The U.S. Federal Information Security Management Act (FISMA) defines a comprehensive framework to protect government information, operations and assets against natural or cyber threats. The National Institute of Standards and Technology (NIST) Special Publication 800-53 provides recommended security controls of federal information systems and is used to determine the baseline security controls for the system. Federal IT systems must adhere to these security guidelines to comply with FISMA.

Lumension Helps Agencies Comply with FISMA

The Lumension® Endpoint Management and Security Suite (L.E.M.S.S.) unifies the functions of IT operations and security through a single console, server, and agent architecture to seamlessly and more effectively address IT risk and systems management requirements across the agency. L.E.M.S.S. provides a defense-in-depth approach to IT security, protecting against wide variety of threat vectors, including advanced persistent threats (APTs).

 

Lumension® Endpoint Management and Security Suite

Lumension solutions within L.E.M.S.S. have been helping agencies meet the challenges of FISMA compliance for years. These solutions include:

The L.E.M.S.S. reporting tools provide admins with policy-based reporting, report library templates, numerous detailed data views, and interactive drill-down reports.

  • Lumension® Enterprise Reporting and Lumension® Reporting Services - A collection of powerful and actionable reports providing centralized visibility of IT assets and robust data warehouse that enables easy creation and sharing of reports on all aspects of your remediation efforts in support of policy compliance. Dashboard reporting customizes and deliver top down metrics and executive reporting across operational security, IT risk and compliance postures.
  • L.E.M.S.S. dashboard reporting customizes and deliver top down metrics and executive reporting across operational security, IT risk and compliance postures. Interactive 'drill down' reports allow global views of all users to individual groups. The addition of widgets provide instant, actionable and customized 'heads-up' display of key endpoints status.

 

Lumension security solutions are designed with FISMA compliance in mind.

 

9 steps to meet compliance with FISMA Lumension solutions provide:
Categorize the information to be protected. Complete asset and vulnerability discovery.
Select minimum baseline controls. Assess and enforce security configurations using the Lumension Security Content Automation Protocol (SCAP) validated scanner.
Refine controls using a risk assessment procedure. Compliance management through granular policies which assist in meeting the required risk controls.
Document the controls in the system security plan. Actionable reports to show policy compliance, current state of compliance, level of compliance and compliance trends.
Implement security controls in appropriate information systems. Defense-in-depth approach to malware prevention, including:
  • Robust automated vulnerability patching and remediation.
  • Traditional anti-virus complemented by broader application whitelisting technology.
  • Policy-based control over port and removable devices with FIPS 140-2 level 2 encryption.
Assess the effectiveness of the security controls once they have been implemented. Actionable reports to show current state of compliance and compliance trends for an accurate verification of security posture, including:
  • Patch status
  • Data transfers via removable devices / media
  • Application usage and changes
  • AV signature status
Determine agency-level risk to the mission or business case. Perform risk assessment and prioritization by creating reports for agency-wide visibility into your current security posture.
Authorize the information system for processing. Compliance with all agency policies regarding endpoint security, including: configuration, application usage, patch status, etc. The net effect is to prevent unauthorized application execution, data loss / theft, configuration drift, vulnerability exploits and much more.
Monitor the security controls on a continuous basis. Report on all aspects of endpoint security status, including patch status, configuration compliance, removable device usage, AV signature status, etc. The cumulating affect prevents unauthorized application execution, data loss / theft, configuration drift, vulnerability exploits and much more.

 

The policy-based solutions in Lumension solutions were designed to enforce and maintain desired security postures across complex and heterogeneous government IT environments and to demonstrate compliance with FISMA security control standards. One of the largest federal government agencies employs Lumension solutions to achieve FISMA compliance on over 250,000 agency devices.