Freely subscribe to our NEWSLETTER

A surge in conversation and excitement around next-generation firewalls (NGFWs) and security infrastructures has overshadowed a shocking lack of visibility into how change — from software patches to access changes to new system deployments — has a domino effect that can open up silent vulnerabilities across a network. Security operations personnel are challenged daily to understand the interdependencies in a complex morass of legacy and new devices and software, and the implications and potential for error they represent. A recent example of this occurred last month, when Medicaid and social security information of 780,000 citizens in Utah were exposed due to misconfiguration and ineffective access control.

Even for those companies that have implemented some level of policy/configuration management, the data deluge and ability to trace the paths and assets that are at risk remains a challenge for many. The solution lies in the ability to automatically identify, assess and remediate the impact of change or misconfiguration on security policy and controls in real time, and combine that with mechanisms that integrate comprehensive risk analysis to provide quantifiable and actionable intelligence to focus efforts on the most critical issues.

FireMon Security Manager provides policy and configuration management, enforcement and auditing of network devices such as firewalls, routers, switches and load balancers, while monitoring for and alerting on configuration changes. Security Manager also assesses current configuration settings and audits these against best practices and compliance standards — and provides extensive options for remediating configuration issues.

With the addition of a new patented risk analysis engine, Security Manager can now analyse the accessibility of any vulnerabilities from threat sources, measuring the impact, depth and risk of a potential attack. The integration allows Security Manager to evaluate, visualise and simulate attack paths throughout the network to assist security teams to quantify risk and prioritise remediation. In addition to traditional vulnerabilities detected by popular vulnerability assessment (VA) scanners, Security Manager can also incorporate penetration test results with Rapid7 Metasploit and factor proven exploits into its risk scoring. The risk analysis engine technology, obtained through the April 2011 acquisition of MIT Lincoln Labs startup, Saperix Technologies, has been deployed for more than a decade, is in use in demanding civilian and DoD environments, and is the fastest and most scalable automated risk analysis technology on the market today.

"The growing complexity of networks and the increasing sophistication of adversaries have driven imperatives for better intelligence and focus in network security management," said Jody Brazil, President and CTO of FireMon. "Any network change — from M&A integration to user, application or access changes to software updates — can cause issues from system failure to exposure of critical assets. FireMon’s hallmark has been its ability to understand and manage the implications of change in large organisations. Now, with the ability to rapidly analyse and map specific risk scenarios, we can enable security teams to better plan for change, and more effectively prioritise proactive efforts to defend their critical information assets."

FireMon Security Manger has set the standard in the industry as the most scalable platform for security policy and posture management. Its robust, distributed architecture deploys a single application server for central management and reporting. With remote, agent-less data collectors for additional monitoring capacity, Security Manager can monitor thousands of devices in a single deployment and supports a broad range of security and network devices. Security Manager’s role-based access permissions model allows for fine-grain control of user access permissions. Security Manager’s open architecture and online Nexus community enable users to create and extend analysis capabilities to meet any compliance reporting objectives or model policy impact based on each customer’s specific business needs.