The National Institute of Standards and Technology (NIST) 800-53 provides recommended security controls of federal information systems and is used to determine the baseline security controls for the system. Federal IT systems must adhere to these security guidelines to comply with FISMA.

Lumension’s Security Management Software Solutions Enable Agencies to Comply with FISMA

Lumension® Data Protection, Lumension® Endpoint Protection and Lumension® Vulnerability Management solutions have all achieved Common Criteria EAL2+ certification and have been helping agencies meet the challenges of FISMA compliance for years. In addition, Lumension® Compliance and IT Risk Management  ensures that FISMA compliance is achieved as part of the overall compliance and IT risk assessment efforts. These solutions include:

  • Lumension® Risk Manager  – Comprehensive IT-GRC software that streamlines and automates audit workflows and IT risk management to provide crucial visibility and continuous monitoring across the IT environment and ensure compliance with FISMA as well as other pertinent regulations, mandates and internal policies.
  • Lumension® Scan - Complete network-based scanning solution enables assessment and analysis of threats impacting all network devices.
  • Lumension® Patch and Remediation - Proactive management of threats through automated collection, analysis, and delivery of patches (all major operating systems and applications) across heterogeneous networks.
  • Lumension® Security Configuration Management - Out-of-the-box regulatory and standards-based assessment to ensure endpoints are properly configured.
  • Lumension® Content Wizard - Create custom remediation packages to address configuration issues, remove unauthorized files and applications, address Zero-day threats, patch custom software and more.
  • Lumension® Enterprise Reporting - Robust data warehouse that enables easy creation and sharing of reports on all aspects of your remediation efforts in support of policy compliance.
  • Lumension® Application Control - Policy-based enforcement of application use to secure your endpoints from malware, spyware and unwanted or unlicensed software.
  • Lumension® Device Control - Policy-based enforcement of removable device use to control the flow of inbound and outbound data from your endpoints.

Lumension’s Endpoint Security and Compliance Management Solutions were designed with FISMA compliance in mind, providing:

  • Harmonization of technical and procedural controls to policy
  • Identification and alignment of IT resources to critical business interests
  • Automated asset and vulnerability discovery
  • Thorough IT risk assessment and prioritization
  • Enforcement of security configurations
  • Robust vulnerability remediation
  • Accurate verification of security posture
  • Policy-based removable device control
  • Detailed audit trail of all data read from or written to removable devices
  • Actionable reports to show policy compliance

Lumension’s policy-based solutions were designed to enforce and maintain desired security postures across complex and heterogeneous government IT environments and to show compliance with FISMA security control standards. One of the largest federal government agencies employs Lumension solutions to achieve FISMA compliance on over 250,000 enterprise devices.