A Maintenance Pack is required to deliver the enhancements and fixes for Control Compliance Suite version 11.0.
The Product Update (PU) 2013-2 delivers the following new capabilities and enhancements to Control Compliance Suite 11.0:
New - Policy Central Portal
CCS Policy Central is a single portal that lets you interact with published policies that are applicable to your organization and it also helps you manage policy attestations for compliance and audit purposes.
Previous Web Portal functionality on policies intended for policy audience is now made available through Policy Central.
New - Mandate Based Reports
CCS provides following two new predefined reports for mandate compliance and remediation:
Mandate Compliance Report is a control centric report, which provides a consolidated compliance view for Standards Manager, SCAP, and integrated external data systems.
Mandate Remediation Report is an asset centric report, which provides an overview of remediation for the failed controls.
New -Support for CCS Assessment Manager (AM) 11.0
CCS provides an Assessment page on the Web Console for CCS AM assessments and also displays links for CCS AM Administrative Console and End-user Console.
Policy Results by Control report and Mandate Remediation report provide data for CCS AM to view detailed response on CCS AM assessments.
New - Agent-based assessment support for Windows 2012 targets
CCS lets you collect data from the Windows 2012 platform using agent-based method by installing latest version of CCS Agent, which is available at Symantec Security Response Website.
New - Additional Browser support for CCS
CCS functionality is now verified on additional Web browsers: Mozilla Firefox version 20.0 (only on Windows), Google Chrome version 26.0 (only on Windows), and Safari version 6.0 (only on the Macintosh).
Enhanced - Control Studio
CCS provides Enable and Disable Control Statement options in the Controls Framework and also provides Filter option for Controls Studio that lets you filter the control statements based on their states.
CCS Control Studio now allows you to customize and manage your Control framework to fine-tune the list of active control statements to only those that are aligned with your organizational information Security objectives. You can selectively enable and disable control statements based on your organization's SoA (Statement of Applicable Controls) and also import an externally generated SoA into the product using newly added Control Studio ISS APIs.
Enhanced - Trend Panels
CCS provides support for four new data models to create the trend panels for Policies, Mandates, and Standards, which can be used to measure security assessment posture of your organization over a period of time.
Enhanced - Business Asset Reconciliation
CCS introduces conditions based Business Asset association during external data import as the Post Rule, range based conditions to filter resolved assets for the Update Rule, for IPv4 and numeric format.
Enhanced - Dashboard panel constellation pages
On the CCS Dashboard panel, Asset Details constellation page now displays a list of failed external data assessments and assessment procedures for the asset.
Enhanced -CCS performance optimization
CCS improves performance of panels and reports, automatic data synchronization task for the evaluation job, job search and asset resolution, and Update Statistics maintenance task for Global Metrics and Trend Computation job.
Enhanced – Purge Job scheduling and Database maintenance
CCS provides the Production data purge job in the jobs view, to allow scheduling and notifications for the job run, and view job run status messages.
CCS provides an alert on the CCS Console Homepage, when the database maintenance plan is due. To optimize CCS, you can run database maintenance from the CCS Console.
For more details on the new features and enhancements, refer to the PU 2013-2 Readme.