Introducing FireMon Security Manager

FireMon Security Manager’s network security and IT risk analytics offer scalable, real-time assessment of device policy enforcement, from individual configurations to the combined effectiveness of all defenses, providing the agility and assurance necessary to keep access control in step with business. As an integrated platform spanning capabilities from device rules optimization to analysis of cross-infrastructure enforcement, Security Manager encompasses an enormous breadth of integrated features, eliminating the need for complicated integration of multiple products, and enabling critical processes including:

FireMon's Security Manager: Device & Policy Management

Policy Optimization

Analyze firewall policies to clean-up and optimize firewall configurations to improve security, manageability and performance. Key features include:

  • Find unused rules and objects.
  • Find hidden and redundant rules with actionable steps to remediate these conflicts.
  • Optimize highly utilized rules to dramatically improve performance.
  • Traffic Flow Analysis to reduce overly permissive rules by identifying exactly what traffic is flowing through a rule.
Unused Rules

Unused Rules

Identify any unused rules in your existing firewall policies to prevent unseen gaps in defense and reduce unnecessary complexity.

Hidden Rules

Hidden Rules

Discover hidden rules that make your firewall policies less effective, increasing visibility and informing proper documentation.

Rule Documentation

Rule Documentation

Identify and document every rule in your existing firewall policies to both achieve and report on compliance requirements.

Policy and Behavior Analysis

Continuous monitoring of all devices for any change to the configuration or policy. Understand what changed, when it changed, why it changed and the impacts of the change. Full change management solution including:

  • Automatic change detection in real-time
  • Audit log detailing all changes
  • Comprehensive and easy to understand comparison views in familiar policy layout
  • Change notifications
Policy Search

Policy Search

Leverage FireMon’s proprietary Security Information Query Language (SiQL) to locate and examine any existing firewall policies.

Traffic Flow Analysis

Traffic Flow Analysis

Trace the source and destination of every rule in each of your existing firewall policies (including NAT) to understand traffic flow.

Access Path Analysis

Access Path Analysis

Map and analyze all access paths created by your existing firewall policies to ensure proper network defense and segmentation.

Security Compliance Assessment

Review effectiveness and correctness of enforced policies on firewalls to identify gaps in protection and inconsistencies in configurations as well as enforce internal access controls.
Rule Definition Evaluation

Rule Definition Evaluation

Analyze and understand the effectiveness of rules incorporated in your existing firewall policies to ensure optimal compliance.

Assessment & Controls

Assessment & Controls

Define and employ unique security controls for customized, repeatable analysis, and reporting, of your existing firewall policies.

Security Analysis

Security Analysis

Gauge the efficacy of your existing firewall policies, including comparative scoring, to understand current access enforcement.

Service Risk Analysis

Service Risk Analysis

Calculate and assess the comparative level of security risk associated with your existing firewall policies to prioritize improvement.

Change Detection and Reporting

Identify and review the implications of every available path of access across the entire infrastructure to ensure proper enforcement and asset protection.

  • Trace the path through the network to find impacted device.
  • Troubleshoot connectivity issues.
  • Detailed, step-by-step firewall behavior analysis including routing, access control and NAT.
Change Reporting

Change Reporting

Create detailed documentation of all changes to your existing firewall policies to track, search and understand revisions.

Change Detection

Change Detection

Isolate, document and, when necessary, alert on every ongoing change implemented throughout your existing firewall policies.

Change Auditing

Change Auditing

Retain the ability to audit every change made to your existing firewall policies, with full search and historical event logs.

Change Comparison

Change Comparison

Review every proposed rule change against your existing firewall policies to ensure consistency and prevent redundancy.

Rule History

Rule History

Aggregate detailed documentation of all rules applied within your existing firewall policies to maintain a comprehensive repository.

 


To learn more about Security Manager, participate in an in-depth demonstration or sign up for a free 30-day trial to test its capabilities in your own unique environment, click here.