The Latest Fortinet News
Product and Solution Information, Press Releases, Announcements
|FortiScan Receives Secure Content Automation Protocol Validation|
|Posted: Fri Jul 24, 2009 01:46:00 PM|
Fortinet Adds to its Impressive List of Products Meeting Compliance Mandates. Fortinet - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced that the FortiScan™ product line has completed the Secure Content Automation Protocol (SCAP) validation. In order for government agencies to provide Federal Information Security Management Act (FISMA) compliance reporting, they must utilize a SCAP validated product.
The SCAP program was established to ensure that security tools comply with the National Institute of Standards and Technology (NIST) standards. In addition, the compliance program enabled federal agencies to not only continuously monitor systems against the Office of Management and Budget mandated Federal Desktop Core Computing (FDCC) standards, but also provide reporting in a consistent format within FISMA.
The Fortinet FortiScan appliance allows organizations to identify and close IT compliance gaps and implement continuous monitoring in order to audit, evaluate, and comply with internal, industry, and regulatory policies for IT controls and security. The FortiScan appliance utilizes eXtensible Configuration Checklist Description Format (XCCDF) for customizable benchmarks as well as FDCC compliant benchmarks.
FortiScan provides a centrally managed, enterprise-scale solution. System administrators can monitor as well as optionally remediate assets from a central location that may or may not be geographically collocated with the assets - without the need to manually visit potentially thousands of assets in person. The FortiScan appliance also provides the ability to correlated FDCC scanning results by conforming to industry standards such as Common Vulnerabilities and Exposures (CVE®), Common Configuration Enumeration (CCE), Common Platform Enumeration (CPE™), Common Vulnerability Scoring System (CVSS) and Open Vulnerability and Assessment Language (OVAL™) references (where appropriate) as well as export detailed reports in Extensible Configuration Checklist Description Format (XCCDF) format.
FortiScan offers federal agencies a highly adaptable solution for conducting continuous monitoring and reporting of FISMA compliance. FortiScan provides agent-based scanning/reporting for complex networks that support today's architectures of remote and roaming networks as well as VPN and NAT networks. FortiScan even has agent-less capabilities for network discovery. FortiScan integrates endpoint vulnerability management, industry and federal compliance, patch management, remediation, auditing and reporting into a single, unified appliance for immediate results.
"We are very pleased to have completed the SCAP Validation Program with our FortiScan product. In typical Fortinet fashion, FortiScan is delivered in a unified appliance designed to provide immediate results, integrating endpoint vulnerability management, industry and federal compliance, patch management, remediation, auditing and reporting," said Jeff Lake, vice president of Federal operations at Fortinet.