Symantec checks FISMA compliance

Symantec Corp. officials released software today that makes it easier for federal information technology managers to comply with federally mandated security legislation.

Symantec Enterprise Security Manager for the Federal Information Security Management Act of 2002 is a best-practices policy module that integrates into Symantec ESM, the company's policy compliance software. The software module is based on the system security requirements of FISMA, which are geared to protect government information systems from being compromised by network attacks that exploit improperly configured systems and insufficient security management.

ESM for FISMA offers preconfigured security policies, allowing IT managers to automate tasks that they performed manually, such as making sure systems have the latest security patches and checking the integrity of files, said John Grimm, Symantec's director of industry solutions.

The preconfigured security policies give IT managers a running start, as they audit their environments for FISMA compliance, Grimm said. They can generate the reports needed to show that they are in compliance and set up best practices for discovering and removing vulnerabilities, he added.

The Symantec ESM for FISMA policy module supports multiple operating systems including Microsoft Corp. Windows 2000 and Windows NT, Sun Microsystems Inc. Solaris versions 2.6 through 2.9, IBM Corp. AIX, Hewlett-Packard Co. HP-UX and Red Hat Inc. Linux. The module is available free for Symantec ESM users.

Featured

  • Workforce
    White House rainbow light shutterstock ID : 1130423963 By zhephotography

    White House rolls out DEIA strategy

    On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

  • Defense
    software (whiteMocca/Shutterstock.com)

    Why DOD is so bad at buying software

    The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

Stay Connected