Firewall & Network Security Management
You CAN have it all. SPEED + SECURITY.
FireMon has been at the forefront of the security management category, delivering first-ever functionality such as firewall behavior testing, workflow integration, traffic flow analysis and rule recertification. Our solutions have helped more than 1,700 organizations around the world gain visibility into and control over their complex network security infrastructures.
SOLUTIONS
- Automation
- Security Manager
- Global Policy Controller
- Policy Planner
- Policy Optimizer
- Lumeta
- Risk Analyzer
- Immediate Insight
The path to digital transformation is paved with a sophisticated threat landscape, a security staffing shortage, emerging technologies, and the inability to keep up with business demands. See how automation can streamline your security workflows and boost your operational efficiency to drive innovation at the speed of business without sacrificing security.
FireMon Automation delivers a comprehensive blueprint for security process automation that accelerates and streamlines policy management through trusted accuracy, gold standards, and proactive continuous compliance.
Key Benefits:
-
Automate At Your Pace and Confidence Level – FireMon Automation delivers a comprehensive set of security policy automation capabilities that drive smart security process automation to effectively address your unique use case, infrastructure, or compliance requirements. Our multi-level approach drives efficiency, agility, and efficacy by aligning automated tasks to your specific requirements and gives you the flexibility to manage your automation journey at your pace and confidence level.
-
Recalibrate Global Security Policy with Continuous Adaptive Enforcement – Our patent-pending FireMon Compute Engine serves as the underlying technology that powers FireMon Automation. With always-on detection of network configuration changes across your heterogeneous, hybrid environment, the FireMon Compute Engine delivers Continuous Adaptive EnforcementTM that transparently adapts and recalibrates your global security policy to keep you focused on what matters most – security.
-
Streamline and Accelerate Security Efficiency – FireMon Automation improves security efficiency through integrated threat and vulnerability management. Using a rich set of APIs, FireMon integrates with security, orchestration, automation and response (SOAR) solutions to provide another layer of security against malicious activity. By becoming a critical integration point, FireMon accelerates global security policy delivery while reducing complexity and human error.
Maintaining a strong security and compliance posture requires comprehensive visibility across your entire network. See how you can gain real-time visibility and control over your complex hybrid network infrastructure, policies and risk.
Security Manager provides real-time visibility, control, and management for network security devices across hybrid cloud environments from a single pane of glass.
Key Benefits:
-
Achieve Continuous Compliance – Security Manager provides automated compliance assessment capabilities that help you validate configuration requirements and alert you when violations occur. Whether you need audit reports ready out-of-the-box or customizable reports tailored to your unique requirements, Security Manager reduces the time you spend configuring policies and gives you the confidence that you’re ready to meet your regulatory or internal compliance audit demands.
-
Optimize Vulnerability Management – Through real-time traffic flow analysis, Security Manager tracks behavior across your hybrid network to identify which applications are being used in a rule and between sources and destinations. You can also correlate your vulnerability scans with Security Manager’s access path analysis to trace every available access path across the network to effectively reduce your network’s attack surface with a defined path to remediation.
-
Automate Security and Orchestration – With Security Manager, you can easily create, maintain, and distribute security policies in highly dynamic environments, as well as scope the impact of proposed policy changes on your compliance and security posture. Real-time change analysis documents the who, what, when and why of every change and establishes a baseline for normalized device rules. By automating and orchestrating change management, Security Manager ensures your ability to operate at scale across your cloud, virtual and hybrid environments.
-
Minimize Risk and Complexity – Security Manager helps you maintain policies on your network security devices to eliminate unnecessary access and risk. With comprehensive rule analysis and automated workflows for rule review, you can remove technical mistakes and misconfigurations, remove unused access, and review and refine access to optimize the performance of your devices, reduce policy complexity and enhance your security profile.
-
Scale with Your Network Evolution – Security Manager’s unmatched scalability, in-depth analysis and third-party integration enables real-time, centralized visibility and control as your hybrid network evolves. You can perform simultaneous analysis and normalization across multiple platforms and vendors while splitting out reporting functions on a dedicated appliance, and retain data indefinitely without any system performance degradation. Our flexible and dynamic API lets you incorporate information you’re your third-party solutions for comprehensive, centralized network security assessment and management.
As enterprises navigate major technology shifts across disparate computing environments, the management of network security becomes so complex that delays, outages and security lapses are common and costly.
Global Policy Controller delivers continuous intent-based security and orchestration for complex hybrid environments, giving both security and business stakeholders a single, consistent operating model that improves security, increases agility and reduces cost.
Key Benefits:
-
Automate At Your Pace and Confidence Level – FireMon Automation delivers a comprehensive set of security policy automation capabilities that drive smart security process automation to effectively address your unique use case, infrastructure, or compliance requirements. Our multi-level approach drives efficiency, agility, and efficacy by aligning automated tasks to your specific requirements and gives you the flexibility to manage your automation journey at your pace and confidence level.
-
Translate Business Intent to Security – Global Policy Controller enables you to define and translate business intent to allow the context of your network assets and your security policy to automatically determine and enforce necessary access using your existing infrastructure. Efficient, compliant security configurations are automatically delivered in seconds with zero human touch.
-
Gain Visibility to Application Connectivity – Global Policy Controller shows how all of your assets are connected to each other, so you understand the dependencies for a particular application. Through a map-like interface, you can view the connectivity between a selected object and all other objects and assign tags the object is configured to reach.
-
Enable DevOps Agility – Bridge the gap between DevOps, security managers and business leaders with a consistent operating model that improves security and agility while reducing costs. Global Policy Controller accelerates speed to market by giving DevOps and other application owners the ability to manage and control their own business access requirements with guided “self-serve” security and embedded security guardrails that automatically distributes the right rules to any enforcement point.
-
Orchestrate Continuous Security – With Global Policy Controller, you can design and manage a single, global policy across your hybrid infrastructure without introducing new risk. With real-time visibility across your on-premise, virtual, cloud and container platforms, you can adapt to network changes instantly and implement and manage your global security policies from a single, integrated interface to enforce a continuous state of security.
-
Architect Zero Trust and Microsegmentation – Global Policy Controller supports your Zero Trust approach to define, design and implement security policies down to the most targeted levels and segments within your hybrid network, and employs robust APIs to enable integration for centralized visibility and orchestration. Microsegmentation rules can be implemented down to the workload or application to reduce the risk of unauthorized lateral movement, reduce your overall attack surface and drive operational efficiency.
Managing multiple, decentralized network devices across multiple environments can increase complexity and risk of misconfigurations. See how you can reduce your network risk with end-to-end policy orchestration and automation.
Policy Planner delivers intelligent, automated workflow and provisioning that enables network security and operations teams to implement the right changes with absolute precision across the entire rule lifecycle.
Key Benefits:
-
Automate Change Management – Policy Planner delivers comprehensive rule lifecycle management to help you manage and automate every stage of the change management process. Workflows can be customized and automated to conform to your security goals and standards, with tools at your disposal to evolve policy and protection over time.
-
Assess Risk in Real-Time – Policy Planner instantly assesses and communicates risk associated with new access requests. You can detect when new access will uncover vulnerable systems, scope proposed changes prior to implementation and streamline the approval process for access requests that don’t affect your risk profile. Policy Planner gives you the visibility you need to prevent the introduction of potentially problematic settings.
-
Analyze Rule Set Behaviors – Policy Planner examines the current behavior of your rule sets and determines any necessary changes in real-time. Policy Planner’s insight into any requests that duplicate access that is already accounted for, as well as any rules that allow similar access to a new request, reduces complexity and increases the efficiency of your hybrid network.
-
Ensure Compliance and Best Practices – Policy Planner ensures that newly added rules or configuration changes meet your existing compliance policies and best practices during the rule planning stage. You can configure different checks for different device groups and view audit results to verify rule changes prior to implementation to ensure compliance requirements.
-
Automate At Your Pace and Confidence Level – FireMon Automation delivers a comprehensive set of security policy automation capabilities that drive smart security process automation to effectively address your unique use case, infrastructure, or compliance requirements. Our multi-level approach drives efficiency, agility, and efficacy by aligning automated tasks to your specific requirements and gives you the flexibility to manage your automation journey at your pace and confidence level.
-
Integrate Business Processes – Policy Planner integrates with your existing process management solutions and adheres to Business Process Model and Notation (BPMN) best practices. Your business and technical teams can utilize workflows, templates and ticketing flows specific to their requests, increasing efficiency for your business.
As networks evolve and access requirements shift, security controls can become outdated, potentially compromising compliance and increasing risk. See how you can automate policy review to improve your security posture and achieve continuous compliance.
Policy Optimizer automates the change review process and streamlines rule justification and clean-up efforts to optimize performance and ensure continuous compliance with internal and external standards.
Key Benefits:
-
Automate Policy Review – Policy Optimizer automates the change review process to help you tame out-of-control, outdated or undocumented rules. You can assign review tasks based on existing properties and documentation, and streamline your workflows that fit your standard practices to document, recertify, decommission and report on every policy.
-
Review Event-Driven Rules – Policy Optimizer enables you to automatically identify rules that require immediate analysis based on real-world events. Event-driven rules are analyzed on criteria including time-frame expiration, critical security control failure, periodic review or ad-hoc query to determine the appropriate remediation.
-
Customize Workflows – Policy Optimizer enables you to customize the built-in workflow and integrate with your existing management systems (e.g. ServiceNow, BMC Remedy, etc.) to meet your unique requirements. When integrated with FireMon Policy Planner, Policy Optimizer can be extended to create change tickets for removable rules and invoke application-level recommendations.
-
Improve Performance and Best Practices – Policy Optimizer pulls detailed information regarding each reviewed rule with the option to approve or reject current rule configurations. You can work with your business teams to remove non-compliant rules that can impede firewall performance and cause service interruptions to establish a baseline for best practices.
-
Maintain Continuous Compliance – Policy Optimizer makes it easy to ensure your internal compliance effort, as well as external compliance with regulatory standards including PCI DSS, NERC-CIP, HIPAA and SOX. You can produce reports detailing rule review decisions for auditors, customize reports to suit your specific requirements and maintain a repository of change documentation.
Disparate security management tools for cloud and physical networks limit visibility of shadow networks and clouds that will harbor unknown threats. See how you can gain real-time visibility to identify and eliminate your hybrid infrastructure blind spots.
Lumeta is a real-time visibility, vulnerability, and risk management solution that enables cloud, network, and security teams to find and secure unknown, rogue and shadow clouds, network infrastructure, and endpoints.
Key Benefits:
-
Real-Time Situational Awareness – Gain real-time visibility into your dynamic infrastructure including cloud, virtual, physical, software-defined network infrastructure, endpoints, and operational technology (OT)/Internet of Things (IoT). With Lumeta, you can eliminate 100% of your blind spots and monitor changes or unusual behaviors to eliminate any gaps in coverage that may leave you exposed.
-
100% Hybrid Cloud Visibility – Lumeta discovers, maps and alerts on topology changes across the entire hybrid enterprise, including multi-cloud environments. Delivering a holistic view across all of your physical and virtual/cloud infrastructures, Lumeta CloudVisibility provides an authoritative perspective for your enterprise security operations center (SOC) to prioritize issues for remediation and ensure network protection.
-
Real-Time Breach Detection – Lumeta monitors the hybrid infrastructure for telltale signs of nefarious activity and prioritizes findings for investigation and remediation. With Lumeta, your threat intelligence feeds are made actionable to correlate a comprehensive understanding of your enterprise’s active IP address space against known threats as new threat data becomes available, and as new endpoints connect to the network.
-
Identify Leak Paths – Lumeta discovers and monitors every cloud account, network, path and endpoint for changes in real-time to identify new leak paths that are often due to misconfigurations or malicious activity. Lumeta finds inbound and outbound leak paths to the Internet, virtual private cloud, in between network-segmented, firewalled enclaves, or across IoT/OT environments.
-
Recursive Network Indexing – Lumeta uses a unique patent-pending technology to produce a comprehensive network summary that includes a recursively crawling cycle of targeting, indexing, tracing, monitoring, profiling, and displaying a network’s state. Through passive and active methods, you get a view of your entire infrastructure, including cloud instances and assets, as well as all IPv4/IPv6 connections and devices.
The complex nature of hybrid networks combined with patching an endless number of vulnerabilities can impede your ability to assess your security risk. See how you can optimize your patch management and reduce the attack surface across your hybrid network.
Risk Analyzer provides best-in-class vulnerability management through real-time risk analysis and threat modeling to uncover exposures, score network risk and prioritize remediation.
Key Benefits:
-
Calculate Network Reachability – Risk Analyzer allows you to see and manage your network’s risk posture in real-time. Risk Analyzer’s enterprise-ready architecture handles large, complex hybrid networks with tens of thousands of hosts and security results and can easily calculate an attacker’s potential accessibility to your network and assess the potential damage.
-
Simulate Potential Attacks – Risk Analyzer can trace possible paths that attackers might use to gain access to your critical assets. With Risk Analyzer, you can determine where multiple exploits could be used in combination to penetrate your network. Using visual attack paths and zero-day attack graphs, you can assess an attack’s impact and prioritize patching accordingly or adapt device rules to reroute access to address the risk immediately.
-
Score Attack Simulations – Risk Analyzer can score all attack simulations for risk and impact and then re-score once you’ve made improvements to determine the impact changes. You can get a complete score of your network risk with a user dashboard that gives you real-time visibility of your risk posture by policy rule and asset.
-
Analyze “What If” Scenarios – Risk Analyzer enables you to virtually patch systems and repeat risk analysis to compare various patch scenarios to ensure the biggest impact on efforts. You can also determine where multiple exploits can be used in combination to reach an asset as well as assess any potential impact to other parts of your network.
-
Remediate Exposures – Risk Analyzer integrates with your vulnerability management solutions (Qualys, Rapid7 and Tenable) to measure risk and identify potential attack penetration in your network. By collecting and reporting on the real-time configurations of network access controls deployed on your network security devices, Risk Analyzer delivers accurate remediation recommendations so that you can prioritize and optimize your patch management strategy.
Today’s volume of security data far exceeds your team’s capacity to assess its potential risk. See how you can accelerate the discovery of the unknown in your hybrid cloud.
Immediate Insight is a threat hunting and investigation platform that analyzes, investigates, and automates threat detection and response.
Key Benefits:
- Collect the Data – Immediate Insight brings ease and flexibility to the data collection process to quickly and effectively determine the risk level of a security event. You can automatically receive streams of structured and unstructured data and eliminate parsing with natural-language-based entity extraction and field attribution.
- Analyze the Data – Out-of-the-box analytics automatically enriches and optimizes data for real-time analysis. You’ll be able to see anomalies and non-obvious associations across large datasets and directly navigate huge volumes of data. You can configure a summary view of common entities, automatically group similar data, and compare arbitrary groups of data over time.
- Explore the Data – Analytics-enabled views and tailored data exploration workspaces enable you to see suspicious events and data without learning a query language. You can save searches to the Pinboard to see volume and trends, filter views by any criteria, and access powerful data analytics using natural language.
- Collaborate in the Data – An integrated “social” framework enables your team to tag interesting data to inject context directly to, and collaborate in, the machine and human data used for threat hunting and detection. The system captures the context and leverages analytics to accelerate event triage. You can add custom context through tags and follow users’ social style.
- Orchestrate Analysis – Streamline and automate your data assembly, enrichment, and analysis processes. Data Router enables custom actions such as auto-tagging, programmable field extraction, JSON processing, and custom scripting. Active Collectors can be configured to manually or automatically capture data that returned a command line program, script, or API call.
Discover how SecureNation can help you better protect your IT assets.