Shavlik NetChk^® Compliance 3.0

Shavlik NetChk Compliance simplifies and automates the management of critical system and security configuration settings on your network - while mapping those settings back to stated security policies and compliance requirements. And the best part, it provides the reports you need to prove you're compliant.

When you implement NetChk Compliance, in hours, not days or weeks, your IT organization will Be Ready…

For your next audit, in hours, not days or weeks

• Determine status of IT controls through continuous or on-demand security and configuration assessments, and to proactively set and enforce policy.
• Automatically find gaps in your security or configuration status relative to policy or audit requirements, and fix them immediately

To better leverage existing systems management platforms

• Easily access those hard to manage systems, close their security gaps – and bring them back into compliance
• Validate that policy settings, distributed through GPO or other, were actually implemented

To improve your security state AND prove compliance to auditors

• Establishes a security baseline and then proactively enforces that policy through continuous assessment of security and configuration controls
• Automates assessment and remediation of patch levels, security configurations, and removal of unwanted software applications to reduce risk
• Simplifies and automates security and compliance operations to improve speed, accuracy, and productivity, lower costs, support higher scale, and enable management of increasingly complex network environments.

• Downloadable Policy Templates
• Change Management
• Policy Cloning and Distribution
• Audit Ready Reporting
• Policy Mapping to Regulations and Best Practices
• Configuration Policy Management and Control

A common need for enterprise organizations is for a compliance program that can efficiently work in an automated manner while enforcing IT security policies.

Shavlik NetChk Compliance is a powerful solution that scans for, compares, and enforces security configuration settings on your network - while mapping those settings back to stated security policies and compliance requirements. Compliance Management at work! And the best part, it provides the reports you need to prove you're compliant.

Download the Most Current Policy Templates - Our unique architecture allows you to download and import the latest regulatory policy templates so you can quickly respond to changing requirements. Shavlik has the latest policy templates to meet PCI DSS and FDCC Security policy and configuration mandates.

Change Management - Enabling appropriate change management controls reduces the risks associated with unauthorized change; such as downtime because of system failure, introduction of security vulnerabilities, and insider security threats. NetChk Compliance manages the data related to policy and configuration changes and provides reporting and review of these changes to help customers address IT and regulatory agency requirements for auditing, managing and maintaining security.

Policy Cloning & Distribution - Offers advanced "Gold Machine" scanning automation that helps save time by streamlining the creation of security configuration policies by leveraging existing, approved system configurations. This automation makes it very easy to create a security IT infrastructure that can be measured against a pre-defined industry standard baseline.

Configuration Policy Management - Provides a comprehensive method of detecting systems that have drifted out of compliance with corporate policy, and then quickly remediate or enforce the existing policies, returning the affected systems to the "desired state." This capability helps to reduce risk by driving greater efficiency into the configuration management process.

Audit-Ready Reporting - Allows for the user to easily create a variety of "audit ready" reports that will demonstrate that the proper configuration controls are in place and operational. These reports can also provide alignment between the various regulations (PCI, SOX, HIPAA, etc.), with the requirements of either internal or external auditors who utilize industry standard policy frameworks to measure compliance and prove "due care" has been taken.

Policy Mapping and Regulatory Audit - Addresses current regulations like PCI, SOX, GLBA, HIPAA, FDCC and FISMA that place new demands on information security. Audit systems using the links between best practices content and auditing standards such as ISO 27002 and NIST 800-53. Use these standards to develop powerful security standards to drive an overall security policy.