Spivey, President, MED Trends, Inc.
"Ensuring data protection, while meeting compliance requirements, is daunting for federal agencies—both from a resource and cost perspective," noted Ron Hardy, vice president of Product Management and Marketing at NetIQ. "Our goal is to alleviate this burden for this large federal agency by architecting a more scalable and mature security and compliance program. With the combined technology and services that we deliver with MED Trends, we will help control the cost of compliance reporting, reduce organizational risk and protect the agency's critical infrastructure and the data it houses."
NetIQ is an enterprise software company with relentless focus on customer success. Our portfolio for managing Security & Compliance, Identity & Access, and Performance & Availability helps organizations cost-effectively tackle information protection challenges such as PCI DSS, HIPAA, SOX and NERC CIP and manage the complexity of dynamic, highly-distributed application environments. For information on how our solutions yield greater strategic value, business improvement and cost savings, contact us.
Copyright© 2017 Micro Focus Corporation. All Rights Reserved. Micro Focus and the Micro Focus logo are trademarks or registered trademarks of Micro Focus Corporation in the USA. All other trademarks, trade names, or company names referenced herein are used for identification only and are the property of their respective owners.