Security Intelligence Platform

The FireMon Security Intelligence Platform provides continuous, real-time visibility into network security infrastructure, policy effectiveness and underlying IT risk, allowing organizations to optimize existing defenses, remediate exposed vulnerabilities and prevent today’s multi-staged attacks.

Built around a patented intelligence engine and delivered to large organizations worldwide with a broad range of integrated capabilities, the FireMon Security Intelligence Platform is the market’s only truly scalable, comprehensive and context-aware source of real time Network Security Intelligence.

Unlike security analysis tools that provide information on historic conditions or events, or assess risks using static threat or vulnerability data, the FireMon Security Intelligence Platform generates predictive analytics that empower today’s IT security teams to proactively address pervasive issues of complexity and change, reducing their overall attack surface.

Capabilities:

  • Network Security Infrastructure Device Optimization
  • Enterprise Network Security Enforcement Analysis
  • Automated Policy Workflow and Compliance Validation
  • Event-Driven, Integrated Access Policy and Rule Review
  • Context-Aware IT Risk Exposure Analysis and Prioritization

 

Security Manager


The FireMon Security Manager core platform deploys rapidly, designed from the bottom up to support continuous assessment of today’s sprawling enterprise security device architectures, featuring direct integration with thousands of firewalls, routers, switches and other network security devices from the industry’s leading vendors.

Security Manager’s patented analysis engine offers unrivaled scalability, backed by a distributed architecture along with dynamic policy and behavior normalization capabilities that allow consistent analysis of real-world, multi-vendor network security environments.

Capabilities:

  • Firewall Rules Assessment and Optimization
  • Real-Time Change Detection and Auditing
  • Real-Time Access Path Analysis
  • Continuous Policy Compliance Auditing
  • Network Security Visualization

Policy Planner Workflow



FireMon Security Manager’s Policy Planner Module substantially reduces the time and resources required to research and execute changes to security device infrastructure, ensuring that network defenses haven’t been unintentionally compromised, optimizing performance and protection.

By automating the security policy change process using Policy Planner [PDF], and automatically generating targeted mitigation intelligence and rules recommendations – all within the established operational workflow processes familiar to today’s IT security professionals – organizations can prevent defensive gaps and unseen consequences that result from incomplete visibility into evolving enforcement.

Capabilities:

  • Firewall Change Process Management
  • Policy Change Engineering Recommendation
  • Prevent Unnecessary Changes
  • Policy Change Impact Analysis
  • Integrated Rule Documentation

Policy Optimizer



FireMon Policy Optimizer Module significantly extends the capabilities of Security Manager, adding event-driven review and improvement of network security device policies by providing a single-pane interface connecting security management and access policy owners to automate workflow and speed responsiveness.

Designed to give network security teams the ability to identify problematic rules and communicate with stakeholders responsible for existing access, as well as to enable policy compliance recertification (including PCI DSS), Policy Optimizer addresses a critical gap, allowing for continuous review of security device configurations, increasing efficiency and strengthening defenses.

Capabilities:

  • Event-Driven Rule Review Enrollment
  • Intelligent Policy Owner and Review Assignment
  • Multi-Factor Rule Use and Criticality Analysis
  • Policy-Compliance Requirement Recertification
  • BPMN 2.0 Business Process Management Integration

Risk Analyzer



FireMon Security Manager’s Risk Analyzer Module analyzes the risk exposed through the existing network defenses to the critical systems they are meant to protect. This comprehensive analysis represents a more relevant, strategic method of determining the real-world risk posed by vulnerabilities discovered via network scanner assessments by putting them into context with the larger security ecosystem.

Rather than categorizing vulnerabilities and prioritizing remediation generically, Risk Analyzer [PDF] incorporates crucial visibility into how vulnerabilities are affected by available network access. In addition to adding this critical stream of intelligence into risk assessment, Risk Analyzer advances the overall network vulnerability management and remediation process.

Capabilities:

  • Network Attack Path Visualization
  • Continuous Attack Surface Monitoring
  • Network Security Enforcement Gap Analysis
  • Security Operations Effectiveness Measurement
  • Network Vulnerability Risk Prioritization