Posts Tagged ‘FireMon Experts’

FireMon announced the release of Security Manager version 6.1 yesterday. We are extremely excited about the new features and functionality that are a part of this release, which further extend FireMon’s unparalleled ability to strengthen both operational effectiveness and security posture. One feature that we are particularly keen on is the new Access Path Analysis (APA). Leveraging the patent-pending FireMon behavior analysis framework, IT personnel can both proactively predict and forensically record the flow of packets through network configurations and obtain detailed path analysis – including routes, interfaces, firewall and NAT rules that a packet encounters while traversing the network. Access Path Analysis uses the behavior of normal traffic as it traverses the network to understand what vectors and/or behaviors could allow malicious traffic to find critical assets. This allows more effective risk analysis and better informed remediation activities.

The 6.1 release includes additional features, including FireMon Insight, Device Packs and a new FireMon Query Language  (FMQL) API. FireMon Insight is a real-time dashboard of all your security configurations. Insight consumes the configurations of all major firewall vendors and presents data across all of them in a single, customizable dashboard. There is a critical need to transform configuration data into a usable form that can be quickly digested and acted upon. Insight enables security practitioners to quickly get the results of your queries even across hundreds of thousands of rules and millions of objects in multi-vendor environments. Turn those queries into meaningful, automatically generated security metrics in a matter of seconds. Device packs will enable FIreMon to add support for new devices quicker and not require an upgrade to Security Manager. The FMQL API will enable large organizations with a development staff or managed service providers to pull FireMon data and analysis into other systems. You can learn about all of these new features here, and read what Dark Reading wrote about the release as well.

Today at the Juniper Networks Global Partner Conference, FireMon was honored to be invited to participate in the keynote address. FireMon’s President & CTO, Jody Brazil, joined Juniper’s CEO Kevin Johnson to demonstrate FireMon Risk Analyzer running on Junos Space. We at FireMon are thrilled to be partnering so closely with Juniper. The Space platform represents a significant development in terms of network programability and extensibility. FireMon Risk Analyzer leverages the rich real time configuration data provided by Junos Space to maintain the most accurate and update network topology within Risk Analyzer. FireMon also announced that while the current release of Risk Analyzer supports hooks into space, the release of Junos Space 12.1 would see the release of Risk Analyzer running natively within Junos Space. FireMon and Juniper will continue to work closely together to create the most accurate and real time risk analysis and remediation tool for Juniper environments, with many more exciting developments to come throughout the year.

In addition to Risk Analyzer, FireMon has introduced Back Box, a centralized, enterprise backup solution for the critical security and network devices that provides a scalable, reliable and verifiable backup solution for your network. In my past roles as both a security consultant and a named accounts senior security engineer, I have had the privilege of working with some of the largest Network and IT Security organizations in the world. One element that was surprisingly all to common amongst these different organizations was that many of them had back-up solutions that were built in-house by their best engineer. While these customized solutions worked, inevitably said engineer left the organization at some point. Subsequently, another engineer or even a team of engineers had to figure out how the solution worked, and often ended up writing their own solution when they were unable to figure out how to update or add additional features to the previous custom tool. Most troublesome, many of these solutions had no mechanism to validate that a backup was completed and verifiable, and resulted in not being able to utilize a backup when a down situation occurred. Back Box provides a single, central location for all your network device backups and verifies that all of the components necessary for restoration are captured and usable with real-time status and reporting capabilities.

The combination of Risk Analyzer and BackBox along with Security Manager and Policy Planner give FireMon the most complete product suite to enable organizations of all sizes to optimize their network security posture. What is exciting to me is that organizations are starting to realize the importance of having a tool that enables them to have a complete picture of the state of their network security, and are no longer considering this just a nice to have. Consider one of our large customers in the financial vertical. They have 700 firewalls deployed globally, with an average of 300 rules per device. With over 200,000 rules to manage on a daily basis, they have come to rely on Security Manager to enable them to plan and report on any changes to the firewall policy, increasing their visibility as a security team. The Rule and Object Usage report has become a weekly process within their organization, allowing them to see which rules and objects are unused over a defined period of time and safely removing them. Security Manager automates the change process for them, capturing justification of access with Policy Planner and making compliance a repeatable and automatic process. Surveys consistently show that perimeter security is still considered one of the most important security tools to protect an organization. Security Manager and Policy Planner help enterprises manage these most important devices better so you can provide better service to your users at a lower cost to you.

This is why I am so excited to be at FireMon now. The company that invented the space continues to innovate and enable our customers to manage their risk in real time and ensure their enterprise has the optimum network security posture. This innovation is just the tip of the iceberg, and over the next year I look forward to sharing with you more of the many exciting developments and innovations we will bring in our products and with our partners to help you ensure your enterprise is optimized and secure. That is why you need FireMon, Now.

As the “Chief Customer Officer”, I have the chance to travel the world and meet with current and prospective customers to understand how we can provide them value with our solutions.    Unfortunately, with all of this travel, I seem to find myself affected by some pretty crazy events.

A few months back, Dallas got a record 15+ inches of snow in one day, delaying my return trip home for 3 days.   And this week, I find myself in London as part of “The Story”.   Part of the story meaning – I am one of the millions of passengers that cannot get to where I need to go because of an erupting volcano in Iceland.   Read the rest of this entry »

Let’s face it, sometimes firewalls just don’t behave. It’s not for a lack of trying…no, quite the opposite, we” tell” it what to do over and over, and many times in hundreds of different ways through various commands otherwise known as rules. Over time, these rules go unheard, and unused, and the result is unpredictable, sometimes unruly behavior. Alas, your young pup becomes a lethargic beast whose legs quiver under the strain of keeping the rest of its body mobile and willing to move.

Enter the Firewall Whisperer. Equal parts drill sergeant and psychologist, it is time to make some changes, some subtle, others drastic, all effective – FireMon.

Analogies aside, unused rules are a serious problem and these days, top of mind for most firewall administrators given that nearly 40% of all rules on a firewall go unused, according to several published reports. It hasn’t always been this way: in fact, for several years, we [Secure Passage] evangelized the problem and our “Rule Usage Analysis” feature as a sales organization only to be met with a, “…cool, but could we hear more about your change control and auditing features?” (In our prospects defense, the year was 2004 and FireMon 2.1 with Rule Usage Analysis had just been introduced.) Of course, we were all too happy to show off those well established features [change control and auditing] whose entre into the security space was made public 3 years prior in 2001, to solve the problem of tracking and auditing changes made to the firewall in a market-defining way that was both graphical and historical collected in real-time. Read the rest of this entry »

The other day, I wrote about the risk associated with permitting access through a firewall (see post).  However, obviously a firewall can’t block all access (might as well just cut the cable in that case).  So how do you justify the risk of allowing access through a firewall?

Given this reality that permissive rules in a firewall represent some risk to an organization, then it must be true that to effectively manage risk at the firewall is to effectively manage the rules that permit access through the firewall.  Ok, I realize this is obvious, but this is not how firewalls are managed today.

Read the rest of this entry »

I am very pleased and excited to announce the release of FireMon eVolution, version 5.0 (Press Release).  Dating back to 2001, when FireMon v1 was first released, FireMon has been a clear innovator in the space of Security Management.  This release is no different, bringing several very impressive innovations to market.  But, FireMon eVolution is more than just a technological advancement; this release represents a true evolution in firewall management.
Read the rest of this entry »