1 Reply Latest reply on Jan 26, 2016 9:32 AM by rbroom

    NIAP and Determining Level of Compliance

    fshinault

      NIAP compliance, and verifying that the McAfee SIEM is in compliance.  I have checked the NIAP approved products list, and I found the following:

       

      Company: McAfee Inc.

      Model:  McAfee SIEM & Nitro IPS

      Version:  9.3.2

      TN:  1308803

      Effective Date:  16-Jul-2014

      Expiration Date:  16-Jul-2017

       

      I'm hoping that someone at McAfee would be familiar with the STIG compliance for all devices on federal systems.

       

      We are concerned with the following-

       

      Network Device Management SRG

      Rule Title:  The network device must use cryptographic mechanisms to protect the integrity of audit information at rest.

      STIG ID:  SRG-APP-00126-NDM-000242

      Rule ID:  SV-69459r1_rule

      Vuln ID:  V-55213

      Severity:  CAT II