Software Components And What They Do - McAfee PASCDE-AB-IA - Policy Auditor For Servers Product Manual

Getting started with McAfee Policy Auditor

Software components and what they do

Entitlement reporting — Entitlement reporting is an enhancement to the Policy Auditor File
Integrity Monitoring feature that produces custom file entitlement reports. It has these
capabilities:
Monitors file entitlements, such as read and write attributes.
Monitors files for changes.
Monitors and displays changes to text files.
Support for OVAL 5.7
Assessment Language (OVAL) versions 5.7, 5.8, and 5.9.
Support for SCAP 1.1 — The software adds support for Security Content Automation
Protocol (SCAP) version 1.1.
Agent support for new operating system platforms — The McAfee Policy Auditor agent
plug-in supports these new platforms:
HP-UX 11i v2 Itanium
HP-UX 11i v3 Itanium
Red Hat Enterprise Linux 6.0
SuSE Linux Enterprise Server 11
Software components and what they do
McAfee Policy Auditor installs components that help you analyze systems for compliance with
recognized, open-source standards and standards that you can create yourself.
These are the McAfee Policy Auditor components as they appear in the interface:
Benchmark Editor — A utility used to enable, disable, create, and edit benchmarks. Each
audit must contain at least one benchmark. Ideally, audits should contain only one benchmark.
Benchmark Editor Content Distributor — Distributes content downloaded from McAfee
Labs™ to systems.
Findings — Manages findings, which help you understand why an audit check failed and
provides information about how to fix the problem.
PACore — The primary portion of the software that controls all other features.
PARollup — Uses the rollup capabilities of ePolicy Orchestrator software to collect summary
information from registered ePolicy Orchestrator servers and show aggregated data.
Policy Auditor — Handles policy and task management, audit schedules, and system
management.
McAfee Policy Auditor agent plug-in
The McAfee Policy Auditor agent plug-in expands the ability of the McAfee Agent to support
McAfee Policy Auditor.
When audits are deployed to systems with the McAfee Agent, the agent plug-in determines
when the audits should be run. The agent plug-in conducts audits at the appropriate time and
returns the results to the ePolicy Orchestrator server. The agent plug-in can conduct audits
when the managed system is off the network, and returns results to the ePolicy Orchestrator
server once the system is reconnected to the network.
12 McAfee Policy Auditor 6.0 software Product Guide for ePolicy Orchestrator 4.6
5.9 — The software adds support for Open Vulnerability and