Alternatives & Opportunity
Symantec
SmartBUY – Risk Automation Suite (RAS) BPA
Winvale is pleased to offer Symantec's Risk Automation Suite (RAS) under GSA's SmartBUY BPA program. The RAS software suite from Symantec is the first fully SCAP-compatible compliance framework tool. RAS integrates the discovery of assets, vulnerability management, configuration management and policy management in a single, easy to deploy, easy to manage package.
GSQ0009AE0014 (May 2009- May 2014)
- Ceiling Value: $20,000,000
- GSA Schedule Number: GS-35F-0074S
- DUNS Number: 14-121-3871
- CCR: ACTIVE- Effective Date 05/16/2003
- Winvale CAGE Code: 35RS6
- Winvale Tax ID: 20-0019673
About Symantec's Risk Automation Suite (RAS):
RAS can discover every asset connected to your network, scan the appropriate assets for compliance with NIST 800-53 or the Federal Desktop Core Configuration (FDCC) for XP or Vista, and provide a centralized portal for continuous measurement and reporting against many other standards as well. The RAS platform becomes the solution through which your agency can measure progress against compliance standards in an automated and integrated solution, with options for agent-less or agent based assessments.
RAS's core abilities mirror the objectives of NIST’s Secure Content Automation Protocol (SCAP), a method for using specific standards to enable automated vulnerability management, measurement and policy compliance evaluation.
- RAS Asset Discovery – rapidly discovers and inventories all networks and network assets, including managed and unmanaged devices.
- RAS Configuration Management – maintains an accurate inventory of system configurations, including technical controls, software, user accounts and system changes.
- RAS Vulnerability Management – conducts ongoing vulnerability detection and reporting for operating systems, infrastructure, network applications and databases.
- RAS Policy Management – continuously evaluates system configuration and compliance with standards and policies.
All four modules continually funnel information into the centralized RAS Portal, enabling a streamlined, automated and end-to-end measurement process – from asset discovery to compliance reporting and remediation workflow.
Public Sector Agencies rely on RAS to automatically measure IT security and compliance with government policies and standards, including:
- Federal Information Security Management Act (FISMA)
- Federal Desktop Core Configuration (FDCC)
- Certification and Accreditation (C&A)
- National Institute of Standards and Technology (NIST) 800 Series
- Continuous Monitoring of IA Controls
Network discovery and leak detection, baseline configuration measurement against NIST 800 standards, and vulnerability management are always a top priority for government agencies. We can help you understand your current state, report on your compliance, and measure your progress towards remediation quickly, easily and continuously.
Government agencies will find RAS listed as a SCAP-validated solution on the National Vulnerability Database Web site , and you can find more information by visiting the Symantec website at www.symantec.com.
GSA SmartBUY BPA SmartBUY BPA Ordering Guidelines
State of Florida Ordering Guidelines
