The proliferation of applications and mobile devices has offered enormous productivity opportunities as well as exposing vulnerabilities that are ripe for exploitation. Organizations of all sizes are grappling with the challenge of providing open access to information while meeting internal and regulatory compliance. Our award winning Vulnerability and Compliance Management (VCM) solutions help to identify compliance requirements and deliver real-time insight into vulnerabilities and security policies, while reducing the pain of manual remediation. To help you address the challenge, Fortinet has created a suite of VCM solutions composed of three main components:
The first step in managing your risk is asset discovery and asset prioritization. To properly discover assets, Fortinet VCM solutions use both agentless as well as agent-based tools. The actual scanning is comprehensive and uses administrative privileges to discover hidden information. The next step is to report on all types of real and potential vulnerabilities, allowing you to isolate the risks. You are able to scale the solution anywhere from a few systems to tens of thousands of assets.
Once vulnerabilities are clearly articulated and grouped, the Fortinet VCM solution looks at available remedies such as patches issued by pertinent vendors. It applies these remedies to the known vulnerabilities based on the assigned priority tickets. Moreover, Administrative Domains (ADOMs) enable you to classify assets based on your policies and apply remediation automatically to them. Asset coverage is broad and includes monitoring of operating systems and applications.
Whether your aim is to comply with internal policies or satisfy regulatory requirements, Fortinet helps you achieve your business goals. In addition to readymade templates for industry-wide compliance regimes, the VCM solutions also offer log data and style-sheets to enable custom reporting. Organizations realize quick time-to-value with easy to install, intuitive and standard compliance policies for NIST SCAP, FDCC, PCI-DSS, SOX, GLBA and HIPAA regulations.
Fortinet VCM solutions leverage FortiGuard Services, the industry’s gold standard for security research labs. In addition to UTM and IPS signature updates, FortiGuard Services provide comprehensive and continuous updates for vulnerabilities, remediation, patch scan, and configuration benchmarks. Fortinet offers VCM solutions to a range of governmental and non-governmental organizations, from small to large.