You’re in business because you can do something better and more efficiently than your customer can do it. And you keep your customers because you can prove it. So when it comes to managing firewalls, don’t just tell your customers that their firewalls are configured correctly. Show them.
Security Manager provides the tools that you need to maximize operational efficiency and provide the visibility that customers need to stay confident in your services. Security Manager’s distributed architecture, inherited permissions model and policy optimization features help your team work smarter. And the traffic analysis, automated compliance assessments, and on-demand change reports in Security Manager provide your customers with management transparency and accountability.
The Security Manager solution meets the unique challenges of an MSSP with a distributed data collection architecture that collects device configuration and log data, and sends that data back to the central application server for analysis and storage. This architecture offers flexible deployment options and can scale to manage thousands of devices.
One Security Manager application server can support hundreds of monitored devices across multiple customers. And while you can see all monitored devices on one screen, your customers shouldn’t be able to. With Security Manager’s inherited permissions model, you can be sure that each customer has visibility to only his devices and has the appropriate levels of functionality.
Assign permissions easily by grouping devices into logical segments based on your user base. Then, grant viewing and reporting permissions in just a couple of clicks.
Security Manager’s Change Reports precisely identify changes between two configurations or several configurations over time. They also include rule-level documentation so that each change can be traced back to a change request, a business owner and an approver. With Change Reports, customers have insight into how their requests are being appropriately implemented. And the Security Manager Audit Log provides incremental policy comparisons at the rule and object level so that with a quick glance, you’ll see that your change was made and documented.
The Security Manager Rule Documentation feature retrieves documentation about the rule, including business owner, expiration date and approver. This data is automatically and permanently associated with the rule in Security Manager so that you can report on why and where access is allowed.
FireMon’s Policy Planner module helps you gather customer change requests, design firewall changes, and verify that the changes are correctly implemented. Policy Planner can be deployed as a stand-alone system, or it can be integrated with existing change management systems like Remedy or ticketing systems like JIRA. Policy Planner and Rule Documentation help ensure that configuration changes are effectively designed, correctly implemented and completely documented.
In addition to the Security Manager GUI Client, Security Manager offers an API and pre-built portal applets designed for integration with MSS portals. The portal supports single sign-on authentication, and is built on the Security Manager permissions model for controlled access so that you can provide — or limit — visibility to published reports.
Traditional requirements like device inventory, configuration viewing and change reports are readily available from the framework, and the open API allows for rapid and flexible customization. Additionally, the framework provides easy customization of the look and feel of the applets, along with branding of the reports.