Content
McAfee Integrity Monitor
File integrity monitoring for compliance
File integrity monitoring (FIM) is the capability to monitor files and directories on a server for changes to content, permissions, or both. McAfee Integrity Monitor provides the continuous FIM that is essential for testing and verifying the security of an environment, or meeting critical compliance requirements, such as those outlined in the Payment Card Industry Data Security Standard (PCI DSS).
Tab Navigation
Benefits and Features
Benefits:
- Monitor all changes
McAfee Integrity Monitor continuously detects all changes, with a very low impact on resources. McAfee’s continuous FIM provides greater information about every change, including the user and program used to make the change. Integrity Monitor provides this level of monitoring across the broadest set of platforms, including servers, databases, and network devices. - Capture a rich set of forensic data
McAfee Integrity Monitor captures details about every change, including the exact time of the change, who was logged in to the machine at the time, what processes (like editors) were running, and whether the change was made manually or by an authorized program. This enables rapid investigation of change-related issues. - Simplify deployment and management
Seamless integration with McAfee ePolicy Orchestrator (ePO) software eases McAfee Integrity Monitor agent deployment, management, and reporting. The single McAfee ePO console lowers the cost of ownership by consolidating security and compliance management. This saves training and operational costs for IT organizations, while providing unified control over the policies and protections on each enabled system.
Features:
- Comprehensive change detection
Because McAfee Integrity Monitor delivers continuous monitoring, it captures every single change. This is important for sustaining compliance, because it allows you to see where your compliance policies are being challenged and addresses inappropriate change at the source. - Very low overhead operation
McAfee Integrity Monitor operates with very low overhead so the entire infrastructure can be monitored without impact. - Detailed database monitoring
McAfee Integrity Monitor tracks activities such as logons, logoffs, user/role creations, password changes, and more. The software also monitors database schema changes (CREATE/ALTER tables, indices, stored procedures, and more), and data changes (INSERT/UPDATE/DELETE of sensitive records). - Network configuration monitoring
McAfee Integrity Monitor provides alerts to configuration changes to some of the most commonly used networking components in the industry. - Centralized deployment and management through ePO
Seamless integration with McAfee ePolicy Orchestrator (ePO) software eases McAfee Integrity Monitor agent deployment, management and reporting. The single McAfee ePO console lowers the cost of ownership by consolidating security and compliance management. Integration with ePO eliminates the need to manage data in two separate systems.
Description:
When it comes to IT infrastructure, a strong compliance posture requires two key components: trusted state and safe change actions. Payment Card Industry Data Security Standard (PCI DSS) compliance in particular highlights the need for safe change actions through the following requirements:
— PCI Control 10.5.5: Use file integrity monitoring and change detection software on logs to ensure that existing log data cannot be changed without generating alerts (although new data being added should not cause an alert)
— PCI Control 11.5: Deploy file integrity monitoring software to alert personnel to unauthorized modification of critical system or content files
McAfee Integrity Monitor helps IT managers, directors, and CIOs gain visibility and access reports that enable them to know what they did not know before. The capability to detect changes across distributed in-store systems or datacenter infrastructures gives IT the upper hand at identifying authorized changes versus unauthorized changes or possible malicious activities. McAfee Integrity Monitor provides insight about actual activities and changes being made to the critical infrastructure, and it ensures that operational integrity has not been compromised.
System Requirements:
McAfee Integrity Monitoring Supported Platforms
- *IBM i5/OS (AS400) V5R3/V5R4/V6R1
- *IBM 4690 OS V5
*These platforms are not supported by the McAfee ePolicy Orchestrator (McAfee ePO) platform or work in standalone mode.
Server Platforms can be supported with McAfee Change Control.
Databases
- Oracle (7.3, 8.0, 8i, 9i through 10g)
- Microsoft SQL Server (6.5, 7.0, 2000 through 2005)
- Sybase SQL Server (10.x, 11.0, 11.1, 11.5 through 11.9, 12.x)
Network Devices
For a comprehensive list of supported devices by vendor, see the Supported Network Devices Chart.
