YOUR NETWORK SECURITY WITH PROACTIVE SECURITY INTELLIGENCE



Similar documents
Empowering Enterprises to Continuously Monitor IT Compliance and Mitigate Risk Proactively

INTEGRATION GUIDE TECHNOLOGY INTRODUCTION NETWORK DEVICES AND INFRASTRUCTURE

TECHNOLOGY INTEGRATION GUIDE

TECHNOLOGY INTEGRATION GUIDE

What a Vulnerability Assessment Scanner Can t Tell You. Leveraging Network Context to Prioritize Remediation Efforts and Identify Options

REDSEAL NETWORKS SOLUTION BRIEF. Proactive Network Intelligence Solutions For PCI DSS Compliance

Optimizing Network Vulnerability

ADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT

The Firewall Audit Checklist Six Best Practices for Simplifying Firewall Compliance and Risk Mitigation

Enabling Continuous PCI DSS Compliance. Achieving Consistent PCI Requirement 1 Adherence Using RedSeal

Prevent cyber attacks. SEE. what you are missing. Netw rk Infrastructure Security Management

Prevent cyber attacks. SEE. what you are missing. Netw rk Infrastructure Security Management

Total Protection for Compliance: Unified IT Policy Auditing

FIREMON SECURITY MANAGER

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

How To Manage A Network Security System

Tufin Orchestration Suite

Extreme Networks Security Analytics G2 Vulnerability Manager

Addressing FISMA Assessment Requirements

IBM Security QRadar Vulnerability Manager

Leveraging Network and Vulnerability metrics Using RedSeal

Proactive Security through Effective Management

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

Improving Network Security Change Management Using RedSeal

Worldwide Security and Vulnerability Management Forecast and 2008 Vendor Shares

Review: McAfee Vulnerability Manager

Agent or Agentless Policy Assessments: Why Choose?

Best Practices for PCI DSS V3.0 Network Security Compliance

Network Configuration Manager

NERC CIP VERSION 5 COMPLIANCE

THE TOP 4 CONTROLS.

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Sample Vulnerability Management Policy

Symantec Control Compliance Suite. Overview

TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE. ebook Series

OCCS Procedure. Vulnerability Scanning and Management Procedure Reference Number: Last updated: September 6, 2011

IBM Tivoli Compliance Insight Manager

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION

IT Security & Compliance. On Time. On Budget. On Demand.

whitepaper The Benefits of Integrating File Integrity Monitoring with SIEM

Clavister InSight TM. Protecting Values

Tripwire Log Center NEXT GENERATION LOG AND EVENT MANAGEMENT WHITE PAPER

Tripwire Log Center NEXT GENERATION LOG AND EVENT MANAGEMENT WHITE PAPER

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Symantec Security Information Manager Version 4.7

CORE Security and GLBA

Cyber Security RFP Template

Symantec Control Compliance Suite Standards Manager

Technology Blueprint. Assess Your Vulnerabilities. Maintain a continuous understanding of assets and manage vulnerabilities in real time

Reference Guide. Skybox View Revision: 11

BIG SHIFT TO CLOUD-BASED SECURITY

PCI-DSS Penetration Testing

PCI Solution for Retail: Addressing Compliance and Security Best Practices

Payment Card Industry Data Security Standard

Automating Network Security Assessment NW2011 BRKSEC-1065

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

How To Buy Nitro Security

Lumeta IPsonar. Active Network Discovery, Mapping and Leak Detection for Large Distributed, Highly Complex & Sensitive Enterprise Networks

Using the Tenable Solution to Audit and Protect Firewalls, Routers, and Other Network Devices May 14, 2013 (Revision 1)

Vulnerability Management Isn t Simple (or, How to Make Your VM Program Great)

AUTOMATING AUDITS AND ENSURING CONTINUOUS COMPLIANCE WITH ALGOSEC

Extreme Networks Security Analytics G2 Risk Manager

How to Painlessly Audit Your Firewalls

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

Continuous Diagnostics & Mitigation:

Meeting PCI Data Security Standards with

The Business Case for Network Security Policy Management Quantifying the Annual Savings with the AlgoSec Security Management Suite

Software Vulnerability Assessment

TRIPWIRE NERC SOLUTION SUITE

IPLocks Vulnerability Assessment: A Database Assessment Solution

IBM Security QRadar Risk Manager

PCI Compliance for Branch Offices: Using Router-Based Security to Protect Cardholder Data

McAfee Server Security

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

Meeting PCI Data Security Standards with Juniper Networks Security Threat Response Manager (STRM)

FireMon Security Manager Fact Sheet

LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE

ARE YOU REALLY PCI DSS COMPLIANT? Case Studies of PCI DSS Failure! Jeff Foresman, PCI-QSA, CISSP Partner PONDURANCE

Healthcare IT Compliance Service. Services > Overview MaaS360 Healthcare IT Compliance Service

When it Comes to Monitoring and Validation it Takes More Than Just Collecting Logs

Enterprise Computing Solutions

Dynamic Data Center Compliance with Tripwire and Microsoft

Cisco Advanced Services for Network Security

White Paper. Managing Risk to Sensitive Data with SecureSphere

Configuration Audit & Control

WHITEPAPER. Addressing Them with Adaptive Network Security. Executive Summary... An Evolving Network Environment Adaptive Network Security...

Trend Micro. Advanced Security Built for the Cloud

PUTTING NIST GUIDELINES FOR INFORMATION SECURITY CONTINUOUS MONITORING INTO PRACTICE

Cisco SAFE: A Security Reference Architecture

Bottom line you must be compliant. It s the law. If you aren t compliant, you are leaving yourself open to fines, lawsuits and potentially closure.

How To Test For Security On A Network Without Being Hacked

IBM PowerSC. Security and compliance solution designed to protect virtualized datacenters. Highlights. IBM Systems and Technology Data Sheet

Bringing Continuous Security to the Global Enterprise

case study Core Security Technologies Summary Introductory Overview ORGANIZATION: PROJECT NAME:

Using Skybox Solutions to Achieve PCI Compliance

Criticial Need for Stronger Network Security. QualysGuard SaaS-based Vulnerability Management for Stronger Security and Verification of Compliance

Preemptive security solutions for healthcare

Does your Citrix or Terminal Server environment have an Achilles heel?

Transcription:

FAST FORWARD YOUR NETWORK SECURITY WITH PROACTIVE SECURITY INTELLIGENCE VISUALIZE COMPLY PROTECT RedSeal Networks, Inc. 3965 Freedom Circle, 8th Floor, Santa Clara, 95054 Tel (408) 641-2200 Toll Free (888) 845-8169 www.redsealnetworks.com

REDSEAL NETWORK ADVISOR 5 Continuous Network Security Monitoring KEY BENEFITS CONTINUOUS NETWORK SECURITY MONITORING RedSeal continuously verifies that your network is enforcing the security that you need. IMPROVED NETWORK SECURITY OPERATIONS RedSeal automatically isolates the firewall changes needed to open or close access and cleans up complex rule bases. REDUCED AUDIT RISK & EFFORT RedSeal automates control testing and demonstrates that your network security complies with regulations and internal policies. The network. It s the first line of defense for your organization s information. Every year, companies spend billions of dollars on firewalls, proxies, routers and other devices to prevent unauthorized access to their network. And yet security breaches are still depressingly routine. Why? In most large organizations, firewall rulesets and ACLs have grown far too complex for a single human to understand. In fact, 91 percent of firewall administrators believe an error has been introduced into their ruleset in the last month. And unlike errors that provide too little access, the phone doesn t ring when an error results in too much access until it is too late. Even so, most organizations make rule changes weekly, with little assurance of their accuracy other than a manual approval and an annual audit. RedSeal Network Advisor is security posture management software for your enterprise network. Every day, it gathers the configurations of all your network devices: firewalls, routers, load balancers, and more. It analyzes how the rules on all of these devices work together to defend business assets on your network. And it validates this access control against both regulations and your own security policies. The result: you get the security you expected when you invested in all those devices in the first place. With RedSeal, you ll know precisely what access is allowed from the internet and extranet, between security zones, and to all of your critical systems. Spot inadvertent or malicious exposure in minutes not when you have your next audit or breach. Demonstrate your security to auditors, customers and management. And, most importantly, ensure the safety of your critical business information and systems. PRODUCT OVERVIEW RedSeal Network Advisor & Vulnerability Advisor 5 2

CONTINUOUSLY MONITOR NETWORK SECURITY COMPREHENSIVELY ANALYZE NETWORK-WIDE ACCESS To be confident in your network security, you need to know exactly what access is and is not allowed throughout you infrastructure. RedSeal automatically collects the configuration files for all of your network devices and analyzes how they all work together. First, it creates an accurate map of your network so you know how everything is connected. Then RedSeal calculates the access permitted between every two points in your infrastructure. By clicking anywhere on the map, you ll instantly see what access is permitted to and from that point to every other point in your network. MEASURE NETWORK SECURITY PERFORMANCE Proper management of network security performance requires accurate measurement of its effectiveness. RedSeal automatically calculates network security metrics as part of every analysis. Each metric is tracked over time making it easy to demonstrate return on investment and quickly detect changes that create new risks. Users can also drill into each metric to determine the root cause of any changes. RedSeal provides a series of metrics and dashboards out-of-the-box and you can create your own. In this screen shot, RedSeal shows every subnet that can access the datacenter. Click on a line for details of the allowed flows. UNDERSTAND ACCESS BETWEEN SECURITY ZONES To deliver defense-in-depth, many organizations architect their network into security zones and control access between them. RedSeal allows you to group subnets and systems into zones and automatically calculates the access enabled between them. With this capability, you can instantly identify if their is unwanted access between security zones. CONTINUOUSLY VALIDATE ACCESS CONTROL POLICIES Regulatory mandates, such as PCI DSS, SOX, FISMA, HIPAA and NERC CIP, incorporate specific requirements for network security. Internal security policies supplement these external mandates with additional restrictions on network-level access. With RedSeal, you can define policies for what traffic should be permitted or denied between security zones. RedSeal automatically validates that your network configuration actually enforces these policies, enabling you to continuously maintain compliance. Plus, RedSeal s policy engine documents justifications for access and supports time-limited exceptions, ensuring that temporarily authorized access does not inadvertently become permanent. RedSeal trends network security metrics over time. Click any of the links at the bottom to see details. VERIFY DEVICE CONFIGURATION POLICIES In addition to access rules, many other configuration parameters of network devices can impact your security. By comparing each device configuration against over 100 best practices, RedSeal automatically verifies that all of your devices are configured to meet industry best practices. In addition, RedSeal enforces your internal policies by verifying that configurations comply with custom criteria. In this screen shot, RedSeal shows every subnet that can access the datacenter. Click on a line for details of the allowed flows. 3

IMPROVE NETWORK SECURITY OPERATIONS OPTIMIZE THE RULEBASE ON FIREWALLS & ROUTERS Over time, firewall rules often become obsolete. As these unused rules accumulate, they increase the complexity of managing the firewall and pose potential security risks. RedSeal automatically evaluates firewalls and routers to determine rules that are unneeded and unused. It identifies rules that can be removed without changing the security function because they are disabled, time inactive or redundant. For rules that are active, RedSeal reports on the frequency and timeframe of each rule s use. This makes it easy to identify rules that are no longer being used, as well as improve performance by reordering the rulebase. RELIABLY ENABLE ACCESS TO APPLICATIONS Requests to enable end-to-end access often require changes in multiple network devices. RedSeal analyzes each access request to determine the devices required to provide that access. It then identifies which devices (if any) are currently blocking the desired access and pinpoints the specific rules and ACLs that require change. This reduces fire drills during the change window and ensures that the requested access will be reliably enabled. RedSeal identifies configurations that violate policy. Select a violation and RedSeal will highlight its location in the configuration. ISOLATE CAUSES OF UNWANTED ACCESS In a complex network, it is very difficult to determine what devices and rules are responsible for unwanted access. RedSeal automatically identifies the set of devices that collectively enable access between any two points in your network. Within the devices, it even pinpoints the exact rules that enable the traffic flow. INITIATE, TRACK AND VERIFY TROUBLE TICKETS Once you have decided to take action, RedSeal makes it easy to assign a task and ensure that it is correctly completed. By clicking on any policy violation, RedSeal automatically opens a trouble ticket in the BMC Remedy Action Request System. From within RedSeal, you can view and track the status of the ticket as it is assigned and resolved. And, once the ticket is closed in Remedy, RedSeal will verify that the policy violation has actually been addressed before marking it complete. RedSeal identifies rules that are never or infrequently used to reduce rulebase complexity. ADDRESS AUDITOR CONCERNS & AVOID FINDINGS Demonstrating compliance to the never-ending stream of security auditors consumes significant time and resources from your team. RedSeal s policy validation capabilities automate control testing, reducing the risk of findings in your audits. In addition, RedSeal s reports detail your controls and validate that they are operating as intended. And because RedSeal software itself is an automated control, auditors often require significantly less sampling to sign off on your security, saving your organization time and expense. RedSeal pinpoints the devices and rules that both enable and block access between any two points on your network. PRODUCT OVERVIEW RedSeal Network Advisor & Vulnerability Advisor 5 4

REDSEAL VULNERABILITY ADVISOR 5 Vulnerability Risk Management KEY BENEFITS Most large enterprises identify thousands of vulnerabilities every time they conduct a vulnerability assessment. But scanning for vulnerabilities is the easy part figuring out which vulnerabilities truly matter is the real challenge: IDENTIFY VULNERABILITIES REQUIRING IMMEDIATE ACTION RedSeal automatically prioritizes all vulnerabilities based on risk posed to the enterprise. SPECIFY NETWORK MITIGATION OPTIONS RedSeal automatically discovers the exact network path, devices and rules that expose a vulnerable host. ASSESS THE RISK OF CHANGE REQUESTS RedSeal evaluates the security impact of a requested change, before the change is implemented. PINPOINT AREAS TO SCAN RedSeal identifies the areas of your network that require scanning because of exposure to untrusted networks. KNOW WHEN TO SCAN RedSeal identifies applications and services that require scanning because of new vulnerabilities. Is critical financial information at risk because a vulnerability is exposed to the Internet or extranet? Has a vulnerability already been effectively mitigated with net work level controls? Do vulnerabilities in minor systems allow a hacker to leapfrog to more critical systems? Prioritizing remediation efforts is key to effective vulnerability management. Unfortunately, the prioritization offered by scanners doesn t take into account the exposure and protection provided by your network infrastructure. RedSeal Vulnerability Advisor transforms scanning into actionable vulnerability management. It gathers the configurations of all your network devices firwalls, routers, load balancers, wireless access points, and more and combines this information with your vulnerability scans. It identifies where vulnerabilities are exposed to untrusted networks and generates a prioritized list of the vulnerabilities that cause the greatest business risk. Finally, RedSeal identifies gaps in your scanning so you know where to extend coverage to be secure. With RedSeal Vulnerability Advisor, you ll know exactly which vulnerabilities require immediate action and what action to take. You ll gain assurance that your scanning activities are comprehensive enough to truly identify the risks to your business. You ll demonstrate to your auditors and management team that your vulnerability management process complies with regulations and policy. And, most importantly, you ll be confident that you are effectively protecting your critical systems and information. 5

ACT ON EXPOSED VULNERABILITIES QUICKLY AUTOMATICALLY PRIORITIZE REMEDIATION EFFORTS The most daunting challenge facing your security team is not executing a vulnerability scan, but knowing what to do with the scan results. Where do you start when faced with thousands of vulnerabilities? How do you determine which vulnerabilities present enough business risk that they require remediation outside your normal patch process? RedSeal automatically prioritizes vulnerabilities by analyzing them in the context of your network access. To identify the most critical vulnerabilities, RedSeal evaluates: Direct exposure of a vulnerability to untrusted networks Indirect exposure of a vulnerability to untrusted networks through other vulnerable hosts The potential for a vulnerability to allow an attacker to leapfrog deeper into the network RedSeal shows every subnet that can be attacked from the Internet or extranet. Click on a threat vector for details of the exposed vulnerability. The business value of the vulnerable host The severity of a vulnerability based on the Common Vulnerability Scoring System (CVSS) With RedSeal, you ll know which vulnerabilities require immediate action and will be able to justify this action to your operations group. You ll have comprehensive reports of all of your vulnerabilities prioritized by upstream exposure, downstream risk and overall risk to your business. MEASURE VULNERABILITY RISK MANAGEMENT PERFORMANCE Ensuring risk reduction efforts are effective requires constant measurement. RedSeal automatically calculates vulnerability risk metrics as part of every analysis. Each metric is tracked over time making it easy to demonstrate return on investment and quickly detect changes that create new risks. Users can also drill into each metric to determine the root cause of any changes. RedSeal provides a series of metrics and dashboards out-of-the-box and you can create your own. RedSeal provides dashboards for tracking risk metrics. Select a metric to drill-down into the details. ASSESS THE RISK OF CHANGE REQUESTS Change requests often require network operators to open new access holes through the network security infrastructure. RedSeal allows the operations team to evaluate the security impact of the request before implementing it. RedSeal identifies if the change will expose any vulnerabilities as well as if newly exposed systems could act as launching points for attacks deeper into the network. IDENTIFY NETWORK MITIGATION OPTIONS Frequently, vulnerable systems cannot be taken offline for patching due to business availability requirements. With RedSeal you can eliminate unnecessary network exposure of a vulnerability, reducing risk until the vulnerability can be remediated during the next patch window. RedSeal automatically identifies every device and rule that expose the vulnerability to untrusted networks. In addition to patching options, your security team can easily mitigate the vulnerability by changing these rules to eliminate the exposure. RedSeal assesses the risk of change requests before the change is made, highlighting both potential direct vulnerability exposure and downstream risk. PRODUCT OVERVIEW RedSeal Network Advisor & Vulnerability Advisor 5 6

INITIATE, TRACK AND VERIFY TROUBLE TICKETS Once you have decided to take action, RedSeal makes it easy to assign tasks and ensure they are correctly completed. By clicking on any vulnerability, you can open a trouble ticket in the BMC Remedy Action Request System. Within RedSeal, you can view and track the status of the ticket as it is assigned and resolved. And, once the ticket is closed in Remedy, RedSeal will verify that the vulnerability has actually been remediated. IMPROVE YOUR VULNERABILITY MANAGEMENT VALIDATE COMPLETE SCAN COVERAGE Given the size and complexity of networks, identifying network segments that require vulnerability scanning is a daunting challenge. RedSeal automatically assures that your scan coverage is comprehensive enough to find high risk vulnerabilities. RedSeal pinpoints areas of your network that are exposed to untrusted networks but that have not been scanned. RedSeal will also prioritize those unscanned areas that could enable attacks deeper into your infrastructure. RedSeal identifies the exact devices and rules that expose a vulnerability making it easy to mitigate with a network control. VERIFY VULNERABILITY ASSESSMENT IS UP-TO-DATE Vulnerability scanning is an intrusive process that can cause system outages, so security teams usually scan only when absolutely necessary. With RedSeal, you ll be able to minimize scanning and still keep your systems secure. RedSeal automatically identifies hosts where scanning may be out-of-date. When a new application vulnerability is added to the National Vulnerability Database, RedSeal pinpoints systems where that application is exposed and flags those hosts for re-scanning. The RedSeal risk map highlights exposed, un-scanned subnets in red. The risk map is a dynamic heat map for analyzing threat and risk data. ADDRESS AUDITOR CONCERNS & AVOID FINDINGS Demonstrating compliance to the never-ending stream of security audits consumes significant time and effort from security teams. RedSeal s automated control testing enables defensible decision making by your organization, which will reduce findings. Additionally, RedSeal s reports demonstrate effective management of business risk and prove that compensating controls effectively mitigate vulnerabilities. 7

HARDWARE REQUIREMENTS You can purchase RedSeal software pre-loaded on a hardened RedSeal appliance or install the software on your own hardware that meets these requirements. SERVER REQUIREMENTS Windows 2003 or 2008 Enterprise Server 64 bit Sun JRE 6 CPU: 2 cores 16 cores, depending on network complexity RAM: 8 GB 128 GB, depending on network complexity Disk: 250 GB minimum CLIENT REQUIREMENTS Microsoft Windows 7 or Windows XP SP3 Sun JRE 6 update 17 RAM: 2 GB DEVICE & SYSTEM SUPPORT RedSeal has built-in support for the following network devices, vulnerability scanners and other systems. RedSeal Professional Services can provide additional support. NETWORK DEVICES Arista EOS v4.7 Brocade BigIron/FastIron v8 Brocade ServerIron XL v7.5 Check Point Provider-1 R75, R71, R70, R65 Check Point VPN-1 Power & VPN-1 UTM R75, R71, R70, R65 Check Point VPN-1 Power VSX R75, R71, R70, R65 Cisco ACE va4 Cisco ASA 8.4 Cisco FWSM v3-4 Cisco IOS v11.0-15.0 Cisco NX-OS v5.1 Cisco PIX v7-8 Cisco VPN3000 v4 Cisco Aironet v12.3 and v12.4t(5) Citrix NetScaler v9.2 F5 BigIP v10.2 Fortinet FortiOS v4.0 Juniper Netscreen ScreenOS v6 Juniper JunOS v8.5, 9.3, 10.0, 10.1, 10.4 McAfee Enterprise Firewall v7 (Sidewinder) VULNERABILITY SCANNERS eeye REM v3.7.9 McAfee Vulnerability Manager v7.0.1 ncircle IP360 v6.8.9 Qualys QualysGuard v6.15 Rapid7 NeXpose v4.12 Tenable Nessus v4.2 TROUBLE TICKET SYSTEMS BMC Remedy Action Request System v7.5 BMC Remedy Service Desk Problem Management v7.0.3 CONFIGURATION MANAGEMENT SYSTEMS HP Network Automation v9.0 Solarwinds Orion NCM v6.0 Tripwire Enterprise v8.0 SECURITY MANAGEMENT SYSTEMS McAfee epolicy Orchestrator v4.5 Copyright 2011 RedSeal Systems, Inc. All rights reserved. RedSeal and the RedSeal logo are trademarks of RedSeal Networks, Inc. RedSeal Networks, Inc. 3965 Freedom Circle, 8th Floor, Santa Clara, 95054 Tel (408) 641-2200 Toll Free (888) 845-8169 www.redsealnetworks.com

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information