Dell updated its Dell KACE K1000 Management Appliance to include support for federal security policies and scanners to ensure compliance.
The updated Dell KACE K1000 management appliance allows
organizations to standardize and enforce government-level security policies
across all desktops and laptops, the company said on Jan. 26.
Dell's latest version of the management appliance supports
the latest Federal Desktop Core Configurations, a list of security settings required
for Windows XP and Vista systems that connect to any United States federal
agency, Dell said. DELL KACE K1000 reduces the organization's "attack surface"
by tightening browser security and enforcing basic security configurations, according
to the company.
IT teams can automatically apply a base level of security to
all endpoints to defend against the latest security threats, said Marty Kacin,
vice president of engineering, CTO and co-founder of Dell KACE.
In addition to FDCC support, the KACE K1000's Security
Content Automation Protocol (SCAP) Scanner allows IT managers to
audit systems to ensure compliance with security policies, Ken
Dracknik, director of product marketing for Dell KACE, told eWEEK. IT
administrators update a checklist, such as FDCC, into SCAP to scan the
and generate a compliance report. The SCAP Scanner makes it easier for
managers to find and remediate security issues, he said.
The SCAP Scanner displays a grade to indicate how well the system met the standard security profile, Dracknick said.
Originally mandated by the Office of Management and Budget
in 2007, the FDCC list contains approximately 300 security settings that federal
agencies have to apply to all systems
running Microsoft Windows XP Professional (SP2 and SP3), and Microsoft Windows
Vista Business, Microsoft Windows Vista Enterprise, and Microsoft Windows Vista
Ultimate SP 1 machines, even if they belong to contractors. The guidelines
include restrictions on wireless access, keeping administrator account and user
accounts separate on the machine, frequent password changes, and implementing
junk e-mail filters.
The SCAP protocol was developed by the National Institute of
Standards and Technology, which also maintains the FDCC list. NIST maintains
different guidelines for other operating systems.
While FDCC applies only to desktops within the federal
government and contractors accessing government systems, the KACE K1000
used by any mid-sized or large organization with compliance
requirements to implement and maintain a standardized security
environment, said Dracknik. Companies generally have their own
policies, such as password security or installing service packs, and
NIST also offers other checklists that can be used with the KACE K1000,
Dell acquired Kace Networks in February 2010 for its
application virtualization technology and security management tools. The Dell
KACE K1000 Management Appliance emerged from the acquisition in July, handling
security management tasks such as vulnerability assessment, patch management
and configuration enforcement.
Dell also updated its Dell KACE Firefox Secure Browser,
which can be integrated with the KACE 1000 or installed as a stand-alone application.
Originally introduced in July with the K1000 appliance, Secure Browser uses
application virtualization to create an isolated instance of Firefox so that
Web malware and viruses don't gain access to the desktop. When Secure Browser
is closed, the software is reset to its initial virtual image, allowing users
to start each session fresh with no infections. IT administrators can also create
customized browser configurations such as warning users of malicious activity
or to preserve some user preferences, such as bookmarks, across sessions.
Pricing for the Dell KACE K1000 management appliance starts
at $8,900 per unit for 100 seats. There is also "all you can eat" version priced at
$89,000 for up to 20,000 seats, said Dracknik. Dell KACE K1000 will be generally available on
Feb. 10. The Dell KACE Secure Browser is already available as a free download.