Security Analysis


F5 Device Management

F5 Change Screen Capture

FireMon® Security Manager streamlines F5 BIG-IP device management by providing real-time operations management. Integration between Security Manager and BIG-IP Local Traffic Manager™ (LTM™) provides real-time change management for F5 BIG-IP LTM. Security Manager’s intelligent device awareness provides multi-device object consistency checking and high-availability device consistency reporting.

Policy Test

Policy Test Movie

Firewall policies become large and complex. When troubleshooting access problems or preparing to satisfy new access requirements, the most difficult thing to determine is how the firewall is currently handling traffic scenarios.

Policy Test is a tool that models packets through the routing and security policy. By providing source and destination addresses with the service protocol, Policy Test will determine how the traffic will be routed through the firewall and which security rule will apply. Using this tool, you can quickly determine which security policy is being applied, if the traffic is already accepted and where it is being dropped.

Additionally, common scenarios such as Internet traffic to a mail gateway with SMTP, can be modeled and saved for analysis every time the firewall changes, helping ensure the continuity of business operations.

Global Search

Global Search Screen Capture

Another problem with large firewall policies is finding things. Security Manager’s Global Search feature allows users to enter network definitions and find objects and rules across all of their firewalls. With this search tool, you can quickly find which rules pass traffic to a network or the network object that should be used for a new rule.

Service Risk Analysis

Service Risk Analysis Screen Capture

"Which services are risky in the enterprise?" is an often-asked question. Rarely is the answer as simple as a single list. Unencrypted protocols pose inherent risk yet are often used for efficiency between two secure zones or when other mitigation techniques are in use. Service Risk Analysis is a feature designed to let the user define the risk of services in certain scenarios (ex., inbound FTP is high risk, outbound is moderate) and automatically assess all rule sets, measuring the risk posed.