Situational awareness for Federal networks
Federal agencies face difficult cyber security challenges, storing large amounts of confidential data, protecting critical infrastructures and being assailed by sophisticated threats from a broad range of adversaries. Government practitioners must also meet strict compliance requirements, including FISMA, DIACAP, PCI DSS, HIPAA, SOX, NERC-CIP, ISO 27001, and NSA guidelines.
Using manual processes to comply with these demanding standards is not effective or efficient and has led to the funding of the Department of Homeland Security Continuous Diagnostics and Mitigation (CDM) program. This $6 billion program focuses on automating cyber defenses to help agency and White House decision makers assess national cyber-attack readiness and implement effective responses.
The FireMon Security Intelligence Platform allows federal agencies to automate security device management and vulnerability risk analysis – two key requirements of the DHS Continuous Diagnostics and Mitigation (CDM) program – by quickly identifying, understanding and managing changes in overall security posture. With FireMon, agencies can truly embrace the spirit of continuous monitoring requirements via constant observation, analysis and resulting management of network access enforcement, proactively reducing IT risk while increasing operational efficiency.
Developed, tested and built in America, FireMon Security Manager offers:
- Real-time, uninterrupted visibility into current security device enforcement including logging of all configuration changes and recording all audit log details.
- The ability to model and test the impact of all changes prior to implementation to ensure that they do not create additional IT risks, reducing time and increasing efficiency while fully documenting all changes for compliance purposes.
- Continuous assessment of all security device configurations in real time, compared to detailed federal enforcement standards via a knowledge base of required criteria, allowing for audit of any device against those measures. Supported federal standards include:
- Federal Information Security Management Act (FISMA)
- Health Insurance Portability and Accountability Act (HIPAA)
- North American Electric Reliability Corporation/Federal Energy Regulatory Commission (NERC)
- NSA Router Configuration Guidelines
- Sarbanes-Oxley (SOX)
FireMon has invested significant resources to achieve Federal certifications. The Security Manager and Risk Analyzer elements of the FireMon Security Intelligence Platform are currently listed as “In Evaluation” for Common Criteria certification on the NIAP website.
Common Criteria certification includes testing against exacting security requirements by accredited laboratories. FireMon is pursuing a rigorous validation process with the US-based Leidos Common Criteria Testing Laboratory (CCTL). The Leidos CCTL, which has completed more Common Criteria evaluations than any other lab, is accredited by the National Voluntary Laboratory Accreditation Program (NVLAP), code 200427-0.
FireMon is a U.S.-based company headquartered in Overland Park, Kansas and is listed on several GSA contracts. The FireMon Federal Solutions team partners with a broad range of federal systems integrators and channel partners. For more information, contact firstname.lastname@example.org.