eEye Retina.GOV - Government Solutions

eEye Retina.GOV Overview:

eEye is a dedicated provider of unified vulnerability management and compliance solutions for Government agencies. Retina.GOV, built upon our world-renowned research team, is an integrated end-to-end vulnerability management and compliance solution designed to help Government departments and agencies with protection and compliancy by defining and monitoring relevant IT controls.

Retina.GOV combines the powers of Retina and our enterprise management console, REM, to form a unified solution designed to help Government departments and agencies with vulnerability assessment and compliancy by defining and monitoring relevant IT controls.

• Implement policy-based security management including routine security assessments, demonstrated control, and use of timely reports as part of standard processes.
• Capability to efficiently classify, respond to and resolve potentially high-volume threats.
• Enable compliance for SCAP, FDCC, and DIACAP initiatives mandated by command authorities.

Retina.GOV monitors both vulnerability and configuration of your IT assets, while correlating compliance requirements to pre-defined baselines and providing automated notification of violations. Your environment is assessed, capturing established security controls along with any vulnerabilities or configuration violations that impact the network. Detailed reports providing prescriptive guidance and recommendations are then forwarded and response is initiated to ensure that corrective action can be taken in a timely fashion.

Assessment
Retina provides industry leading vulnerability management across network devices, operating systems, applications, databases and web applications. Retina safely scans both patch and configuration vulnerabilities against userdefined or pre-defined templates that include SCAP, FDCC, STIG and IAVA.

Mitigation
If computer controls or service levels are impacted by a network problem or intruder, alerts can be fired to notify appropriate administrators enabling the IT department to take immediate actions to re-establish operational and security control. Retina adheres to broadly accepted standards which include integration with) SCAP, FDCC, and IAVM for assessment, risk scoring, and reporting purposes ensuring reports are easily comprehendible and suitable to our federal customers and their partners.The Retina management console is a fully integrated, complete web-based security and compliance solution available as software or appliance and is Common Criteria EAL2 Certified. Now you can simplify the management of distributed, complex infrastructures while protecting your mission critical assets from evolving threats with a single end-to-end management system.

Federal Government Regulations & Retina.GOV

SCAP:

Retina Network Security Scanner, the flagship solution component of Retina.GOV, supports the following SCAP requirements:

• Federal Desktop Core Configuration (FDCC) Scanner
• Authenticated Configuration Scanner
• Authenticated Vulnerability and Patch Scanner
• Unauthenticated Vulnerability Scanner

Retina’s SCAP capabilities include the following standards: XCCDF, OVAL, CCE, CPE, CVE and CVSS.

Utilizing Retina Network Security Scanner’s SCAP engine, users are able to import SCAP content, such as FDCC benchmarks, for interpretation and assessment of network devices. Retina provides an easy-to-use wizard that guides the user through the steps of selecting desired content, providing information on the assets to be evaluated, and launching the assessment scan. Upon launch, the scan will run without user intervention, alerting you when complete. The assessment results are made available in both machine legible XML in OVAL and XCCDF formats as well as human readable reports. Both machine and human readable output contains associated CVE, CPE, CVE and CVSS references as applicable.

FDCC:

eEye's Retina Network Security Scanner is compliant with FDCC 1.2.

The Federal Desktop Core Configuration (FDCC) is an OMB-mandated security configuration which exists for Microsoft Windows Vista and XP operating systems. The Windows Vista FDCC is based on DoD customization of the Microsoft Security Guides for both Windows Vista and Internet Explorer 7.0. Microsoft's Vista Security Guide reflects the consensus recommended settings produced through a collaborative effort amongst DISA, NSA, and NIST.

The Windows XP FDCC is based on Air Force customization of the Specialized Security-Limited Functionality (SSLF) recommendations in NIST SP 800-68 and DoD customization of the recommendations in Microsoft's Security Guide for Internet Explorer 7.0.

DIACAP:

Retina.GOV enables organizations to become DIACAP compliant:

• The DoD Information Assurance Certification and Accreditation Process (DIACAP) is the United States Department of Defense (DoD) process of ensuring that risk management is applied on information systems (IS).
  
  
• DIACAP defines a DoD-wide formal and standard set of activities, general tasks and management structure process for the certification and accreditation (C&A) of a DoD IS that will maintain the information assurance (IA) posture throughout the system's life cycle.

Benefits:

• Reduce the cost of security and compliance by automating configuration auditing and vulnerability management
  
  
• Ensure that you are protected from the latest known vulnerabilities with intelligently updated audits database that include a 48-hour SLA for critical vulnerabilities
  
  
• Prioritize resources and streamline remediation efforts through executive and task specific reporting offering risk scoring prescriptive and guidance on issues.
  
  
• Simplify assessments and lower cost with a single solution that provides non-intrusive, scalable remote scanning that will not impact business assets or operations.
  
  
• Distributed scanning and reporting of all discovered assets, compliance violations and vulnerabilities into a single management console.
  
  
• Perform local VA scanning on critical assets where credential or firewalls prevent accurate remote scanning or where more frequent scanning is desired.
  
  
• Retina can also offer continuous scanning monitoring as required by NIST 800-37*

Specifications:

Depth and Safety of Unified Scan Engines

• Unified scanning across network devices, operating systems, applications, databases, web applications, virtualized environments and much more
• Innovative, non-intrusive and safe scanning technology with extensive network throttling capabilities
• Complete asset inventory with accurate OS detection using multiple engines for verification
• Wireless asset detection from the network or wireless using a dedicated WiFi scanner

Standards Based

• The most comprehensive vulnerability database with PCI and CVSS scoring
• Independently tested and reviewed by NSS Labs for use with PCI Compliance
• Integrated STIG, IAVA, and SCAP support
• Customizable audits using wizards - no programming experience required

Flexible Deployment

• Runs on Windows 2000, XP, 2003, Vista,Windows 7, and 2008
• Software or appliance
• Role based security delegation for managing tasks and reporting
• Open architecture for third party integration and compatibility

Unparalleled Audit Support

• Backed by an unrivalled vulnerability research team
• Identifies known and published zero-day vulnerabilities
• Automated updates for latest vulnerability checks and information (SLA – 48 hours)

Reporting

• Team members from CIOs to Security Engineers can execute a wide variety of reports including vulnerability details, assets and hardware inventory, delta reports, patch reports, trending graphs, and can even customize reports to include sections unique to their business needs
• Reports can be executed ad-hoc, scheduled, or emailed

Interoperability

• Retina adheres to broadly accepted standards which include integration with both IAVA and CVE for risk scoring and reporting purposes to ensure reports are easily understood and suitable to our government customers
• Retina is standard based and supports IAVA, CVE, CVSS, CCE, OVAL and XCCDF
• Retina is EAL2 (common criteria) certified
• Retina employs an open architecture and readily integrates with industry leading SIM, NAC and GRC.

Support / Maintenance

• 24/7 Support Available
• 48-hour SLA for critical vulnerabilities
• Technical Training and Certification Workshops

Optional Protection Modules

• eEye offers optional threat protection modules which are available through our Retina solutions. Please contact an eEye representative to discuss additional solutions available for your installation.

Enterprise Vulnerability Management:

Designed for a range of small business, medium business (SMB), to large enterprises, Retina Network Security Scanner is available as both a network security software solution plus a vulnerability management appliance solution.

• Centralized Vulnerability Management - Integrated vulnerability assessment, policy enforcement, policy auditing; improving enterprise network security.
• Centralized Incident Management - Prioritized vulnerability management plus client security threats and attacks; reducing security risk plus network security response.
• Enterprise Security Reporting - With integrated vulnerability, attack and policy information provided by Retina and Blink, REM provides organizations with metrics and graphical representations of their enterprise security posture.
• Executive Dashboard - Customizable reports and charts; integrated asset management, client security, risk assessment, plus vulnerability assessment.

Documentation:

Download the eEye Retina.GOV Datasheet (PDF).