User:ProfLinux/ACAS

This is not a Wikipedia article: It is an individual user's work-in-progress page, and may be incomplete and/or unreliable. For guidance on developing this draft, see Wikipedia:So you made a userspace draft.  Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL Easy tools: Citation bot (help) | Advanced: Fix bare URLs This page was last edited by ProfLinux (talk | contribs) 11 years ago. (Update timer) Finished writing a draft article? Are you ready to request an experienced editor review it for possible inclusion in Wikipedia?     Submit your draft for review!

ACAS or The Assured Compliance Assessment Solution is an integrated software solution that is scalable to an unlimited number of locations. The solution’s tiering ability will give Department of Defense (DoD) enhanced enterprise security while being easy to install and manage. It can be easily deployed via download to all DoD agencies – without the need to procure and install appliance devices. DoD will discover that the ACAS product suite easily provides the required automated network vulnerability scanning, configuration assessment, application vulnerability scanning, device configuration assessment, and network discovery it needs. Further, the product suite generates the required reports and data, with a centralized console, and is SCAP compliant. There is much more to the capabilities of the ACAS and you can find out more information by reading the material referenced below. DISA's Mission Assurance Directorate (MA) is providing program management and supporting the deployment of this solution.

The scope of the ACAS deployment is worldwide. This vast effort requires a support infrastructure to be in place. DISA MA has instituted support services to enable the comprehensive implementation of ACAS to all the combatant commands, Services, agencies and field activities.

MISSION STATEMENT In accordance with Commander, United States Strategic Command (USSTRATCOM) Communications Tasking Order (CTO) 05-19, all DoD Components shall immediately initiate automated enterprise-wide vulnerability scanning on all DoD networks. The Information Assurance (IA)/Computer Network Defense (CND) Enterprise Solutions Steering Group (ESSG) is pursuing the replacement for the Secure Configuration Compliance Validation Initiative (SCCVI) capability for unlimited use across the Department of Defense (DoD) in order to continue to address the need for a vulnerability scanning capability. The Defense Information Systems Agency (DISA), at the request of the United States Strategic Command (USSTRATCOM) and in support of National Security goals established by the President; has purchased from industry, a solution to accurately assess the configuration compliance of DoD enterprise networks and connected systems against DoD standards (e.g. Federal Desktop Core Configuration (FDCC), Security Technical Implementation Guides (STIG), and all known vulnerabilities.

The ACAS suite is made up of 5 components starting with the Security Center - As the central console for ACAS, Security Center offers the ability to automate and quickly scale an organization’s vulnerability and compliance scanning infrastructure, as well as provide capabilities to allow for management, alerting, and reporting against vulnerability and compliance requirements.
The Security Center does the following:

• Simplifies administration using a single console that manages distributed Nessus scanners for enterprise-wide security and compliance visibility
• Accelerates scans with distributed and load balanced scanning, using a centralized database for faster and more efficient scans
• Delivers advanced analytics including extensive dashboards, built-in and customizable reports that aggregate scan data to help you identify and respond to security and compliance issues

NESSUS User Interface - A fully capable scanner covers a breadth of checks, including unique Common Vulnerabilities and Exposures (CVEs), and successfully operates across different environments. The versatile Nessus® vulnerability scanner provides patch, configuration, and compliance auditing; mobile, malware, and botnet discovery; sensitive data identification; and many other features. With a continuously updated library of more than 60,000 plugins and the support of Tenable’s expert vulnerability research team, Nessus delivers accuracy to the marketplace. Nessus provides multi-scanner support, scales to serve the largest organizations, and is easy to deploy on premise or in the Amazon Web Services (AWS) cloud.
NESSUS can do a variety of things including:

• Broad Asset Coverage & Profiling - Discovers a wide variety of physical and virtual devices on your corporate network and identifies the operating systems, applications, databases, and services running on those assets.
• Mobile Device Auditing - Integrates with Apple Profile Manager, Microsoft® Exchange via Active Directory, and Good Technology Good for Enterprise to provide a comprehensive view of an organization’s mobile/BYOD environment and its vulnerability status.
• Botnet/Malicious Process/Anti-virus Auditing - Detect known or suspicious malicious processes and botnets. Nessus enhances an organization's anti-virus strategy by red-flagging threats that often slip through the cracks, helping fight malware and advanced persistent threat (APT).
• Patch Management Integration - Integrates with patch management systems – IBM Tivoli Endpoint Manager (TEM) for Patch Management, Microsoft SCCM, Microsoft WSUS, Red Hat Network Satellite Server, and VMware Go – to retrieve status information for devices being managed by those systems.
• Sensitive Content Auditing - Performs agentless content audits of Windows- and UNIX-based systems to identify sensitive information (PII - credit cards, SSNs; “Top Secret”; employee data) and adult content. Use Nessus to audit and enforce policies that lower your organization's risk of breach or data loss.
• SCADA/Control Systems Auditing - Using SCADA plugins available through a partnership with Digital Bond, Nessus scans SCADA devices to find known and newly-discovered vulnerabilities. Nessus also audits compliance with configuration policies and best practices for SCADA environments.

xTool - The X-Tool converts distributed eXtensible Checklist Configurations Description Format (XCCDF) files into Extensible Markup Language (XML) schema, which allows the files to be imported into SecurityCenter and easily customized, if necessary.

3D Tool - The Topology Viewer imports asset data from the Nessus scanner or SecurityCenter and provides graphical analysis information such as network and protocol maps, communication paths, and vulnerability maps. The Topology Viewer also imports and converts Open Vulnerability Assessment Language (OVAL) vulnerability files for upload into SecurityCenter.

Passive Vulnerability Scanner - The PVS monitors network traffic in real-time. It determines server and client side vulnerabilities and sends these to Security Center in real-time. It continuously looks for new hosts, new applications and new vulnerabilities without requiring the need for active scanning. PVS enables 100% discovery of systems, their vulnerabilities and inappropriate relationships. Tenable’s Passive Vulnerability Scanner is the industry’s only continuous vulnerability monitor that identifies server- and client-side vulnerabilities in new or transient assets. PVS is essential for:

• Full asset discovery including mobile and virtual devices and cloud-based applications
• Identification of risks from assets, applications, and services
• Insight into services, security vulnerabilities, suspicious network relationships, and compliance violations.

• http://www.tenable.com