Introducing FireMon Risk Analyzer

FireMon’s Risk Analyzer Module evaluates the effectiveness of the security infrastructure by analyzing the exposure of identified system vulnerabilities in the context of the network access controls. Using the results of vulnerability scanners and the network and security data from Security Manager, Risk Analyzer [PDF] identifies all potential attack paths into and through the network. The result is a picture of risk, with the probability of successful attacks through existing defenses. To reduce this risk most effectively, Risk Analyzer prioritizes remediation activities including vulnerability prioritization.

FireMon's Risk Analyzer: Risk Assessment and Visibility

Vulnerability Prioritization

Understand where defenses already mitigate existing vulnerabilities versus those that pose a significant risk to the organization. This is required by PCI DSS to ensure an effective vulnerability remediation program is in place. With that comes:
Vulnerability Prioritization

Pre-change Risk Analysis

Identify potential risk associated with change requests by integrating Risk Analyzer and Policy Planner. New risk exposure is identified by modeling the proposed change and evaluating the effects of the change before the change is ever made.

Firemon Firewall Security Image

Effectiveness Measurement

Measure the effectiveness of ongoing risk mitigation and patch remediation efforts to chart improvements and track performance.

Potential Attack Visualization

Map all paths of available access from threats to vulnerable applications, providing real-world IT risk visibility.

  • Detailed access path analysis showing how an attack could traverse the network
  • Topology aware analysis taking into account firewall rules, routing and NAT
  • Exposed vulnerabilities identified
  • Firewall rules responsible for allowing access identified
Potential Attack Visualization

Continuous Attack Surface Monitoring

Use the intelligence provided by knowledge of all attack paths to measure exposure across the entire network and drive mitigation efforts.
Continuous Attack Surface Monitoring

Network Security Enforcement Gap Analysis

Identify places where policies fail to work in concert to provide desired protection with direct knowledge of critical assets.
Network Security Enforcement Gap Analysis

To learn more about Risk Analyzer, participate in an in-depth demonstration or sign up for a free 30-day trial to test its capabilities in your own unique environment, click here.