Archive for the ‘FireMon News’ Category

Disaster Recover (DR) and back up long ago became staples of a competent network and security strategy. Backing up databases, applications and data can be as simple as setting up a schedule or deploying a service to automate it for you.

Though, much like the mechanic who doesn’t take care of his own car, backing up security and network device configuration is often overlooked and falls between the cracks. It’s just as important to back up security and network devices as it is to back up applications and other data.

Wouldn’t it be great if there was a solution that was tailor-made for backing up security and network devices? Something purpose-built for firewalls, routers, switches, content filters and load balancers?  Now there is!

FireMon is happy to announce the newest member of the FireMon suite of enterprise security management solutions: we call it BackBox. It is purpose built for security and network devices. Scalable and secure, with extensive multi-vendor support, BackBox offers central and secure backups that are verified to make sure you have everything backed up that you would need to restore in case of an incident.

BackBox also offers real-time reporting with a live dashboard and a full DR implementation plan to follow when you need to activate it.

All of these are custom tailored to security and network devices. When these devices go down, time is money. You want something that is going to get those devices back up and running as quickly as possible!

Here is a list of some of the devices BackBox supports:

Check in soon for more BackBox updates!

What are your plans for Black Hat/DefCon/B-sides Las Vegas? It’s just two weeks away and the buzz has been building. Like most of the industry, FireMon will be in Vegas learning, sharing and working with security professionals from all over the world. It is a great set of events and really brings the security world together.

But all work and no play makes for a dull security day. So, when the sun goes down and the lights of the Vegas strip come on, FireMon wants you to party! We are sponsoring two events that are sure to be some of the hottest in town:

Along with our friends at FishNet Security, join us at the Rhumbar at the Mirage!
- What: Drinks, appetizers and some Salsa Dancing. Get your wristband from a FishNet Security Rep at Blackhat or at the Rhumbar door. – Make sure to bring your business card to be entered into the raffle!
- Where: The Rhumbar at the Mirage
- How to register: http://ow.ly/5xlIb

FireMon and Rapid7 Party in Moon at the Palms
- What: The party will take place in Moon at the Palms Hotel. Moon is the exclusive penthouse nightclub that occupies the top floor of the Palms’ Fantasy Tower. Moon is unlike any other Las Vegas nightclub. Color-changing glass tiles cover the floor and curtains of glass beads project striking visual imagery. A brilliant architectural achievement, a massive retractable roof opens to provide a magnificent view of the stars above.
- When: Wed, August 3, 9pm-2am
- Where: Moon at the Palms Hotel
- How to register: http://www.rapid7.com/forms/blackhatrsvp-firemon.jsp

What’s that you say? You’re not going to make it to Vegas? You can still meet and mingle with FireMon and learn security by joining us at the B-sides LA event, August 18th and 19th. FireMon’s own Jody Brazil will be presenting!

FireMon will also be appearing at and hosting a series of events throughout the country and we’ll post a full schedule here on the blog shortly. But, if you can’t wait for any of that and want to speak to us now you can always call or email us!

Our very own president and CTO, Jody Brazil, was the guest this week on the Security.Exe podcast, hosted by security blogger/podcaster Alan (ashimmy) Shimel.  Jody is a returning guest to the show, having appeared several times over the years on the popular podcast.

In this episode, Jody talks about recent developments at FireMon including the forthcoming Risk Analyzer product line. Additionally, Jody and Alan talk about the general state of security and recent events in the security industry. The interview is about 20 minutes long and well worth listening to!

When FireMon announced that it had acquired Saperix Technologies and their patent pending, MIT Lincoln Labs developed, risk analysis technology, many people nodded their heads but didn’t really understand why we were so excited.

While risk analysis on its face sounds like a no brainer for an information security company, not everyone may be familiar with the use cases around this type of technology. Risk analysis is often not about eliminating risk. That is pretty much impossible. Risk analysis is more about managing risk to an acceptable level for your organizational needs.  

We wanted to give you three use cases to familiarize you with what can be accomplished with risk analysis. These use cases are general and apply to the broad category of risk analysis. In our next post, we’ll discuss how to calculate risk for an enterprise network so be sure to check back soon.

Here are three scenarios where risk analysis solves mission-critical issues:

1. Measuring Risk: How does one quantify risk? Of course, not all risks are created equal. Some risks represent greater risk (pun intended) than others. So how do we assign a value to risk, quantify it and compare multiple risks, which is essential in prioritizing risk reduction activities?

Risk analysis in general and FireMon’s Risk Analyzer in particular give executives insight into what their risks are, assigns prioritization scores to different risks and shows what remediation and other activities can reduce risk the most. This way, risk managers can decide how to use limited resources to get the “biggest bang for the buck” in reducing and managing risk.

2. Prioritize Vulnerabilities: Unfortunately, today’s networks are “target rich environments” with vulnerabilities often outstripping an organizations ability to cure them. In this type of situation, prioritizing which vulnerabilities to remediate first to reduce and manage risk is essential. While many vulnerability management solutions will assign priorities to vulnerabilities based on criticality of vulnerability and importance of the asset, these can be rather subjective. 

A risk analysis solution such as FireMon’s Risk Analyzer goes beyond the subjective and looks at other factors such as network configuration. Adding this additional level of context can drastically change the priority of remediation. Also, by analyzing which particular remediation will solve the greatest number of vulnerabilities again allows an organization to have greater insight and control of managing risk.

3. Preventing Attack Propagation: With blended attacks, advanced persistent attacks, spear phishing and other sophisticated attack techniques, often times the initial target of an attack is not the actual payday target of an attacker. Many times, intruders may first target a less-protected, non-critical asset on the network. However, once establishing the beachhead, the hackers use this “inside” base to then propagate an attack against other assets on the network. Because they are originating inside the network already, they are often invisible to perimeter defenses. Risk analysis can highlight how an attack can propagate through the network. Risk Analyzer can actually show graphical views of how an attack can propagate through a network and what paths it may take. In this case, forewarned is forearmed. Knowing how an attack may propagate, network admins can be on the lookout and thwart these dangerous attacks.

Hopefully this will give you a better idea of how important risk analysis is. Stay tuned for our next post where we’ll discuss how to calculate risk for an enterprise network.

Proactive, complete network attack simulation and risk measurement solution allowing you to assess the security of your most valuable assets.

When FireMon announced the acquisition of Saperix Technologies and their MIT- Lincoln Labs developed risk analysis technology, many in the market asked when they might see this technology find its way into the FireMon product line. At the time of the acquisition we weren’t in a position to give exact dates, but instead said “as soon as possible.”

Today we are still not in a position to give an exact date, but I’m happy to report that it will be sooner than later. In fact, we have already put up a page on our website that details some of the unique, exciting features that FireMon Risk Analyzer will have. Be sure to download the data sheet on the left-hand side of the web page for even more detail about this newest member of the FireMon Security Suite.

FireMon Risk Analyzer will join FireMon Security Manager and FireMon Policy Planner as part of this best-in-class suite.

We will be making more announcements about the upcoming release of FireMon Risk Analyzer very soon. You can subscribe and read about it here on our blog, or follow us on Twitter or Facebook to stay in the loop.

What we can tell you is that this is a game changer for both FireMon and the security management space. If you’re interested in finding out more now you can contact sales@firemon.com to speak with someone from our team.

Fresh off of the InfoSec Europe security conference I am still invigorated.  From my prior post you can see that we had a great show speaking to existing and potentially new customers. But the thing I realized this week is that InfoSec Europe has become an anchor event for the security industry in Europe.

Between the SC Magazine Europe Awards, B-sides London, CSA event, not to mention the FireMon Welcome Reception (had to throw that in), the conference has spawned an entire security ecosystem of events around it. While I have my frustrations with trade shows being so product versus solution or information focused, they do draw a crowd.  And this crowd of 12000+ attendees now has more than just a trade show in which to participate.  InfoSec Europe had all the feel of a major event. As big as RSA or Black Hat, I think InfoSec Europe is where to be if you are a player in the security industry.

We had a great time meeting and greeting friends old and new.  Also, our own Alin Srivastava was featured on Infosecurity Europe TV.  You can see the interview below. Congratulations to the team at InfoSec for putting on such a great show. Looking forward to next year already.

In the meantime, the FireMon team will be at a number of other shows, including next week’s Check Point Experience Barcelona on May 4-5!

One thing though is that whether it be InfoSec Europe, RSA, Black Hat or even local ISSA conferences, what we hear from people is pretty much the same. As I wrote in my last piece, security needs management! Even if you have the tools, using them correctly and efficiently is a challenge. Taking these ideas we hear and conveying that back to the FireMon product team is one of the most important functions of us attending shows like this.

As we have written before, all of us here at FireMon are really excited about the acquisition we announced this week of Saperix Technology and their patented risk analysis technology. But it looks like we are not the only ones:

Lawrence Walsh of Channelnomics gives his thoughts on the deal. You can read it here. Our favorite quote: “Perhaps 10 years from now the security world will mention FireMon in the same breath as Symantec, McAfee and Trend Micro“. That would be nice, but we have bigger plans than that even!

Alan Shimel on his Ashimmy, After All These Years Blog wrote that we had leapfrogged the competition.

DarkReading covered the news here.

The Kansas City Business Journal also covered the story here.

Stay tuned for more news on this soon!

Authors Note: CRN did a nice piece covering the story too!  You can read all about it at: http://www.crn.com/news/security/229402206/firemon-buys-risk-analysis-firm-plans-to-add-government-vars.htm

Related articles

FireMon Leapfrogs Competition In Risk Analysis (ashimmy.com)

Secure Passage Integrates with SIEM (blogs.channelinsider.com)

FireMon Booth at the InfoSec Europe Show 2011

I am in London this week, attending the InfoSec Europe show.  Being on the show floor, I have had the opportunity to speak with a number of people from a wide range of companies.  Irrespective of  title or industry there is one constant: security needs management.  In each of these conversations, as we share what solutions FireMon provides, the responses vary, but the sentiment is the same:  “FireMon is something we need.”

A very good example of this was a conversation I had with a services company about their pain points.  Managing over 500 firewalls, they know there are significant issues that need to be addressed.  In their words:  “With such a complex environment, we know there are issues that we need identify and remediate.  We believe we could consolidate our security infrastructure by up to 40% if only we knew what each firewall is truly doing.”

There are a lot of capabilities in the FireMon solution, but one of the core building blocks of the system is its analysis capabilities to provide visibility into firewall behavior.  To Identify technical issues, like ineffective rules or functional issues and  rules that are unused.  Firemon’s ability to analyze traffic behavior through the firewall to understand how it is being used.  Finally our ability to perform all functions of policy analysis from basic behavior searching to complex virtual testing.  These are the tools necessary to shine a light on firewall configuration, to understand how it behaves and how it can be improved.

The specific needs vary from customer to customer, but the general message is consistent:  security needs management.

Related articles

• Configuring Zone Based Firewalls via SDM (ciscoskills.net)
• FireMon Leapfrogs Competition In Risk Analysis (ashimmy.com)
• Firewall Security Issue Raised in Report Angers Vendors (pcworld.com)
• Life without Firewalls – Possible,Yes Practical, No (ashimmy.com)
• Independent lab tests find firewalls fall down on the job (infoworld.com)

Today FireMon announced that we have acquired Saperix Technologies. As part of that acquisition we have acquired some patented technology that was developed by the MIT Lincoln Labratory for risk analysis.   You can read the details of the announcement at http://www.firemon.com/news/?id=943e72d1-c038-4296-aa6d-518582705a9c

Over the 10+ years I have been leading the development of Firemon I have seen many changes in the market, the technology and the needs of our customers.  When we first started development on Firemon the biggest issue was outages caused by incorrect changes.  In those early days, the firewall was still a relatively new technology.  Inexperience and poor processes would frequently result in mistakes that would block necessary and critical access, necessitating a monitoring and reporting solution to quickly identify and remediate these mistakes.

Over the years our mission has expanded. As the network became more complex and the threats our customers face became more diverse, Firemon has evolved. From pure firewall management focused on change monitoring and reporting, we added deep security configuration analysis, change process management and security audit and compliance.  All of these enhancements were customer driven and focused on providing the necessary solutions for our customers.

But we were not done.

Managing security in the enterprise requires a more holistic view of the data and systems in the enterprise. Risk analysis is about bringing in data about these protected assets and provides a new level of detail and visibility.  It also provides the information about critical exposures that put the enterprise at risk of compromise.  However, in looking at the competition and the general state of risk analysis in the market, we did not see anything that was scalable or frankly responsive enough to satisfy the need our customers had. That is until we discovered the Saperix Technology solution.

The risk analysis technology developed at MIT Lincoln Laboratory has been under development for 10 years. It is the most scalable and best risk analysis software we have ever come across. This technology, with its depth of analysis and scalable performance, will enable us to deliver a number of future innovative solutions.  While some expand the vision beyond our historic focus on firewalls, others drastically expand our core capabilities to report on the effectiveness of network layer defenses.

Our team is already hard at work at integrating the new risk analysis technology into our product line. We will begin to deliver these solutions to the market very soon.

FireMon created the solutions that started this market, we have delivered the innovations that have made it a must have solution and today marks the start of the next evolution.  We are all very excited with this acquisition and feel that you will be to when you see what it can do.

The final matchup of the FireMon Feature Bracket Challenge came down to this:  The perennial favorite, Policy Test versus the underdog and fan favorite, Rule Recommendation.  With two powerhouse features going head to head, who would come out on top? Continue reading “FireMon Feature Bracket Challenge Winner is…” »