The FireMon Security Manager platform provides constant visibility into network security enforcement, the impact of policy change, and the exposure of vulnerable systems to attack, allowing organizations to optimize their existing defenses and focus remediation on truly critical IT risks.
Security Manager empowers today’s enterprises, governments and MSSPs to significantly reduce their overall network attack surface, constantly validate compliance and drive far greater return from their existing network security investments via the Security Manager Core Platform, the Policy Planner Workflow Module and the Risk Analyzer Module.
Security Manager is built around a patented assessment engine that offers unparalleled scalability, performance and device support offering flexible integration and development capabilities via an open API.
- Firewall Management Optimization
- Network Security Enforcement Analysis
- Continuous Network Compliance Validation
- Real-Time Security Policy Change Management
- IT Risk Exposure Analysis and Prioritization
The FireMon Security Manager core platform deploys rapidly, designed from the bottom up to support continuous assessment of today’s sprawling enterprise security device architectures, featuring direct integration with thousands of firewalls, routers, switches and other network security devices from the industry’s leading vendors.
Security Manager’s patented analysis engine offers unrivaled scalability, backed by a distributed architecture along with dynamic policy and behavior normalization capabilities that allow consistent analysis of real-world, multi-vendor network security environments.
- Firewall Rules Assessment and Optimization
- Real-Time Change Detection and Auditing
- Real-Time Access Path Analysis
- Continuous Policy Compliance Auditing
- Network Security Visualization
Policy Planner Workflow
FireMon Security Manager’s Policy Planner Module substantially reduces the time and resources required to research and execute changes to security device infrastructure, ensuring that network defenses haven’t been unintentionally compromised, optimizing performance and protection.
By automating the security policy change process using Policy Planner [PDF], and automatically generating targeted mitigation intelligence and rules recommendations – all within the established operational workflow processes familiar to today’s IT security professionals – organizations can prevent defensive gaps and unseen consequences that result from incomplete visibility into evolving enforcement.
- Firewall Change Process Management
- Policy Change Engineering Recommendation
- Prevent Unnecessary Changes
- Policy Change Impact Analysis
- Integrated Rule Documentation
FireMon Security Manager’s Risk Analyzer Module analyzes the risk exposed through the existing network defenses to the critical systems they are meant to protect. This comprehensive analysis represents a more relevant, strategic method of determining the real-world risk posed by vulnerabilities discovered via network scanner assessments by putting them into context with the larger security ecosystem.
Rather than categorizing vulnerabilities and prioritizing remediation generically, Risk Analyzer [PDF] incorporates crucial visibility into how vulnerabilities are affected by available network access. In addition to adding this critical stream of intelligence into risk assessment, Risk Analyzer advances the overall network vulnerability management and remediation process.
- Network Attack Path Visualization
- Continuous Attack Surface Monitoring
- Network Security Enforcement Gap Analysis
- Security Operations Effectiveness Measurement
- Network Vulnerability Risk Prioritization