• Overview
  • Features
  • Design Principles
  • Requirements

Overview

Simplify and Automate Security and Compliance Readiness

Shavlik NetChk Compliance is a powerful compliance management solution that simplifies and automates the management of critical system and security configurations. It enables you to keep up with emerging regulations, meet your compliance objectives, lower your costs, and reduce your risk of exposure. With Shavlik NetChk Compliance you can effectively control and manage highly distributed systems that are operating in mission-critical environments.

Multi-Use Tool

Shavlik NetChk Compliance provides management and control over security configurations, as well as compliance auditing for Microsoft-based machines. It enables you to understand, check, assess, audit, and enforce configuration checks on the machines in your networks. It is also an excellent tool for enabling you to understand and meet regulatory compliance requirements and other information security needs.

Fastest Time to Value

Shavlik NetChk Compliance provides the most direct route to achieving, proving, and sustaining compliance with internal mandates or external regulations. In a matter of hours, not days or weeks, you’ll have a solution in place and operational to find and fix gaps in your security and compliance status.

Simplify Network Security

Shavlik NetChk Compliance provides you with an easy-to-implement, easy-to use, and cost-effective method for improving your security posture. By taking the complexity out of the security configuration task, it provides the fastest route to improved security and compliance. Operational efficiencies are improved so you can do more with fewer resources and free up IT resources to do things that drive business growth.

Automatically Enforce IT Security Policies

Shavlik NetChk Compliance detects systems that have drifted out of compliance with your corporate policy, and then quickly and automatically enforces the existing policies by returning the affected systems to their desired state. It does this through continuous assessment, remediation, and management of all physical and virtual machines, both online and offline.

Prove You Are In Compliance

It is easy to manually or automatically generate reports about your security posture that map back to internal and external mandates, thus demonstrating to auditors that you are in compliance. Reports are available daily, weekly, and monthly on the latest threats and vulnerabilities.

 

Features

  • Ease of Use:Go from download to scanning in 30 minutes or less, leveraging Shavlik’s easy to use, industry-standard user interface. Offers a robust user experience, all from a single console. Go from the product install to your first scan in 30 minutes or less.
  • Automated policy baseline development and enforcement:Shavlik NetChk Compliance uses policies to define the products and the compliance checks to evaluate during a particular scan. There are three predefined baseline policies. In addition, you can create your own custom policies that define the specific compliance checks required by your organization.
  • SCAP Processor support: Allows for interaction with the Shavlik NetChk SCAP Processor, a conversion tool that enables you to convert Security Content Automation Protocol (SCAP) profiles into policies that can be imported into Shavlik NetChk Compliance. The policies can then be used to perform compliance scans of machines in your network.
  • Policy Cloning & Distribution:Offers advanced "Gold Standard" scanning automation that saves time and increases accuracy. You quickly and easily clone a new policy using the compliance checks configured on a machine that represents your organization’s gold standard. This enables you to leverage existing, approved system configurations. It also makes it very easy to create a security IT infrastructure that can be measured against a pre-defined industry standard baseline.
  • Policy Mapping and Regulatory Audit:Addresses current regulations like PCI, SOX, GLBA, HIPAA, FDCC and FISMA that place new demands on information security. Audit systems using the links between best practices content and auditing standards such as ISO 27002 and NIST 800-53. Use these standards to develop powerful security standards to drive an overall security policy.
  • Policy Dashboard: Gives you the ability to quickly determine the compliance status of the machines in your organization. It does so by providing summary information in an easy-to-read graphical display.
  • Audit-Ready Reporting: Easily create a variety of "audit ready" reports that will demonstrate that the proper configuration controls are in place and operational. These reports can also provide alignment between the various regulations (PCI, SOX, HIPAA, etc.) and the requirements of either internal or external auditors who utilize industry standard policy frameworks to measure compliance and prove "due care" has been taken.
  • Scheduled scanning and policy enforcement: You can use the Schedule feature to specify when and how often a scan should be run. You can regularly run scans at a specific time using a specified recurrence pattern. For example, using this option, a scan could be run every night at midnight, or every Saturday at 9 PM, or on the first day of every month at 11 PM, or at any other user selected time and interval.
    In addition, by enabling the Auto Enforce option you can automatically enforce the policy by correcting any discrepancies found on the scanned machines. The enforcement is performed immediately after the scan.
  • Extremely flexible and robust scanning options:Provides users with both simple and flexible scanning options. The home page provides a simple 1 – 2 – 3 step process to begin a scan. Or, you can begin scans from within a machine group or within a policy. Scans can also be performed by domain, organizational unit, machine name, IP address or IP range.
  • Exporting and importing policies: Allows you to export an existing policy to an XML file. This makes the policy available to be imported by other installations of Shavlik NetChk Compliance.
  • Custom Check Wizard: Enables you to expand upon the numerous out-of-box checks by creating your own custom compliance checks. This allows you to track items that are unique to your organization. The custom checks are added to a custom policy and referenced whenever that policy is used in a compliance scan.
  • Change management: Provides the mechanisms needed to track changes you make to your policies and track policy enforcements you perform on the machines in your organization.
  • Machine Groups:Shavlik NetChk Compliance uses machine groups to keep track of the machines that are included in a particular scan. There are several predefined machine groups (My Machine, My Domain, My Test Machines, and Entire Network). In addition, you can also create your own unique machine groups.

 

Design Principles

All products created by Shavlik Technologies are built upon the following product principles. There are a number of examples of each principle evident in Shavlik NetChk Compliance.

  • Simplicity: If a product is difficult to use, chances are it won’t get used, no matter how many bells and whistles it may have. Our interface takes the complexity out of managing security.
    • Easy to deploy and manage, meaning your less technical staff can be utilized to manage the product
    • Operationalizes security, freeing up critical IT staff
    • Direct route to compliance
    • Fully automates the vulnerability lifecycle
    • Facilitates gains in operational efficiency and delivers cost savings by simplifying complex network security
  • Thoroughness: A product is worthless if you can’t trust it to produce accurate results. Shavlik Technologies is the leader in accuracy, depth, and breadth of status on patches, configurations and unapproved software.
    • Best in class scanning
    • Used to audit other solutions for mistakes
    • Validates that policy settings, distributed through GPO or other, were actually implemented
    • Built-in support for industry standard frameworks
  • Architectural Flexibility: When working with rapidly changing technologies, flexibility is key. You don’t want a product that is locked in and that can’t adapt to changes. Shavlik NetChk Compliance is extremely flexible because it:
    • Provides multiple deployment options
    • Is non-intrusive
    • Contains the industry’s most flexible and granular remediation options
    • Works with multiple products: Windows 2000 Professional Gold or later, Windows XP Professional SP1 or later, Windows 2000 Server Gold or later,
      Windows Server 2003 Family, Windows Server 2008 Gold or later and Vista SP1
    • Works with multiple machine types: servers, desktops, laptops, virtual machines
    • Uses XML-based files that are constantly being updated to reflect ever-changing software environments.
    • Supports open standards such as Security Content Automation Protocol (SCAP)
  • Scalability: You want a product that is able to grow with your company. Shavlik NetChk Compliance has the ability to accommodate ever increasing numbers of machines and software products. Here’s why:
    • Distributed architecture
    • Centralized management
    • Can manage thousands of machines from a single console
  • Time-to-Value: You want to be able to immediately begin using your investment. With its easy to use and intuitive interface, Shavlik NetChk Compliance has you scanning, assessing, and remediating your network in no time. Because there are very few setup tasks needed before using the product, the “time-to-value” payoff with Shavlik NetChk Compliance is extremely high.

 

Requirements

Console

Processor:

  • 500 MHz or faster CPU

Memory:

  • Minimum: 256 meg RAM
  • Recommended: 512 meg RAM or higher

Video:

  • 1024 x 768 screen resolution or higher (1280 x 1024 or higher recommended)

Disk Space:

  • 60 meg for application

Operating System:

  • Windows Server 2008 Gold or later
  • Windows XP, Professional SP1 or later
  • Windows Server 2003 Gold or later
  • Windows 2000, Server Gold or later
  • Windows 2000, Professional Gold or later

    • Note: Shavlik supports 32- and 64-bit versions of the listed Operating Systems for client systems.

Prerequisite Software:

  • Internet Explorer 5.5 or later
  • Windows Installer 3.1
  • Microsoft Data Access Controls (MDAC) 2.8 or later
  • MSXML 4.0 or later
  • JET 4.0 SP6 or later
  • Microsoft .NET Framework 2.0

System Configuration

  • Workstation Service
  • Server Service
  • Remote Registry Service
  • Simple File Sharing disabled

Clients

Browser:

  • Internet Explorer 4.0 or later

Disk Space:

  • A minimal amount needed for log files

Operating Systems:

  • Windows 2008 Server, Standard Gold
  • Windows 2008 Server, Enterprise Edition Gold
  • Windows 2008 Server, DataCenter Edition Gold
  • Windows Vista, Ultimate Gold or later
  • Windows Vista, Business Gold or later
  • Windows Vista, Enterprise Gold or later
  • Windows XP Professional Gold or later
  • Windows Server 2003, Standard Edition Gold or later
  • Windows Server 2003, Enterprise Edition Gold or later
  • Windows Server 2003 R2, Enterprise Edition SP1 or later Windows 2000 Server Gold or later

System Configuration

  • Workstation Service
  • Server Service
  • Remote Registry Service
  • Simple File Sharing disabled
  • File Sharing must be installed (default admin shares used)
  • NetBIOS (tcp139) or Direct Host (tcp445) ports must be accessible

 

 


Designed by Palyacho