Cyber_IA

Xacta® IA Manager: Features and Minimum System Requirements.


xacta_ia_manager_internal  Sign up for an online Xacta IA Manager evaluation account

Xacta IA Manager’s risk and compliance management features coupled with its process automation capabilities enable:

Xacta supports the key features of NIST's Risk Management Framework (click to enlarge)Implementation Priority: In support of NIST 800-53 Revision 4, “Recommended Security Controls for Federal Information Systems and Organizations”

Continuous Monitoring: Streamlines processes for continuous monitoring and security risk assessment.

Extensible Publishing: Fast and easy modification of existing templates and simpler creation of new ones; includes a complete array of standard templates for DIACAP documentation as well as the new CAP-IT (Certification and Accreditation Package Input Toolkit) format

Controls Inheritance: Allows common security controls to be inherited across systems for operations in the relevant hierarchy branch to reduce the complexity and cost of security administration

Privacy Impact Assessments (PIA): Supports production of privacy impact assessments (PIA) in keeping with federal guidelines

Reference Relationships: Establishes reference-extension relationships between projects to ensure accurate configuration notifications and reporting for “type-accredited” systems protections

Asset Awareness / Hardware / Software Inventory:
Capture and report on a rich collection of demographic information regarding each IP device — asset inventory, physical location and ownership information, operating system configuration data, and hardware and software inventory.

Security Configuration Scanning: Continuously check on the status of your systems to ensure they’re optimized for greatest security.

Security Requirements Evaluation: Relate IT asset data to an extensive set of security requirements that are provided with the IA Manager knowledge base.

Publishing and Reporting: Automatically generate the documentation needed to report on and comply with the leading compliance regulations, including DIACAP, NIST, CNSS, FISMA, ISO 27002, HIPAA, and GLBA.

USGCB/ SCAP: Simplify asset configuration compliance auditing to ensure compliance with United States Government Configuration Baseline (USGCB) checklists for Windows platform scanner capability; continuously scan endpoint systems for patches and vulnerabilities by leveraging Security Content Automation Protocol (SCAP) content

Continuous Risk and Compliance Assessment: The only commercially available product that is able to perform continuous risk and compliance assessment as an on-going business process as specified in standards such as DIACAP (Phase IV), NIST 800-37 (Risk Management Framework), and NIST 800-137 (Continuous Monitoring).

Automated Vulnerability Assessment and Management: Automate the correlation between your vast inventory of devices and the ever-increasing array of vulnerabilities encountered every day; includes manual and automated mechanisms necessary to quickly add new vulnerabilities to the Xacta IA Manager knowledge-base, integrated asset discovery utilities, and vulnerability scanning tools that are required to detect the presence of known vulnerabilities.

Automated Vulnerability Remediation: Xacta IA Manager’s process integration capabilities enable you to respond immediately to critical situations by programming vulnerabilities to automatically trigger the appropriate actions. You can alert key personnel and automate the distribution and installation of critical software patches and upgrades across the enterprise, assuring that your security posture is always current.

Vulnerability Risk and Compliance Reporting: Xacta IA Manager allows you to determine compliance and risk posture as it relates to vulnerabilities by comparing vulnerability information to your asset information and determining which assets are susceptible.


 

Recommended System Requirements for Xacta® IA Manager Product Suite 

The following specifications are what Telos recommends for optimal performance of the application. Additionally, Telos recommends multi-CPU servers and additional RAM.

Client Specifications

  • Operating System Microsoft XP, Microsoft Vista, Microsoft Windows 7
  • MS Office – MS Office 2003 or greater1
  • PDF –Adobe Acrobat Reader 8.0 or higher1
  • Browser –Internet Explorer 8 / 9  or Firefox 10.x (TLS 1.0 and JavaScript enabled)

Xacta Assessment Engine

Assessment Engine can be scaled from single user workstations, organizational networks, all the way up to enterprise implementation. The Xacta IA Manager technologies are database driven web applications.2

Deployment Option – Single Server

  • Recommended for small networks or for a standalone system typically employed by those performing static compliance/risk assessments
  • Suitable for up to 10 projects

Application, Database and Publishing Servers

  • Dual core processor (2.65GHZ processors) or faster
  • 4GB RAM
  • 120GB Hard Drive
  • MS Windows 2003 / Vista3,4 / Windows 74
  • MS Office5 2003/2007 / 2010
  • MS .NET 3.5, Service Pack 1 or higher
  • MS SQL Server Express 20086 (provided on install CD) or MS SQL Server 2005 / 2008
  • Windows Installer 4.5 (required for MS SQL Express 2008 installs)

Deployment Option – Standard Network

  • Recommended for medium-sized enterprises or regional installations that are part of a larger distributed installation
  • Suitable for up to 50 projects
  • Recommended configuration for a standard network deployment consists of two server-class machines: an application server and a database/publishing server

 Application Server

  • Dual core processors (2.6 GHZ processors) or faster
  • 8GB RAM (4 GB allocated to JVM)
  • 200GB Hard Drive
  • MS Windows Server 2003 x64 Edition/2008 x64 Edition

 Database and Publishing Servers

  • Dual core processors (2.6 GHZ processors) or faster
  • 8GB RAM
  • 300 GB Hard Drive
  • MS Windows Server 2003/20084 or Unix (DB only)
  • MS Office5 2003 / 2007 / 2010
  • MS SQL Server 2005 / 2008 or Oracle 10g / 11g
  • MS .NET 3.5, Service Pack 1 or higher

Deployment Option – High Volume

  • Recommended for enterprises having greater than 50 projects and wishing to maintain centralized control over the data
  • The recommended configuration for a high-volume network deployment consists of three server-class machines: an application server, a database server, and a publishing server.

 Application Server

  • Dual, Quad core x64 processors (2.6 GHZ Processor) or faster
  • 12GB RAM (8 GB allocated to JVM)
  • 500 GB Hard Drive
  • MS Windows Server 2003 x64 Edition/2008 x64 Edition

 Database Server

  • Dual, Quad core x64 processors (2.6 GHZ Processor) or faster
  • 12 GB RAM (Oracle: 8 GB allocated for SGA)
  • 1 TB Hard Drive
  • MS Windows Server x64 2003/x64 2008 or Unix x64
  • MS SQL Server x64 2005/2008 or Oracle 10g / 11g

 Publishing Server

  • Dual, Quad core x64 processors (2.6 GHZ Processor) or faster
  • 4 GB RAM
  • 100 GB Hard Drive
  • MS Windows Server 2003/20083,4
  • MS Office5 2010
  • MS .NET 3.5, Service Pack 1 or higher

Xacta Continuum and Xacta Detect Servers

Basic Deployment (up to 2,000 agents)

Xacta Continuum

Application Server

  • Dual core processors (2.6 GHZ processors) or faster
  • 8GB RAM (4 GB allocated to JVM)
  • 200GB Hard Drive
  • MS Windows Server 2003 x64 Edition/2008 x64 Edition

Database Server

  • Dual core processors (2.6 GHZ processors) or faster
  • 8GB RAM
  • 300 GB Hard Drive
  • MS Windows Server 2003/2008 or Unix
  • MS SQL Server 2005 / 2008 or Oracle 10g / 11g

 Xacta Detect Server8

Application Server

  • Dual core processors (2.6 GHZ processors) or faster
  • 8GB RAM (4GB allocated to JVM)
  • 100GB Hard Drive
  • MS Windows Server 2003 / 2008 (x64 recommended)

Database Server

  • Dual core processors (2.6 GHZ processors) or faster
  • 8GB RAM
  • 200 GB Hard Drive
  • MS Windows Server 2003/2008 or Unix
  • MS SQL Server 2005 / 2008 or Oracle 11g

Enterprise Deployment (Greater than 2,000 agents)

Xacta Continuum

Application Server

  • Dual core processors (2.6 GHZ processors) or faster
  • 12 GB RAM (8GB allocated to JVM)
  • 200 GB Hard Drive
  • MS Windows Server 2003 x64 Edition

Database Server

  • Dual core processors (2.6 GHZ processors) or faster
  • 16 GB RAM
  • 500 GB Hard Drive
  • MS Windows Server 2003/2008 or Unix
  • MS SQL Server 2005/2008 or Oracle 11g

Xacta Detect Server8
(Recommend no more than 4,000 agents per Detect Server)

Application Server

  • Dual core processors (2.6 GHZ processors) or faster
  • 4 GB RAM (8GB for x64)
    (1.5 GB allocated to JVM / 4GB for x64)
  • 200 GB Hard Drive
  • MS Windows Server 2003/2008 (x64 recommended)

Database Server

  • Dual core processors (2.6 GHZ processors) or faster
  • 8 GB RAM
  • 300 GB Hard Drive
  • MS Windows Server 2003/2008 or Oracle 10g/11g

Xacta HostInfo

This is a family of host-specific software used for security-relevant configuration information collection and assessment. HostInfo can be run as a one-time executable or installed as an agent to support Xacta Continuum and Xacta Detect. 

Platforms Supported

  • MS Windows 2000/XP/2003/2008/Vista/7

Notes:

1MS Office (Word and Excel) and Adobe Acrobat Reader are required on client systems for viewing of published documents.
2Recommended Installation and Administration Skills: MS Windows administration skills, MS SQL Server or Oracle database administration knowledge, and general Internet and TCP/IP networking knowledge.
3For Windows Vista, the Publisher component of Assessment Engine requires special configuration after installation in order to support PDF document/report production. (Please review reference manual for configuration instructions.)
4For Windows Vista, 7 and 2008, the Publisher component of Assessment Engine must be run on a 32 bit version of the OS.
5MS Office Installation: The Xacta Publisher component requires all MS Word files and libraries to be installed. Therefore, when you run the MS Office installation program, you should select the full installation option, referred to as "Run from my computer" in the MS Office installation routine. Do not select the "Run from CD" or "Typical Installation" option. The Xacta Publisher requires valid administrator login for proper operation. When the publisher is installed on 64 bit Windows 2008 server R2 or 64 bit Windows 7 platforms, MS Office 2010 must be also be installed.
6MS SQL Express (formerly known as MSDE) has 4GB limitation and is only recommended for small environments.
7High Volume deployments running under VMs require CPU and memory reservations as specified in the above chart.
8PDF signing is currently not available.