Firemon

Firemon

Firewall management for your network, Security analytics for your data

FireMon is the only security management platform that provides insight into the policies that define what should happen in your network and the events that are actually happening in your network. With our product suite, you get the complete visibility you need to optimize performance, maintain compliance and reduce overall exposure to risk.

Security Manager

What Is Security Manager?

Security Manager is a web-based firewall management platform that provides continuous visibility into and analysis of your network security policies and underlying IT risks. The platform proactively delivers the intelligence IT security, network and compliance teams need to address the three biggest challenges of firewall management:

Risk Analyzer

With every access request granted, a potential security gap is created. The best way to combat unwarranted access is to preemptively identify and analyze areas of vulnerability. However, the complex nature of firewall configurations combined with the time-consuming burden of patching tens of thousands of vulnerabilities makes threats difficult to see and assess.

FireMon’s Risk Analyzer reduces risk by analyzing your network infrastructure proactively and comprehensively, then simulating how attackers might gain access through vulnerabilities. With Risk Analyzer, organizations can quickly assess the impact of the potential attack, where multiple exploits can be used in combination and how prepared network defenses are to defeat an attack.

Enterprise-Ready Architecture

Risk Analyzer handles large, complex networks with tens of thousands of hosts and thousands of security devices, providing results in seconds, not hours.

 

Quantitative Risk Analysis

Risk Analyzer evaluates configuration data from network devices to provide a complete and accurate picture of your network.

 

Real-Time Defense Configuration

Risk Analyzer collects the latest configuration data from FireMon Security Manager with just one click.

 
 
 

Feature Overview

 

Risk Analyzer’s patented risk engine helps IT security teams discover weaknesses in the network, evaluate the impact of a combination of exploits and recommend changes proactively.

 

On-Demand Analysis

Reachability
 
 

FireMon Risk Analyzer collects and reports the current configurations of network access controls deployed on firewalls, routers, switches, IDS/IPS, proxies and traffic gateways to ensure timely and accurate analysis. Thus, the remediation guidance provided by the application is based on live, changeaware data rather than periodic, out-of-date static sources.

 

 
 

Attack Simulation

attack simulation
 
 

FireMon’s network risk analysis is based on scan results from the industry’s leading vulnerability management solutions in addition to network configuration baselining.

 

  • Exploitability Simulation – an interactive model that illustrates which vulnerabilities are accessible. Accessibility is determined by the presences of open paths, hop paths or privilege upgrade exploits.
  • Vulnerability Prioritization – an ordered list of recommended remediation steps based on configurable risk criteria – including host criticality, network zone criticality, vulnerability severity and other assessment-specific variables.
  • Data Exporting – export simulation data via RESTful APIs to downstream solutions for more practical operational use in decision-making outside of console-based analysis.
 
 

Remediation Recommendations

Proactive What If Scenarios
 
 

In addition to the attack simulation functionality, remediation can also be simulated based on available patch strategies or access path changes to eliminate accessibility while still enabling critical services. The remediation simulation data can also be exported to aid patch management processes.

 
 

Access Path Analysis via Security Manager

Potential Attack Visualization
 
 

Decrease exposure and enable mitigation of risk by tracing all potential traffic paths, identifying problematic routes and implementing recommended adjustments to redirect access.

 

Risk Analyzer performs a topology-aware assessment of critical factors including device rules, access routing and NAT, and prioritizes risks based on ease of reachability, value of underlying assets and known patterns of existing attacks.

By adapting device rules to reroute access, risks can be addressed immediately and reduce complexity and time in patch remediation efforts.


 
 

To learn more about Risk Analyzer, participate in an in-depth demonstration or sign up for a free 30-day trial to test its capabilities in your own unique environment, click here.

Policy Optimizer

Introducing FireMon Policy Optimizer

FireMon’s Policy Optimizer Module automates key elements of the process necessary to adapt network security device policies to respond to changing conditions. Policy Optimizer dramatically advances the identification and improvement of troublesome firewall configurations in relation to emerging threats, evolving business demands and maturing compliance requirements, providing a centralized workflow allowing security teams to interact directly with other network access stakeholders, with integrated risk analysis.

Policy Optimizer supports complex, heterogeneous networks containing multiple firewall vendor technologies. The workflow is customizable to meet the needs of any organization. And with RESTful API’s exposed, integration into existing change management systems is natively supported.

 
 
 

Policy Optimization Process Management

 

Transform security infrastructure management by automating the change review process, from rule analysis to policy modification, as well as recertification and documentation.

 
 
FireMon Policy Optimizer
 
 
 

Rule Recertification & Review

 

Analyze firewall policies to clean-up and optimize firewall configurations to improve security, manageability and performance. Key features include:

 
 
Rule Review
 
 

 

Rule Review

 

 
 
Examine all rule sets applied within your existing firewall policies to continually assess and improve network enforcement.

 

LEARN MORE »

 
Multi-Factor Rule Review
 
 

Multi-Factor Rule Review

Analyze every aspect of rule review, driven by real-world events, to identify control failures, understand usage and apply best practices for improving or removing access, when possible.

 
Rule Recertification
 
 

Rule Recertification

Utilize a closed-loop workflow to ensure that network security compliance requirements are being met and advance the process of periodic rules recertification for standards including PCI DSS.

 
 
 

Process

 

Continuous monitoring of all devices for any change to the configuration or policy. Understand what changed, when it changed, why it changed and the impacts of the change. Full change management solution including:

 
 
Rule Review
 
 

Intelligent Policy Editing

Leverage a wide array of powerful tools to automate policy identification, analysis and editing, including dynamic search capabilities built around the proprietary FireMon Security Intelligence Query Language (SIQL) enabling full-scope evaluation, review and testing of device configurations.

 
Multi-Factor Rule Review
 
 

Event-Driven Rule Analysis

Automatically identify those policies and rules that demand immediate analysis driven by real-world events, including time-frame expiration, critical security control failure, periodic review or ad-hoc query; complemented by manual routing.

 
Rule Recertification
 
 

Customized Workflow

Easily change the built-in workflow to meet your custom needs. Because it is built on BPMN 2.0 task types, including forks, parallel paths, timers and notifications, you can build a workflow specific to your environment.

 
 
 

Whitelist

 

Review effectiveness and correctness of enforced policies on firewalls to identify gaps in protection and inconsistencies in configurations as well as enforce internal access controls.

 
 
 
 
 

3rd-Party Integration

 
Integrate with existing change management systems seamlessly. Policy Planner supports many integration options and connection points throughout the change process. Supported change management systems include:

 

  • HP Service Manager
  • BMC Remedy
  • Service Now
  • Proprietary Systems
 
 
 

To learn more about Policy Optimizer, participate in an in-depth demonstration or sign up for a free 30-day trial to test its capabilities in your own unique environment, click here.

Policy Planner

FireMon’s Policy Planner Workflow Module automates the firewall change process with an intelligent workflow solution solving unique challenges associated with firewall change management. Policy Planner [PDF] dramatically improves the efficiency of the change process, reducing time and costs associated with access change requests while at the same time improving security by integrating security and risk analysis directly into the process.

FireMon Firewall Policy Planner

Policy Planner supports complex, heterogeneous networks containing multiple firewall vendor technologies. The workflow is customizable to meet the needs of any organization. And with RESTful API’s exposed, integration into existing change management systems is natively supported.

 
 
 

Rule Recommendation

 

Automatically generate recommended rule changes to meet the access change request requirements. Rule Recommendation analyzes the current behavior of the entire network and can quickly identify all devices impacted and determine the specific changes necessary to accommodate the request. Common scenarios that Rule Recommendation can assist with are:

 

  • No Change Necessary: a large percentage of change requests are unnecessary. Quickly close these requests without impacting engineering resources or making unnecessary changes on a firewall.
  • Identify impacted devices: the first step to making a change is understanding which devices are in the line of the traffic. The topology aware analysis engine in Policy Planner handles this automatically.
  • Recommend rule changes: find existing rules that can be potentially modified to achieve the requested access. Or, if no similar rules exist, recommend where a new rule should be created to ensure the access is effectively configured.
Rule Recommendation

 

 
 
 

Change Process (Workflow)

 

Review effectiveness and correctness of enforced policies on firewalls to identify gaps in protection and inconsistencies in configurations as well as enforce internal access controls.

 

 
 
Policy Change Impact Analysis
 

 

Policy Change Impact Analysis

 
 
Assess the impact that proposed policy changes will have on network security enforcement, locally and cross-infrastructure, prior to implementation.
 
Continuous Policy Compliance Assessment
 

 

Continuous Policy Compliance Assessment

 
 
Audit device policies on an ongoing basis to ensure that all requirements are being met and maintain a record of frequent controls validation.
 
 
Automated Rules & Exception Documentation
 

 

Automated Rules & Exception Documentation

 
 
Keep a running log of all rules and configuration updates, audits and exceptions with the ability to search intuitively. All change details are captured and permanently stored with the change. All these details are then visible in the context of the policy or rule – not just a link to a change ticket, but with full detail information.
 
Customized Workflow
 

 

Customized Workflow

 
 
Easily change the built-in workflow to meet your custom needs. Because it is built on BPMN 2.0 task types, including forks, parallel paths, timers and notifications, you can build a workflow specific to your environment.

 

BPMN 2.0 Compliant Workflow

  • Customizable
  • Integration with existing processes
  • Full suite of tasks: forks, timers, decisions, user inputs
BPMN 2.0
 
 
 

CMS Integration

 

Integrate with existing change management systems seamlessly. Policy Planner supports many integration options and connection points throughout the change process. Supported change management systems include:

 

  • HP Service Manager
  • BMC Remedy
  • Service Now
  • Proprietary Systems

 


To learn more about Policy Planner, participate in an in-depth demonstration or sign up for a free 30-day trial to test its capabilities in your own unique environment, click here.