Without proper configuration and management, even great technology can fail to provide
the desired security. Large, multi-vendor networks, migration to new technologies
like next-gen firewalls, data center firewalls and SDN, fast-paced virtualized operations
environments, and relentless compliance requirements only increase the chance of
improper configurations. Effective security management is facilitated by several
factors: managing and understanding configurations in real-time, intelligent planning
of ongoing changes, and a holistic view of your security posture.
FireMon's new Security Manager V7.0 and Policy Planner V3.0 releases introduce advanced
functionality to effectively manage the security of large, complex network environments.
Audit results from months ago likely do not reflect your true security posture today
– in the worst case, even one change after the audit can significantly change the
reality of your position. If your goal is assessing daily operational changes in
the context of your current risk posture, then outdated audit results cannot give
you the up-to-date information you need to make informed decisions.
However, even given the limited daily benefit, an inordinate amount of time is spent
preparing for mandated audits – time that could be better spent implementing ongoing
security best practices. FireMon's Continuous Assessment capability gives you the
best of both worlds – one-time assignment of best practices and compliance assessments
and ongoing, up-to-the-minute results against your current implementation.
Using the built-in library of Controls, you can even assemble custom assessments
representing your own corporate security policies, tracking previous audit mitigations,
or analyzing environment-specific risks. Simply select an assessment and indicate
the device or group of devices that you want to monitor, and FireMon takes care
of the rest:
- Detailed reports are available via personal notifications and web-based dashboards
- Powerful management features allow you to whitelist findings with an approved
- View common control failures by device, assessment, or severity and trend results
With Security Manager V7.0, you can obtain daily, empirical evidence quantifying
how your environment is getting more secure over time.
Advanced Business Process Integration
With Policy Planner 3.0, you can easily change FireMon's built-in workflow to enable
easier integration with existing enterprise workflow solutions. Build custom workflows
out of BPMN 2.0-compliant task types, including forks for parallel approval paths,
timers to escalate a ticket if it remains in process too long, decisions, notifications,
and user inputs.
Export your workflow in industry-standard modeling notation. Queue-specific templates
allow you to customize ticket information shown. Create flows that show different
views based on the type of change requested, the current step in the workflow, or
user access level.
Using FireMon's Access Path Analysis capability let the system select the relevant
devices for you and make recommendations about which rules to add along a selected
path. Extend the Continuous Assessment capability of Security Manager to assess
changes BEFORE they are implemented. Make sure that the rules you plan to implement
also conform to the standards in place for the selected device(s).
In addition to full-text search capabilities inside Policy Planner, version 3.0
also tightly integrates with FireMon's Insight platform, bringing the ability to
write ad-hoc queries based on ticket-related fields. For example, write queries
and create dashboard widgets showing the count of open tickets by status, or manage
your engineering force using a list of open tickets, assignee, and time in queue.
Enhanced Domain Support
In Security Manger 7.0, we've extended our Managed Service Provider capabilities
to offer even more support for multi-domain environments. By enabling our new Domain
configurations, you can maintain segregated, parallel environments – with vulnerability
data, custom assessments, zone definitions, and device configurations protected
from those of other customers.
Users with permission across multiple domains can share "global" Assessments, but
custom values inside each domain are hidden from other domains. Even Users and
User Groups can be limited to a single domain, allowing you to provide key customers
with access to manage their own Security Manager installation. All other Security
Manager tools, like the network map, policy test, behavior modeling, and Insight
portal queries inherit these domains automatically and restrict access to only the
Authorization via LDAP extends our long-standing LDAP authentication capabilities.
Once authenticated, the system uses configured LDAP group to Security Manager group
mappings, in order to appropriately permission the remote user. Let LDAP do what
it does best – manage users and group memberships, then quickly enable access to
an entire LDAP group by simply adding it to the mapping of an existing Security