CA unveils FDCC Scanner
- By Rutrell Yasin
- Nov 13, 2008
CA has added the Federal Desktop Core Configuration (FDCC) Scanner to its asset management software, which should help federal agencies meet Office of Management and Budget mandates for securing desktop computers.
The scanner is a component of CA's IT Client Manager, a solution for managing client devices enterprisewide, from desktop and laptop PCs to handheld devices.
The new FDCC module is designed to help enterprise administrators perform automated configuration checking and remediation of desktop and laptop computers against the FDCC checklists. The tool will offer a pass, fail or not applicable report for each end system, CA officials said.
The company recently completed the National Institute of Standards and Technology's testing process, and NIST has validated that the company's FDCC Scanner conforms to the Security Content Automation Protocol and its component standards, CA officials said. SCAP validates that configurations have not been altered from FDCC standards and checks for other security issues and settings.
The new module in CA's IT Client Manager has been classified as an FDCC Scanner and Authenticated Configuration Scanner.
The OMB mandate requires federal agencies to upgrade desktop and laptop computers that run Microsoft Windows XP or Windows Vista to conform to FDCC, a set of operating system configurations written by NIST and the National Security Agency with the help of Microsoft Corp.
'Automation and management [are] the key to reducing costs and achieving FDCC compliance,' said William Clark, CA's vice president of technical sales and public-sector chief technology officer.
Automated scanning lets agencies immediately identify out-of-compliance systems and take the necessary steps to remediate misconfigurations to reduce security risks and vulnerabilities, Clark added.
Rutrell Yasin is is a freelance technology writer for GCN.