The Hillstone Firewall Policy Management Solution



Similar documents
The Hillstone and Trend Micro Joint Solution

FIREWALL CLEANUP WHITE PAPER

Q1 Labs Corporate Overview

Log management & SIEM: QRadar Security Intelligence Platform

Alcatel-Lucent Services

Specific observations and recommendations that were discussed with campus management are presented in detail below.

PCI DSS Reporting WHITEPAPER

THE FIRST UNIFIED DATABASE SECURITY SOLUTION. Product Overview Security. Auditing. Caching. Masking.

Firewall Administration and Management

Hillstone Intelligent Next Generation Firewall

Proactive Security through Effective Management

Symantec Security Compliance Solution Symantec s automated approach to IT security compliance helps organizations minimize threats, improve security,

QRadar SIEM and FireEye MPS Integration

March

What is Security Intelligence?

Best Practices for PCI DSS V3.0 Network Security Compliance

Cisco Unified Expert Advisor

FIREMON SECURITY MANAGER

FireMon Security Manager Fact Sheet

The Firewall Audit Checklist Six Best Practices for Simplifying Firewall Compliance and Risk Mitigation

Security. Security consulting and Integration: Definition and Deliverables. Introduction

SWOT Assessment: FireMon Security Manager Suite v7.0

LogRhythm and PCI Compliance

WHITEPAPER Complying with HIPAA LogRhythm and HIPAA Compliance

IBM Security QRadar Risk Manager

Many network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes.

Network Segmentation

10 Things IT Should be Doing (But Isn t)

IBM Tivoli Netcool Configuration Manager

The Business Case for Network Security Policy Management Quantifying the Annual Savings with the AlgoSec Security Management Suite

Cyber Security RFP Template

How can Identity and Access Management help me to improve compliance and drive business performance?

Pentaho High-Performance Big Data Reference Configurations using Cisco Unified Computing System

Company Overview. Enterprise Cloud Solutions

Security Intelligence Solutions

Guideline on Firewall

Information Technology Security Procedures

Redefining Infrastructure Management for Today s Application Economy

SharePoint Benefits. Engage partners customers and employees across one platform. Internet Extranet Intranet

Navigate Your Way to PCI DSS Compliance

DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com

IBM Security Intelligence Strategy

Building a Data Quality Scorecard for Operational Data Governance

PCI Compliance for Cloud Applications

Enterprise Information Management Services Managing Your Company Data Along Its Lifecycle

Teleran PCI Customer Case Study

The Mandate for Lights-Out IT Management

Best Practices for Log File Management (Compliance, Security, Troubleshooting)

Sarbanes-Oxley Compliance for Cloud Applications

How to Eliminate the No: 1 Cause of Network Downtime. Learn about the challenges with configuration management, solutions, and best practices.

Symantec DLP Overview. Jonathan Jesse ITS Partners

SAP Information- & Master Data Management. Akio W. Wauer SAP Solution Sales Executive for Information Management

Vulnerability Management

Redhawk Network Security, LLC Layton Ave., Suite One, Bend, OR

CA XOsoft Content Distribution v4

Intro to NSX. Network Virtualization VMware Inc. All rights reserved.

WHITEPAPER. Achieving Network Payment Card Industry Data Security Standard (PCI DSS) Compliance with NetMRI

Devising a Server Protection Strategy with Trend Micro

Why an Intelligent WAN Solution is Essential for Mission Critical Networks

How To Buy Nitro Security

Information & Asset Protection with SIEM and DLP

Devising a Server Protection Strategy with Trend Micro

The Cisco ASA 5500 as a Superior Firewall Solution

Access Rights Reporting & Monitoring

LogRhythm and HIPAA Compliance

LogInspect 5 Product Features Robust. Dynamic. Unparalleled.

C21 Introduction to User Access

Netwrix Auditor for Exchange

VMware Hybrid Cloud. Accelerate Your Time to Value

WHITE PAPER. Infoblox IPAM Integration with Microsoft AD Sites and Local Services

RSA SIEM and DLP Infrastructure and Information Monitoring in One Solution

INCREASE NETWORK VISIBILITY AND REDUCE SECURITY THREATS WITH IMC FLOW ANALYSIS TOOLS

Big Data Analytics for United Security

WHITE PAPER IMPROVING FIREWALL CHANGES OVERCOME PROCESS AND COMPLEXITY CHALLENGES BY FOCUSING ON THE FIREWALL.

MONITORING AND VULNERABILITY MANAGEMENT PCI COMPLIANCE JUNE 2014

LogPoint 5.1 Product Features Robust. Dynamic. Unparalleled.

IBM Tivoli Netcool network management solutions for SMB

Adopt and implement privacy procedures, train employees on requirements, and designate a responsible party for adopting and following procedures

HP Autonomy Software Support Foundation

A Modern Framework for Network Security in the Federal Government

IBM Security QRadar Risk Manager

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

Cisco and Citrix: Building Application Centric, ADC-enabled Data Centers

Network Performance + Security Monitoring

IBM Global Business Services Microsoft Dynamics CRM solutions from IBM

Feature. Log Management: A Pragmatic Approach to PCI DSS

Fortify. Securing Your Entire Software Portfolio

ByteMobile Adaptive Traffic Management Product Family

Security strategies to stay off the Børsen front page

White Paper. Time for Integrated vs. Bolted-on IT Security. Cyphort Platform Architecture: Modular, Open and Flexible

Elasticsearch on Cisco Unified Computing System: Optimizing your UCS infrastructure for Elasticsearch s analytics software stack

8 Key Requirements of an IT Governance, Risk and Compliance Solution

ACI ON DEMAND DELIVERS PEACE OF MIND

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION

Discover Security That s Highly Intelligent.

Enterprise Security Solutions

Payment Card Industry Data Security Standard

Process Solutions. DynAMo Alarm & Operations Management. Solution Note

Managing Network Bandwidth to Maximize Performance

Transcription:

The Hillstone Firewall Policy Management Solution Compatible with the FireMon Security Manager Overview Hillstone offers a highly effective solution for security policy management and optimization by integrating with FireMon s unified security policy management platform. This solution provides configuration management, policy analysis and security auditing of Hillstone firewalls. It helps enterprises increase system management efficiency, reduce network management costs, and eliminate network security incidents caused by human operational mistakes. Combined with the FireMon management platform, Hillstone firewalls enable flexible networking while leveraging existing devices in the network. Security Policy Management Security policy management is the core of network security management. Most enterprise network security incidents are caused by insufficient administrator service capability, incomplete processes, change errors, lack of device performance planning, inadequate operational and maintenance staff expertise, and deviation from operational and maintenance procedures. Statistics show that approximately 95% of security incidents arise from inappropriate security policy configuration. Therefore, security policy management is at the very core of network security management. Security management tools to implement security policy management quickly, and to help avoid human configuration errors, are of critical value to enterprises. Firewall Sub-Health Status Firewall security in the network is enabled through the configuration of security policies. When configured improperly, the firewall cannot provide the required security protection, and the situation also gives rise to other security risks. Firewall sub-health status caused by inappropriate configurations includes the following situations: Ineffective policies, redundant policies or zero-hit policies Inability to understand policy utilization, and to clean up large numbers of accumulated policies Loose security policies, or security policies where Any is selected

Security policies that open high-risk ports Security policies that violate the mutual access specification between security domains Hillstone Firewall and FireMon Security Manager Integration Hillstone offers an enterprise firewall policy management solution that provides unified management of firewall policies across the network, automatically corrects firewall sub-health status caused by human error, and eliminates other potential risks in the network. FireMon Security Manager is a unified security policy management platform with an intuitive GUI to help administrators effortlessly manage and analyze the security policies of Hillstone firewalls. With the FireMon Security Manager, administrators can see which policies are unused, and which are used most frequently to analyze the actual traffic permitted by a specific security policy. With this information, administrators can accurately understand the utilization and effectiveness of the access control policies on each Hillstone firewall, enabling them to perform policy optimization. A management view of the integrated solution is shown in Figure 1. Figure 1: Hillstone Firewall and FireMon Security Manager Integration Solution Features As shown in Figure 2, the integration of the Hillstone Firewall and FireMon Security Manager for security policy management offers several operational benefits, including: Unified Management Configuration Management Policy Analysis Security Audit

Figure 2 Joint Solution Features Unified Management The joint solution provides a unified management platform for Hillstone firewalls in the network. Policy synchronization and policy convergence analysis are enabled by linking to the Hillstone firewall logs. The Security Manager allows users to view the network topology, to test service accessibility between network nodes for the current policy configuration, and to analyze the hit rate of each policy. Configuration Management The policy management platform monitors the configuration and policy changes of Hillstone firewalls, maintains change records, and notifies network administrators when changes take place. It also reminds administrators to delete temporary policies about to expire. The policy management platform also provides a firewall configuration comparison feature. A comparison of security policy effectiveness before and after a modification in firewall policy or configuration is shown by comparing the configurations of the same firewall at two different points in time, or by comparing the security policies of two different firewalls. Policy Analysis The policy management platform analyzes the configuration and utilization of security policies on Hillstone firewalls, discovers redundant policies, and points out ineffective policies as well as loose security policies. Additionally, it generates reports for current policies, and provides a policy optimization function accompanied by configuration suggestions. Based on the policy utilization report, administrators understand which policies are highly utilized and can adjust the order of security policies accordingly, thereby improving the matching efficiency of security policies on Hilllstone firewalls.

Security Audit The security audit function determines configuration compliance. The Security Manager audits compliance of Hillstone firewall configurations with dozens of pre-built compliance templates including those of PCI, ISO27001, and other international standards organizations. The security auditing function is also used to determine whether administrators configurations conform to the mutual access specification between security domains and the security specification defined by the enterprise, as well as whether a policy opens a high-risk port. Solution Value The Hillstone firewall policy management solution effectively addresses issues such as human operational errors and the lack of a foundation for configuration optimization. The joint solution provides an easy-to-use tool for enterprise network security management. Administrators can detect misconfigured policies, delete invalid or redundant firewall policy entries, and fix incorrect security policy configurations in a timely manner through a single interface without the need to log into each Hillstone firewall individually to view its policy utilization. This enhanced capability helps enterprises prevent network security incidents. The policy management solution supports the full portfolio of Hillstone firewalls. It is an ideal solution for users who have already deployed, or plan to deploy, Hillstone firewalls in financial institutions, large enterprises, industrial parks and carriers. The Firemon management platform enhances Hillstone firewall functionality and security. Users can implement security management functions through a single platform, significantly reducing network security management costs. Deployment Example A global enterprise deploys nearly 100 Hillstone firewall devices, and it takes several days to inspect the configurations of these devices individually. It is difficult for the administrators to understand the policy and operational status of each individual firewall, and to discover incorrect policies and configurations. With the Hillstone policy management solution, the administrators can understand all Hillstone firewall policies and configurations far more easily, and manage all policies from a unified interface. Moreover, the administrators now have insight into the real-time health of current policy configurations by using sophisticated analysis tools. The protective capabilities of each Hillstone firewall is maximized through policy optimization and policy correction, thereby ensuring continuous business availability while also taking full advantage of the security policies. A sample deployment scenario is shown in Figure 3. Figure 3: Sample Deployment Scenario

Summary Hillstone firewalls offer a highly effective solution for security policy management and optimization by integrating with FireMon s unified security policy management platform. This solution provides configuration management, policy analysis and security auditing of Hillstone firewalls. Hillstone Networks As a leading provider in network security, Hillstone Networks security products are widely used by carriers, government agencies, large enterprises and universities. With its innovative Intelligent Next-Generation Firewall, Hillstone Networks is recognized by the Gartner firewall report as a vendor providing continuous innovation efforts in the China market. In 2014, Hillstone Networks was positioned in the Gartner Magic Quadrant for Enterprise Network Firewalls due to its outstanding innovative capabilities and competitiveness, surpassing many other global vendors in terms of completeness of vision of network security technology. FireMon FireMon is one of the leading global network security management service providers, committed to providing advanced security management solutions. As the first world-wide vendor to deliver firewall security policy management solutions, FireMon enables users to control network security infrastructure in real-time and enhance overall network security by providing comprehensive capabilities for security management, policy optimization and risk analysis. FireMon Security Manager is currently widely adopted by carriers, financial institutions, large enterprises, hosted service providers and government agencies throughout the world.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information