FireMon, the leading provider of security management and risk analysis solutions, today announced a significant update to the Security Manager platform that provides even more extensive visibility and insight into the behaviour of traffic on the network, and expanded analysis/reporting through a Web-based dashboard, powered by an innovative, new, domain-specific query language. These capabilities, combined with FireMon’s risk analysis and policy and configuration management, further extend the company’s unparalleled ability to strengthen both operational effectiveness and security posture.
In a recent research note, leading analyst firm Gartner, Inc. predicted that, “through 2018, more than 95% of firewall breaches will be caused by firewall misconfigurations, not firewall flaws.”1 Starting with its heritage in firewall management, FireMon has since established itself as a vanguard in the integration of risk analysis with configuration management, enforcement and auditing of network devices. These new capabilities allow operations and security personnel to drill deeper and better understand packet behaviour and outlying device or policy factors that can affect security posture or performance. Highlights include:
- FireMon Access Path Analysis – Taking advantage of FireMon’s patent-pending behaviour analysis framework, IT personnel can both proactively predict and forensically record the flow of packets through network configurations and obtain detailed path analysis – including routes, interfaces, firewall and NAT rules that a packet encounters while traversing the network. This allows more effective risk analysis and better informed remediation activities.
- FireMon Insight–Combinesa powerful Web-based Dashboard with a new FireMon Query Language (FMQL) to enable an unprecedented ability to visualise the current state of network and security configuration. FMQL enables rapid, ad hoc queries and audit checks to retrieve information from the configurations, changes and usage analysis stored by Security Manager. It also allows for widget creation to automate searches and encapsulate results into reporting.
“Security is no longer just about finding the proverbial needle in the haystack, it’s also about using other sources of information to determine if what you found in the acres of hay is indeed a needle,” said Greg Young, Research VP at Gartner. “This requires products that help security operators, not just burying them under more information of dubious quality.”
Notably, the company also today introduced a RESTful interface for Security Manager and a Device Pack Framework to allow for the rapid development of support for new and custom devices. The integration potential of the new interface also provides a gateway for FireMon innovations to be leveraged by, and extended to affect, the security posture of next-generation network architectures such as software-defined networks (SDNs).
The Access Path to Enlightenment…and Insight
With Access Path Analysis, FireMon is again raising the bar in providing customers with an integrated set of tools that allow them to fully understand their operational state and security posture, and proactively assess actual and specific risk to assets. Access Path Analysis uses the behaviour of normal traffic as it traverses the network to understand what vectors and/or behaviours could allow malicious traffic to find critical assets. Access Path Analysis can also be used as a forensic testing tool to evaluate and test remediation options.
Providing both more powerful data visualisation and more granular visibility, FireMon Insight provides a Web-based dashboard and a new “domain-specific” query language that knows about devices, policies and rules as well as properties (such as device name/vendor, rule source, source IP address, service protocol, service port, zones, comments, etc.). This provides a much richer and more specific understanding of operational state and allows IT and security operations to visualise the effects of configurations, usage and policy changes in the overall business context. The ability to encapsulate queries into widgets enables an easy way to automate and accelerate the assessment process.
“A sole focus on security events and forensic information only tells you where someone chose to attack, not where you are actually vulnerable,” said Jody Brazil, President and CTO of FireMon. “Additionally, the complexity of network and security configurations makes it difficult to accurately assess a company’s security posture. While there is no silver bullet to stop compromise, understanding the behavioural dynamics between traffic – both malicious and otherwise – and security infrastructure is a proven way to greatly reduce exposure and significantly limit the potential damage from compromise. With Access Path Analysis and FireMon Insight, we provide a better understanding of the existing security posture and the actionable details to improve it.”
FireMon Security Manager Version 6.1 is available now.
FireMon provides enterprises and government with security management software that gives them deeper visibility and tighter control over their network security infrastructure. The FireMon solution set – Security Manager, Policy Planner and Risk Analyzer – enables customers to identify network risk, proactively eliminate those vulnerabilities and strengthen security throughout the organization, and reduce the cost of security operations and compliance. Together, they create a highly effective and consistent solution for efficiently managing security operations. For more information, visit http://www.firemon.com. Follow us on Facebook at http://www.facebook.com/FireMon, or Twitter at http://twitter.com/FireMon, or LinkedIn at http://www.linkedin.com/company/firemon, or on our blog at http://www.firemon.com/blog.
1 Gartner “One Brand of Firewall Is a Best Practice for Most Enterprises” by Greg Young, November 28, 2012