FISMA Compliance

Note: The solutions discussed below only represent a small subset of the entire Ivanti product portfolio. Visit http://www.ivanti.com/solutions to learn more.

FISMA Compliance

The U.S. Federal Information Security Management Act (FISMA) defines a comprehensive framework to protect government information, operations, and assets against natural or cyber threats. The National Institute of Standards and Technology (NIST) Special Publication 800-53 provides recommended security controls of federal information systems and is used to determine the baseline security controls for the system. Federal IT systems must adhere to these security guidelines to comply with FISMA.

Ivanti Helps Agencies Comply with FISMA

Ivanti unifies the functions of IT operations and security through a single console, server, and agent architecture to seamlessly and more effectively address IT risk and systems management requirements across the agency. A defense-in-depth approach to IT security protects against a wide variety of threat vectors, including advanced persistent threats (APTs).

Ivanti solutions have been helping agencies meet the challenges of FISMA compliance for years. These solutions include:

  • Application Control – Policy-based enforcement of application use to secure your endpoints from malware, spyware, and unwanted or unlicensed software.
  • Device Control – Policy-based enforcement of removable device usage controls the flow of inbound and outbound data from your endpoints. Ivanti technology protects data on removable storage devices, while bi-directional shadowing keeps a record of all transferred files.
  • Patch Management – Proactive management of threats through automated collection, analysis, and delivery of patches (all major operating systems and 3rd-party applications) across heterogeneous networks.
  • Security Reporting – A collection of powerful and actionable reports providing a centralized visibility of IT assets and robust data warehouse that enables easy creation and sharing of reports on all aspects of your remediation efforts in support of policy compliance. Ivanti dashboard reporting customizes and delivers top down metrics and executive reporting across operational security, IT risk, and compliance postures. Interactive 'drill down' reports allow global views of all users to individual groups. The addition of widgets provide instant, actionable, and customized 'heads-up' displays of key endpoints status.

FISMA Compliance Checklist

Ivanti security solutions are designed with FISMA compliance in mind.

9 steps to meet compliance with FISMA Ivanti solutions provide:
Categorize the information to be protected. Complete asset and vulnerability discovery.
Select minimum baseline controls. Assess and enforce security configurations using the Lumension Security Content Automation Protocol (SCAP) validated scanner.
Refine controls using a risk assessment procedure. Compliance management through granular policies which assist in meeting the required risk controls.
Document the controls in the system security plan. Actionable reports to show policy compliance, current state of compliance, level of compliance, and compliance trends.
Implement security controls in appropriate information systems. Defense-in-depth approach to malware prevention, including:
  • Robust automated vulnerability patching and remediation.
  • Traditional anti-virus complemented by broader application whitelisting technology.
  • Policy-based control over port and removable devices with FIPS 140-2 level 2 encryption.
Assess the effectiveness of the security controls once they have been implemented. Actionable reports to show current state of compliance and compliance trends for an accurate verification of security posture, including:
  • Patch status
  • Data transfers via removable devices/media
  • Application usage and changes
  • AV signature status
Determine agency-level risk to the mission or business case. Perform risk assessment and prioritization by creating reports for agency-wide visibility into your current security posture.
Authorize the information system for processing. Compliance with all agency policies regarding endpoint security, including: configuration, application usage, patch status, etc. The net effect is to prevent unauthorized application execution, data loss/theft, configuration drift, vulnerability exploits, and much more.
Monitor the security controls on a continuous basis. Report on all aspects of endpoint security status, including patch status, configuration compliance, removable device usage, AV signature status, etc. The cumulating affect prevents unauthorized application execution, data loss/theft, configuration drift, vulnerability exploits, and much more.

Ivanti policy-based solutions were designed to enforce desired security postures across complex and heterogeneous government IT environments and to demonstrate compliance with FISMA security control standards.

Learn more about Ivanti Endpoint Security Software.