Content
McAfee Integrity Control
Protect point-of-service systems from unauthorized applications and change
McAfee Integrity Control combines industry-leading application control and change control technology, ensuring that only trusted applications run on fixed-function devices, such as point-of-service (POS) systems, ATMs, and kiosks. Integrity Control provides continuous change detection capabilities while preventing unauthorized change attempts. Using a trusted source model, Integrity Control allows software updates from authorized sources, even when systems are locked down.
Tab Navigation
Benefits and Features
Benefits:
- Block unauthorized applications and change attempts
Ensure that only approved software runs on the point-of-service infrastructure, without imposing additional operational overhead. McAfee Integrity Control easily blocks unauthorized, vulnerable, or malicious applications that can compromise the security of critical systems. It leverages change control technology to stop unwanted, out-of-policy changes before they occur. This level of protection is linked directly to policy, and changes can be verified against the source, time window, or approved change ticket. - Monitor file integrity and file changes
Check files and directories for changes to content, permissions, or both. Integrity Control provides continuous file integrity monitoring, essential for testing and verifying the security of an environment and meeting critical compliance requirements, including PCI DSS. It delivers comprehensive information about every change, including the user and the program used to make the change. - Gain increased control over fixed-function systems
Extend a layer of protection to devices with a fixed CPU or memory, including POS terminals, ATMs, and medical imaging systems that perform critical functions and often store sensitive data. Integrity Control offers a low-overhead footprint that does not impact system performance, and is equally effective in standalone mode, without network access. - Meet and sustain PCI DSS compliance
Get continuous information about change events across the point-of-service infrastructure to comply with PCI DSS requirements. Integrity Control details which server or servers originated the change, when it was made, which user made the change, how the change was made, what content inside the file changed, and whether the change was approved.
Features:
- Comprehensive change policy enforcement
Leverage change control technology that blocks unwanted, out-of-policy changes before they occur on fixed-function systems. McAfee Integrity Control links protection directly to policy and verifies changes against the source, time window, or approved change ticket. Changes attempted outside of policy are blocked, and the attempt is logged and sent as an alert to administrators, greatly reducing change-related outages and compliance violations. - Dynamic whitelisting via a trusted source
Eliminate the need for IT administrators to manually maintain lists of approved applications. Instead, IT departments can adopt a flexible approach, relying on a repository of trusted applications that run on endpoints. This prevents execution of all unauthorized software scripts and dynamic link libraries (DLLs), and further defends against memory exploits. - Centralized deployment and management through ePO
Get seamless integration with McAfee ePolicy Orchestrator (ePO) software to ease deployment, management, and reporting. The single McAfee ePO console lowers the cost of ownership by consolidating security and compliance management, eliminating the need to manage data in two separate systems. - An efficient and operationally transparent solution
Lower initial and operational overhead. Integrity Control runs transparently on fixed-function systems, enables the entire point-of-service infrastructure to be monitored without impact, and can be set up quickly.
Description:
McAfee Integrity Control provides an effective way to block unauthorized applications and change on fixed-function point-of-service infrastructures, including ATMs, point-of-sale (POS) systems, and kiosks. It combines industry-leading whitelisting and change control technology to ensure that only trusted applications run on fixed-function systems. Unlike simple application control, Integrity Control uses a dynamic trust model that eliminates the need for tedious manual updates to approved lists, so even when systems are locked down, software updates from authorized sources are still allowed.
As retail and financial services organizations face a barrage of unknown software from the web, this centrally managed solution adds timely control to your systems security strategy and meets operational needs. Managed through the McAfee ePolicy Orchestrator (ePO) platform, Integrity Control provides customers with continuous change detection capabilities, while proactively preventing unauthorized change attempts on ATMs and POS systems.
McAfee Integrity Control delivers:
- Viable security that uniquely extends a layer of protection to fixed-function devices
- A flexible, affordable, and secure solution that dynamically manages whitelists and supports multiple configurations for different business needs and devices
- Scalable and centralized management that leverages your investment in the McAfee ePO platform Streamlined remote deployment via the McAfee ePO platform, so you can easily manage and report on large enterprise rollouts, all from a central location
System Requirements:
These are minimum system requirements. Actual requirements will vary depending on the nature of your environment. Some features may vary depending on the platform.
Operating Systems (OS)
- Windows NT*
- Windows 2000
- Windows 2003
- Windows 2003 (64-bit)
- Windows 2008
- Windows 2008 (64-bit)
- Windows XP
- Windows XP (64-bit)
- Windows Vista
- Windows Vista (64-bit)
- Windows XPE
- Windows CE 6.0*
- Red Hat Enterprise Linux 3/4/5
- CentOS 4/5
- SUSE Enterprise Linux 9/10
- Oracle Enterprise Linux 5
- Solaris 8/9/10
*These platforms are not supported by McAfee ePolicy Orchestrator (ePO) or work in standalone mode.