New Readers

 Home News and World Report Buyers Guide Global Excellence Technology Case Studies Editorial Awards About Info Security
2008 Best Deployment Scenario

 Simplifying Operational Security - Security Configuration Automation for IT Audit Readiness


Current Scenario: IT executives are increasingly confronted with the dual challenge of managing risk to their organization and complying with external and internal system mandates. Today, most vulnerabilities are a direct result of system configuration errors or the lack of a consistent means of measuring the condition or state of a given machine on the network. This often leaves a gap between an organization’s documented security policy vs. the existing state of individual systems on the network.  If an organization cannot prove adherence to security policy, the odds are likely it will not pass an IT system audit.

Info Security Products Guide
this article
COMPARE and print reports
RATE products

Tomorrow's Technology Today - Risk and Compliance Management

Tomorrow's Technology Today: Shavlik’s compliance management solution is automated to help you easily manage critical system and security configurations. Shavlik NetChkTM Compliance makes it easy to establish and manage a security configuration baseline, while helping to preserve organizational security and complying with either governmental or industry based regulations.

Shavlik’s solution provides a means of automating the development and management of a security baseline – thus reducing the risk of systems being out of compliance with stated policy.

With Shavlik NetChk Compliance, an organization can develop a security configuration baseline policy from scanning a single machine, which has been identified as the “gold standard” from which all others will be measured.  It can also develop policies from an extensive library of settings and industry best practice information. Each policy can be easily applied to the appropriate machine or group. Once in place, Shavlik is uniquely positioned to enforce each policy while helping reduce the cost of compliance, and improving the likelihood of passing an audit.

Why Choose Shavlik NetChk Compliance:

  • Dramatically reduce manual administrative time with automated scanning and remediation
  • Manage potential for risk tied to system configuration vulnerabilities
  • Security auditing based on the industry standard ISO 17799 or NIST 800-53 security controls
  • Helps you address SOX, Basel II, FISMA, GLBA, and HIPAA
  • Extensive reporting capabilities
  • Over 230 security settings
  • Ease of Use - get up and running in 30 minutes or less
  • Security best practices from Shavlik's security consulting experts
  • Settings recommendations based on real-world experience
  • Content for securing operating systems, databases and web servers
  • Support for SQL Server 2000 & 2005
  • New Policy-Built-From-Scan Feature
  • Right click improvements for ease of policy development and enforcement
  • Fast, multi-threaded scan engine up to 64 scan threads active at one time

Conclusion: Shavlik’s comprehensive solution helps organizations proactively develop and maintain a baseline level of security, enabling proactive enforcement of existing polices which promotes greater network security. Shavlik provides meaningful security configuration metrics that organizations can use to more effectively measure the security of their network and satisfy compliance requirements.

Shavlik Technologies, LLC
2665 Long Lake Road, Suite 400
Roseville, MN 55113
Tel: +1-651-426-6624
Download the actual white paper
From Info Security Products Guide site: CLICK HERE