GCN Insider: McAfee tackles FISMA

Halloween 2005, McAfee Inc. launched a couple of new products to help take the fear out of agencies' FISMA compliance efforts. A week later, they brought by GCN's offices Foundstone Enterprise 4.2, the latest version of the vulnerability management system the company acquired about a year ago. Little has actually changed in Foundstone 4.2, which includes a terrific one-click correlation engine that can take information about a new vulnerability and compare it to your most recent network scan for a quick assessment of possible problems (after all, not all patches apply to your infrastructure). But what is new in 4.2 is a set of compliance templates, developed with help from the Justice Department. Want to know where you stand on FISMA or HIPPA? Foundstone's templates give feedback for complying with those and other mandates.

The company has also shipped a new hardware appliance. The FS 850 is what McAfee's vice president of federal business Mike Carpenter called a 'headless appliance.' Basically, the FS 850 has no ports except its network connector. Evidently, agencies with remote sites didn't want to deploy full-fledged Foundstone appliances to collect network information. The FS 850 is easy to deploy, relays vulnerability data back to a central appliance, and can't easily be fooled with.


  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected