FISMA

Each federal agency, including contractors or other organizations who work with the agency, must develop, document, and implement an agency-wide information security program. The National Institute for Standards and Technology (NIST) provides detailed guidance and recommendations for FISMA compliance. NIST guidelines encompass all aspects of information security. FISMA sections 3544 and 3505 require the following:

Compliance for every IT system – Required identification of all systems in use and that access federal information, and validation of their compliance. To help aid agencies in obtaining this, NIST has released a series of guidelines, checklists, and templates that detail acceptable configurations for systems.
Risk assessment – The agency must have an agency-wide information security program that includes controls and checks to ensure effectiveness, including reporting on existing risks and responses.
Incident response – The NIST Controls document outlines specific steps to follow and functions to perform depending on the level of threat posed by the environment.
Intrusion detection – Requires reporting on cybersecurity, risks, and responses.
Boundary protection – Systems and applications should be protected from unauthorized access, both from outside the agency and its contractors, and from within.
Compliance reporting – Requires detailed reporting on FISMA compliance status.
Improving compliance using Sourcefire – Sourcefire helps agencies improve their FISMA compliance. Sourcefire’s patent-pending combination of threat and network discovery, behavioral profiling, and integrated vulnerability management ensures your agency can effectively and easily implement the security best practices recommended by NIST.

Sourcefire provides the most effective way to establish, enforce, monitor, and manage the security policies you need to ensure compliance and protect your agency's federal information assets.

Sourcefire Addresses FISMA Requirements

Sourcefire provides the following capabilities critical to comprehensive network security and FISMA compliance:

NIST 800-53 Requirement	The Sourcefire Approach
CA-7 Continuous Monitoring	Delivers continuous monitoring for security events, anomalous behavior, configuration changes and policy violations, and vulnerability exposure.
IR-5 Incident Monitoring	Security events are marked Impact Flags based on the asset profile and vulnerability information to speed analysis and allow analysts to focus on critical events.
RA-3 Risk Assessment	Creates a real-time profile of the OS, applications, services, ports etc. on every host and maps that against a database of numerous known vulnerabilities. Configuration changes result in a continuously updated risk assessment vs. known vulnerabilities.
RA-5 Vulnerability Scanning SI-3 Intrusion Detection Tools and Techniques	Creates a real-time profile of the OS, applications, services, ports etc. on every host and maps that against a database of known vulnerabilities. Configuration changes result in a continuously updated risk assessment vs. known vulnerabilities.
SI-3 Intrusion Detection Tools and Techniques	Deploys in a systemic fashion to enable real-time threat detection, analysis, and automated remediation. Sourcefire exceeds the recommended protection for IDS/IPS documented in NIST 800-53.
CM-1 Configuration Management Policy and Procedures	Enables users to implement baseline configuration policies for endpoints, subnets, and networks. The system automates monitoring and enforcement of configuration policy.
CM-2 Baseline Configuration	Enables users to implement baseline configuration policies for endpoints, subnets, and networks. The system automates monitoring and enforcement of configuration policy.
CM-4 Monitoring Configuration Changes	Enables users to implement baseline configuration policies for endpoints, subnets, and networks. The system automates monitoring and enforcement of configuration policy.

Secondary links

言語選択

Industry/Compliance

Buy Products

Contact Us

Who we are

Contacts

Quick links