1 FIREMON SECURITY MANAGER Regain control of firewalls with comprehensive firewall management The enterprise network is a complex machine. New network segments, new hosts and zero-day vulnerabilities are just a few of the moving parts that make securing access a formidable task. And while you re trying to secure a network that s constantly in transition, requirements to prove continual compliance with industry regulations and best practices further complicate your security management challenge. Firewalls are only as effective as the rules that control access into and out of your enterprise rules that can only be effective if they are managed well. Firewall management requires more than just allowing or denying access to destinations and ports however. Do you know: Why Security Manager? Find weaknesses in your network infrastructure before an attacker does strengthening security and reducing susceptibility to threats whether known or unknown. Why the business needs each firewall rule? Which rules pose the most risk? Which rules should be removed next month? How many rules you have and how many more are on the way? Which new rules are actually redundant? To manage your firewall well, you need to decide if a rule goes in or is pulled out and justify that decision with data before it is implemented. You want to capture the business justification in the change process and keep it where you can use it. You must keep the rules clean and run compliance checks every time the firewall configuration changes. What is Security Manager? FireMon s Security Manager finds the holes in your network security infrastructure before the bad guys do. A proactive, real-time security management solution, Security Manager detects your network weaknesses and makes recommendations for reducing susceptibility to threats. It can improve security by showing you a forgotten host in the DMZ that can access the internal network, a dormant security rule that provides unnecessary access, or how a multi-exploit attack could pivot deep into the network. It s Enterprise Ready: Security Manager s powerful analysis engine can handle enterprise networks with tens of thousands of hosts and thousands of network security devices. It s Comprehensive: Security Manager monitors all your network devices continuously and scales up for large networks. Use Security Manager to: Control change Improve your firewall policies Regain control of firewalls Enforce regulatory and standards compliance.
2 Built for the Enterprise, Security Manager provides the solution to this challenge by analyzing your network s posture. It monitors a consistent stream of configuration and event data from firewalls, routers, switches and load balancers, and collects host vulnerability data from network scanners to provide a complete picture of the strengths and weakness of your network. With that data securely collected in a role-based, multi-tenant data store, Security Manager s patented analysis engines apply a deep knowledge of the behavior of your network to help you find, visualize, overcome and ultimately avoid potential problems. Measure the risk from threats in seconds, understand the network configurations that make them accessible, avoid impacting business continuity while ensuring secure access, find and clean up legacy infrastructure elements, and automatically report on your posture and compliance. With Security Manager you can proactively fix your legacy challenges and be prepared to meet the security demands of tomorrow. Manage and Control Change Continuously Configuration changes happen constantly and to control them you need a change management system that gives you immediate access to change justification and clear communication channels. FireMon s Security Manager gives you six powerful tools for firewall change management. IMMEDIATE CHANGE NOTIFICATION Team members can make changes at any time of the day or night. Security Manager monitors your firewall continuously to capture all changes, planned or not, malicious or innocent, and alerts the right people. Notifications can be sent to team members in easy-to-read s, or to monitoring systems via syslog. FIREWALL-SPECIFIC CHANGE REQUESTS You can improve change effectiveness by getting better information from your users. Learn more about what access they need and why they need it with a firewall-specific change request form. CHANGE CONTROL TRACKING Track the change control number alongside the technical implementation details of the change. Use Security Manager reports to quickly find changes that lack proper documentation. CHANGE CONTROL REPORTS Search and report instantly on implementation details for any change control number. The report includes who implemented the change, when it was implemented, and on which firewall(s). GRAPHICAL CHANGE REPORTS Know immediately what changes have occurred and see what has changed with one glance. AUDIT LOGS Track who changed what in the firewall using an easy-to-use, line-by-line format. Analyze rule usage
3 Clean Up Your Firewalls Policies expand and grow complex as thousands of rules and objects are added. Keeping up with these changes and additions is a daunting process, but without it, firewalls grow less efficient and change implementation gets riskier. Security Manager automates the change process, running time-consuming, repeatable tasks for you so you can get more done faster and with less effort. DAILY ACTIVITY REPORT Security Manager collects a lot of data every day and you need to stay on top of it. The Daily Activity Report gets you started whether you need to know if the firewalls had a busy day or you re troubleshooting why response seems slow. FIREWALL COMPLEXITY REPORT With Security Manager it s easy to identify which firewalls need cleanup because their rule base has become overly complex. A single view across all firewalls quickly shows if access is too broadly defined and which specific rules are the primary cause. Firewall complexity affects not only performance, but also operational management. The less complex you can make the rule set, the faster traffic will be evaluated by the system and the easier it will be for network engineers to manage access on a day-to-day basis. HIDDEN RULES REPORT Rule sets are large and complex. But knowing when the policy contains conflicts is a great way to stay on top of the rules that need to be cleaned up. Security Manager s Hidden Rules Report analyzes your rules and provides specific, concrete recommendations. RULE USAGE ANALYSIS Once access has been requested and granted, removing it can be difficult. You can tackle this problem pro-actively by monitoring which rules are being used and removing the unused ones when needed. OBJECT USAGE ANALYSIS Even when a rule is used, Security Manager s analysis engine drills down and determines which objects in that rule are unused. This empowers you to further clean up the rule and limit unnecessary access. Identify firewalls needing clean up
4 Comply with Regulations and Standards TRAFFIC FLOW ANALYSIS Auditors often find rules that are too broad for their purpose and you must fix them after the fact. Security Manager s Traffic Flow Analysis keeps you on top of things by watching the traffic on a single rule and showing how you can more narrowly define it. Use Traffic Flow Analysis to remove all unnecessary Any objects from your accept rules. PCI ASSESSMENT Security Manager s knowledge of the rule base can help you comply with PCI-DSS Requirement. Because it knows the zones that affect PCI-DSS requirements, it can find and report on any failures. CUSTOM COMPLIANCE REPORTING Compliance is different for each organization and industry. Security Manager supports extensions for unique compliance requirements. FireMon encourages you to participate in our Nexus firewall management community and share your best practices for addressing compliance and other challenges. Audit compliance
5 Expand Visibility of Enterprise Network Behavior FIREMON ACCESS PATH ANALYSIS REMEDIATE RISK WITHOUT HAVING TO PATCH When risk exists in the network (i.e. a path from a threat to a vulnerability) there used to be only one alternative -- patch. With FireMon Access Path Analysis you have options. Access Path Analysis identifies the detailed risk path through the network, including the interfaces, routes, security rules and address translation rules that allow the access path that introduces risk. It gives network security operators the information necessary to make a precise change and reduce risk without impacting network operations. Access Path Analysis identifies the detailed risk path. FIREMON INSIGHT CONFIGURATION INTELLIGENCE FOR NETWORK SECURITY The configurations of your network security devices are the critical definitions that keep the wrong people out and let the right people in. But with thousands of devices working in concert all with proprietary configurations and overly complex rule sets it can be difficult to make sense of it all. That s where FireMon Insight fits in. This real-time dashboard gives each user a one-stop view of the critical metrics from across your security configurations, including the configurations of all major firewall vendors. Insight delivers configuration-driven security metrics Assemble a dashboard from pre-built widgets to see things like the most complex devices across your organization, most recent changes, top unused rules, or rules with excessive access. Build adhoc queries using FireMon s domain-specific query language and export the results as a PDF or CSV file. Save your custom queries as a Favorite on your dashboard for quick future access. FireMon also exposes the same Insight platform capabilities via RESTful Services, allowing you to build complex network analyses and configuration-based security metrics into other line-of-business applications, reports, and portals. Ready to Try Security Manager? Follow us on Like us on Facebook: W. 110th Street, Suite 400 Overland Park, KS USA Phone: FireMon and the FireMon logo are registered trademarks of FireMon, LLC. All other product or company names mentioned herein are trademarks or registered trademarks of their respective owners. Copyright FireMon, LLC 2012 rev
Symantec Control Compliance Suite Overview Addressing IT Risk and Compliance Challenges Only 1 in 8 best performing organizations feel their Information Security teams can effectively influence business
The Critical Security Controls for Effective Cyber Defense Version 5.0 1 Introduction... 3 CSC 1: Inventory of Authorized and Unauthorized Devices... 8 CSC 2: Inventory of Authorized and Unauthorized Software...
Trend Micro Deep Security Server Security Protecting the Dynamic Datacenter A Trend Micro White Paper August 2009 I. SECURITY IN THE DYNAMIC DATACENTER The purpose of IT security is to enable your business,
Continuous Cyber Situational Awareness Continuous monitoring of security controls and comprehensive cyber situational awareness represent the building blocks of proactive network security. A publication
White Paper Application Visibility and Monitoring > An integrated approach to application delivery Application performance drives business performance Every business today depends on secure, reliable information
White paper The future of Service Desks - vision Service Desks require strategic consideration and innovation to raise user productivity and to support business goals. Fujitsu has the experience and feedback
Securing Enterprise Applications Version 1.1 Updated: November 20, 2014 Securosis, L.L.C. 515 E. Carefree Highway Suite #766 Phoenix, AZ 85085 T 602-412-3051 email@example.com www.securosis.com Author
AppFlow White Paper AppFlow: next-generation application performance monitoring www.citrix.com Introduction: monitoring application performance has become more complex In today s always-on and connected
SAP Brief SAP s for Small Businesses and Midsize Companies SAP Business One Objectives Business Management Made Simpler Successfully manage and grow your small business Successfully manage and grow your
A Trend Micro Research Paper Suggestions to Help Companies with the Fight Against Targeted Attacks Jim Gogolinski Forward-Looking Threat Research Team Contents Introduction...3 Targeted Attacks...4 Defining
Reducing the Cyber Risk in 10 Critical Areas Information Risk Management Regime Establish a governance framework Enable and support risk management across the organisation. Determine your risk appetite
EVENT MANAGEMENT FRAMEWORK Keeping your business in synch and product flowing smoothly brochure event management framework 3 Stop small ripples in your business processes from growing into major disruptions
10 Things Your Next Firewall Must Do Introduction Without question, your network is more complex than ever before. Your employees are accessing any application they want, using work or personal devices.
SAP Statement of Direction Business Intelligence Solutions Business Intelligence Solutions from SAP: Statement of Direction Table of Contents 3 Quick Facts 4 Driving Business Innovation Through Radical
An Oracle White Paper April 2010 Application Performance Management with Oracle Enterprise Manager 11g Introduction... 1 Top Challenges of Application Performance Management... 2 Oracle s Application Performance
April 2013 Operational Intelligence: What It Is and Why You Need It Now Sponsored by Splunk Contents Introduction 1 What Is Operational Intelligence? 1 Trends Driving the Need for Operational Intelligence
A COALFIRE WHITE PAPER Using s Cloud & Data Center Security Solution to meet PCI DSS 3.0 Compliance Implementing s Deep Security Platform in a Payment Card Environment April 2015 Page 1 Executive Summary...
An Oracle White Paper June 2009 An Overview of Oracle Business Intelligence Applications Executive Overview... 1 Introduction... 1 The Build Versus Buy Decision... 3 Solving the Data Access Challenge...
theguard! SmartChange Intelligent SAP change management think big, change SMART! theguard! SmartChange theguard! SmartChange takes an intelligent SAP change management approach. It provides maximum automation,
A Websense White Paper ADVANCED PERSISTENT THREATS AND OTHER ADVANCED ATTACKS: THREAT ANALYSIS AND DEFENSE STRATEGIES FOR SMB, MID-SIZE, AND ENTERPRISE ORGANIZATIONS REV 2 ADVANCED PERSISTENT THREATS AND
SAP BusinessObjects Business Intelligence SAP BusinessObjects Business Intelligence 4.0 Solutions Empowering the Real-Time, Mobile, Social, and Global Enterprise SAP BusinessObjects Business Intelligence
Getting Started with New Relic: A Newbie s Table of Contents INTRODUCTION: Hello There, Newbie CHAPTER 1: Application Monitoring Overview CHAPTER 2: Real User Monitoring (RUM) CHAPTER 3: Transaction Traces
Special Publication 800-125 Guide to Security for Full Virtualization Technologies Recommendations of the National Institute of Standards and Technology Karen Scarfone Murugiah Souppaya Paul Hoffman NIST
technical white paper Synchronizing Data Among Heterogeneous Databases Principal Author Robert H. Wiebener, Jr. Robert.Wiebener@sybase.com www.sybase.com TABLE OF CONTENTS 1 Introduction to Heterogeneous
Plug Into The Cloud with Oracle Database 12c ORACLE WHITE PAPER DECEMBER 2014 Disclaimer The following is intended to outline our general product direction. It is intended for information purposes only,
Why patch? If you have already deployed a network architecture, such as the one recommended by Rockwell Automation and Cisco in the Converged Plantwide Ethernet Design and Implementation Guide (http://www.ab.com/networks/architectures.html),
Rob Davis Everyone wants a good process. Our businesses would be more profitable if we had them. But do we know what a good process is? Would we recognized one if we saw it? And how do we ensure we can