[PCI DSS 1.x] 10.5.5 Use file integrity monitoring and change detection software on logs to ensure that existing l

10.5.5 Verify the use of file integrity monitoring or change detection software for logs by examining system settings and monitored files and results from monitoring activities

[FONT=&quot]Hi there,
[FONT=&quot]My company is looking at deploying a good and recommended solution in order to manage the file integrity monitoring requirements of the PCI Standard (req 10.5.5 & 11.5). That being said we have been looking into the McAfee Change Control Software as a possible solution. Does anyone have any experience of this solution and whether this would be a cost effective and easily managed in a small/medium enterprise?[/FONT]

[FONT=&quot] http://www.mcafee.com/us/enterprise/products/risk_and_compliance/change_control.html [/FONT]

[FONT=&quot]Having said that, would anyone have any comments around other solutions that would meet these specific items?"[/FONT]