Skip to main content
McAfee Enterprise MVISION Cloud

About Configuration Audit for IaaS

Security Configuration Audit allows your policy team to monitor IaaS (Infrastructure as a Service) configuration. You can use the Security Configuration Audit to monitor and discover if your cloud services have been configured per industry best practices.

Supported services include:

  • Amazon Web Services (AWS)
  • Microsoft Azure
  • Azure Container Registry (ACR)
  • Google Cloud Platform (GCP)
  • Google Container Registry (GCR)

Config Audit policies are grouped into the following categories:

  • Unrestricted Access
  • Identity and Access Management
  • Network Security
  • Encryption
  • Logging
  • Monitoring
  • Certificate And Key Management
  • Backup and Recovery 
  • Infrastructure Management
  • Application Security
  • Others. All custom policies. 

For SaaS, or Microsoft Office 365, see Security Configuration Audit for Saas

Enable Security Configuration Audit

Enable Security Configuration Audit in Settings > Service Management when you create your service instance and select the features. 

When you create your service instance, you can configure notifications to be sent based on different Configuration Audit incident severities as per your organization's requirements. This allows you to avoid being inundated with minor severity incidents alerts. For details, see Enable Configuration Audit Notifications

Security Configuration Audit Page

The Policy > Configuration Audit page provides a high-level view of the configuration policies that are currently active or inactive in your organization's MVISION Cloud account. You can use the page to enable or disable policies and can filter or search policies to gain insights into areas where your organization should improve their security IAAS footing.

config_audit_5.20.png

The Security Configuration Audit page provides the following information and actions:

  • Filters. Select options on the Filters tab to scope down your search. For details, see Filter Configuration Audit Policies
  • Search. Search via the Omnibar
  • Actions. Click Actions to:
  • Policy Name. The name of the Configuration Audit policy. 
  • Status. The status of the Configuration Audit policy, including Active or Inactive. 
  • Service Name. The name of the cloud service provider the policy applies to. 
  • Policy Category. The category of the Configuration Audit policy. 
  • Last Updated. The date the policy was last updated. 
  • Updated By. The user who last updated the policy. 
  • Actions. 

Security Configuration Audit Cloud Card

Click a policy to access the Cloud Card with policy details. 

config_audit_details_5.2.0.png

The Configuration Audit Cloud Card provides the following information and actions:

  • Policy Name. The name of the Configuration Audit policy. 
  • Policy Description. The optional description of the Configuration Audit policy. 
  • Policy Type. The type of policy. 
  • Policy Status. The status of the Configuration Audit policy, including Active or Inactive. 
  • Edit this policy
  • Schedule. The frequency the policy is scheduled to run. 
  • Permissions. The permissions required for this policy to run. 
  • Was this article helpful?