Regulatory Compliance

Tighter Control & Visibility of Regulatory Compliance  Managing compliance efforts should work in concert with effective risk reduction strategies. For example, implementing identity-based access controls, monitoring user activity, investigating security incidents and documenting policy violations will demonstrate enterprise due diligence to auditors and other key stakeholders. Nevis provides a comprehensive LAN security solution to address the requirements for regulatory compliance. Specifically, it delivers:

  • Centralized security policy management
  • Continuous, real-time policy enforcement
  • Role-based access control to enforce segregation of duties
  • Ability to control, monitor and report on individual users network activity
  • Detailed and summary-level reports that are “auditor-ready” to demonstrate controls validation

The following table demonstrates how Nevis’ LANenforcer solution validates key control objectives common to regulatory frameworks such as COSO, CoBIT and ISO 17799 and mandates such as Visa PCI, HIPAA, GLBA.

Control Objective Nevis LANenforcer Functionality
Access Control
  • Clientless endpoint admission with integrity check (NAC)
  • Integrated user, endpoint, network and application access control
  • 802.1x and Captive Portal user authentication
  • Encrypted access for confidential or regulated data
Threat Protection
  • Aggregates 6 detection mechanisms: stateful firewall, traffic anomaly, protocol anomaly and behavioral anomaly; Layer 2 security; automatic quarantine
  • Microsecond quarantine and remediation
  • Threat analysis researched and monitored 24×7 by Nevis Labs
Network, System & User Monitoring
  • Improved visibility of user access and activity
  • Increased control over user accountability
  • Multi-appliance, multi-site configuration and management simplifying operations and saving time
Incident Response Support
  • Powerful event correlation engine enables faster problem resolution and forensic analysis
  • Associates user identity, user location, IP address, port, and MAC address for faster pinpointing of root cause
Many companies use COBiT or COSO as a guiding framework for compliance,requiring both broad and deep security controls – making Nevis the natural choice for LAN security compliance

To learn more about how Nevis can help meet your regulatory compliance requirements, please see our white paper:

No comments yet.

Leave a Reply