Webcasts

On Demand

May 21, 2013
Fast, Not Furious - Proper Security Management and Threat Research Prevents Hidden Threats

Every security professional faces the same challenge each morning - “what do I do first?” Upcoming infrastructure upgrades, the latest breach headlines, and urgent requests for system access compete for attention every day. How can you and your team be the most effective?

Making Fact-Based Decisions Using Real-Time Data

By consistently making fact-based decisions, based on the best operations data, that reflect your organization’s priorities. Mountains of data – configuration changes, new vulnerabilities, network traffic – is collected daily in your infrastructure. But what’s missing are methods and tools to visualize and assess this relentless flood. So taking actions that “feel” right can actually raise your risk posture, compromise policy compliance and halt critical operations.

This webcast will introduce the principles of fact-based network security and how FireMon’s policy and risk management solutions paired with Fortinet’s FortiGuard Labs cutting edge research enable automated processes for making data-driven decisions that reduce your risk posture and keep the business running.

Learn More
March 26, 2013
Clean Up Unruly Firewall Rule Bases

In most organizations firewall rule bases are out of control. Individual firewalls can have several hundreds to a thousand rules each, and hidden, shadowed and overlapping rules exist in almost every firewall. Studies indicate that as many as 50% of existing rules are unused, due to operations staff errors, reactive access changes, and continuous policy revisions.

In this environment making needed changes takes too long, important compliance audits are failed and network performance is impacted. But how do you get started and make progress - without making the situation worse?

Advanced firewall policy and change management tools can quickly show you:
  • Which rules are unused
  • Where traffic flows through each rule
  • How to clean up unnecessary access
  • When to tighten down existing rules

Rule base size and complexity will decrease, leading to increased efficiency in making new changes. Auditing will be quicker and less expensive. And your firewalls will last longer.

Learn how FireMon Security Manager provides both security and operations teams with the in-depth visibility and control needed to effectively cleanup unruly firewall rule bases.
Learn More
February 21, 2013
Building Risk Visibility into Your Firewall Management Process

Firewall deployments in large organizations can easily get out of control – and become rife with unnecessary risk. Inappropriate access is granted readily. Constant change complicates policy implementation. A real-time, enterprise-wide picture of network security posture is a distant dream.

Only by automating tedious manual processes at the operations, management and compliance levels of the organization can security teams regain control and better protect their information. This requires consolidated, real-time data of the security infrastructure and a scalable, distributed solution that provides fast, flexible analysis and reporting.

This webcast provides pragmatic advice on new technologies that will put hours back into each day, including how to:
  • Visualize the overall risk posture so management can understand security effectiveness
  • Simplify operations by understanding security device configurations of multiple firewall vendors
  • Continuously monitor critical data to ensure compliance daily,
    not annually
  • Tune discovered access paths to reachable, vulnerable assets so patching is not needed
Learn More
January 22, 2013
Building Risk Visibility into Your Firewall Management Process

Firewall deployments in large organizations can easily get out of control – and become rife with unnecessary risk. Inappropriate access is granted readily. Constant change complicates policy implementation. A real-time, enterprise-wide picture of network security posture is a distant dream.

Only by automating tedious manual processes at the operations, management and compliance levels of the organization can security teams regain control and better protect their information. This requires consolidated, real-time data of the security infrastructure and a scalable, distributed solution that provides fast, flexible analysis and reporting.

This webcast provides pragmatic advice on new technologies that will put hours back into each day, including how to:
  • Visualize the overall risk posture so management can understand security effectiveness
  • Simplify operations by understanding security device configurations of multiple firewall vendors
  • Continuously monitor critical data to ensure compliance daily,
    not annually
  • Tune discovered access paths to reachable, vulnerable assets so patching is not needed
Learn More
December 18, 2012
Expanding Visibility of Enterprise Network Behavior – New Security Manager V6.1
Increasing visibility to increase security is a trusted tenant of IT security.

Detailed visibility into reachable network assets is critical in identifying potential risks. What if you had deep inspection data of each risk path - think how precise and effective remediation could be.

Device configuration data, locked in individual vendor data formats, can be misconfigured and create attack openings. Imagine how a single integrated view of firewall configuration data would help security teams uncover potential weaknesses before they could be exploited.

New Version 6.1 of Security Manager from FireMon puts these advanced capabilities in the IT security team's toolkit. Join this webcast for full details and a demonstration of:

FireMon Access Path Analysis - Identifies the risk path through the network, including the interfaces, routes, security rules and address translation rules that allow the access path that introduces risk. Access Path Analysis gives security teams the information necessary to reduce risk without impacting network operations.

FireMon Insight - Combines a powerful web-based dashboard with a new domain-specific FireMon Query Language (FMQL) for unprecedented visibility into the current state of network and security configurations. Insight enables rapid, ad-hoc queries and audit checks to retrieve information from the configurations, changes and usage analysis stored by Security Manager.
Learn More
December 5, 2012
Implementing ISO 27001: Proactively Managing Risk within the Network
Do you have an ISO 27001 business objective to manage risk on your network? Finding it hard to identify and quantify risk?

Risk is not solely defined by vulnerabilities. Network security infrastructures go a long way towards limiting risk, but are very difficult to quantify exactly how and where those countermeasures are effective via prioritisation.

Attend this information-packed presentation by FireMon to learn how you can leverage your network security controls to drastically improve your measurement and prioritisation of risk. You will learn:
  • Why traditional vulnerability assessment falls short of real time risk management processes
  • How your network security can be used to mitigate many risks and how to measure and prioritise those that are left
  • Where in your management processes and risk identification can you provide the most value and how to get it
We'll discuss these topics and show you a live demonstration of FireMon Security Manager and its risk measurement features.
Learn More
October 30, 2012
Risk Ranking and Vulnerabilities – Meeting the New PCI-DSS 6.2 Requirement
While the PCI standard has always focused on effective handling of vulnerabilities, Requirement 6.2 now requires that risk rankings be assigned to newly discovered vulnerabilities. This will provide meaningful information to IT security teams as they assess overall risk and determine priorities. Organizations need to look at three critical steps – vulnerability identification, risk ranking and remediation – to comply with this new requirement.

This webcast will give compliance teams the pragmatic information needed to fully understand this new requirement and insight into new technology that can help automate implementation, including:
  • Full details of Requirement 6.2
  • Where 6.2 falls in a general vulnerability management life cycle
  • How 6.2 works to the advantage of an organization
  • Approaches for quantifying the risk associated with vulnerabilities
  • New risk analysis tools for automating risk assessment and measurement
Learn More
September 26, 2012
Manging Firewall Changes – Make the Right Change the First Time
Access change is constant because the business has new requirements. So, changing firewall policies is required, but there’s a big difference between good change and bad change. And, regulations and compliance frameworks require timely firewall auditing, so documented justification of all changes needs to be readily available.

Does your change process identify bad changes before it's too late? Can change workflow be automated to increase accuracy and reduce manual efforts?

Join this webcast to learn how firewall-intelligent workflow solutions can:
  • Collect firewall change tickets and recommend rule changes
  • Quickly and quantitatively assess the risk of a requested change
  • Assess proposed changes for compliance with internal policies and regulations like PCI
  • Enable efficient business, technical and compliance change reviews
  • Reduce the cost of documenting compliance for audits
Learn More
August 8, 2012
Surfing the Riptides: How to Detect the Undercurrents of Real Security Risk
In this webcast in Rapid7’s Life’s a Breach Summer Webinar Series, Bernd Leger, VP of Marketing, Products & Solutions at Rapid7 and Ward Holloway, VP Business Development at Firemon, will discuss how to build out a comprehensive vulnerability and security risk management strategy.

Participants of this webcast will learn:
  • How to discover, assess and prioritize vulnerabilities and misconfigurations in your networks, databases, operating systems and web applications.
  • How to visualize attack paths, showing how an attacker could penetrate the network.
  • How to conduct what-if analysis to ensure you know which remediation steps have the greatest impact to protect your critical assets.
  • How to measure risk and make it specific to your security program.
Learn More
July 31, 2012
Clean Up Unruly Firewall Rule Bases
In most organizations firewall rule bases are out of control. Individual firewalls can have several hundreds to a thousand rules each, and hidden, shadowed and overlapping rules exist in almost every firewall. Studies indicate that as many as 50% of existing rules are unused, due to operations staff errors, reactive access changes, and continuous policy revisions.

In this environment making needed changes takes too long, important compliance audits are failed and network performance is impacted. But how do you get started and make progress - without making the situation worse?
Learn More
July 12, 2012
Risk Profile Assessment Revealed: Visualise Your Own Unique Threat Landscape
More than three-quarters of security professionals have an information security risk plan in place, yet 76% do not have confidence in their solutions' ability to inform them of the state of their security and risk. – SC Magazine

Are you part of the 76%?

Mountains of network security data is collected, and reacted to, every day. However, a 2012 information security professional worth their salt needs to be proactive. This requires an effective risk profile, or risk posture, management system that identifies the most potent threats and vulnerabilities to his/her own organisation, given their specific network architecture and configurations.
Learn More
June 21, 2012
Actionable Intelligence Through Risk Posture Assessment
Mountains of network security data is collected every day, including policy updates, configuration changes, new vulnerabilities and network traffic. But this information documents activity and events that have already happened and can only be looked at reactively.

To proactively improve risk posture, which is how threats and vulnerabilities can impact individual organizations given their unique network architectures and specific configuration profiles, real time risk visibility and analysis is need. But security teams lacks both methods and tools to visualize and assess risk. So taking action that feels right can raise your risk posture, compromise policy compliance and halt business operations.
Learn More
May 23, 2012
Visualizing Risk – Measure Twice, Act Once for Continuous Monitoring
The challenge every security pro faces each morning is “what to do first?” Big picture planning, threat detection, and complying with continuous monitoring mandates clamor for attention every day. How to be most effective? By consistently making fact-based decisions, based on operations data, that reflect FISMA and organizational priorities.
Learn More
April 26, 2012
Highway Congestion, Risk Prevention & Business Unit Requests: How Security Engineers Get It Done
Every security pro faces the same challenge each morning - "what to do first?" Upcoming infrastructure upgrades, the latest breach headlines, and urgent requests for system access compete for attention every day. How can you and your team be the most effective?

Join F. Ward Holloway III of FireMon to learn how your compliance efforts can become highly efficient so you can focus on the challenge of increasing security effectiveness.
Learn More
March 28, 2012
Moving Securely to Virtual Data Centers
Compelling economic and operations benefits puts moving to virtual data centers high on the approved projects list of many organizations. New processing and security infrastructure, including next gen firewalls, promise significant leaps in both performance and security. But what are the key factors to focus on to ensure these are delivered as promised?

A three step approach - enterprise risk review, current environment cleanup and new capability deployment – has proven effective for organizations of all sizes. Join FireMon President and CTO Jody Brazil to learn how new technologies can now help automate and operationalize each of these three critical phases:
  • New risk visibility tools that can see, measure and virtually test needed network changes
  • Advanced firewall management that speeds rule base clean up and automates change workflow
  • Next gen firewalls with data center-class availability, performance and scalability
Learn More
March 20, 2012
PCI Compliance - It All Starts with Effective Firewall Management
The PCI-DSS standard's Requirement 1 focuses on firewall implementation, policy definition and configuration management and rightly so. Done right this establishes an effective perimeter defense - done wrong it's a constant source of unnecessary risks, manual processes and overtime.

Join Tim Woods of FireMon to learn how your compliance efforts can become highly efficient so you can focus on the challenge of increasing security effectiveness.
Learn More
February 22, 2012
Visualizing Risk – Measure Twice, Act Once
The challenge every security pro faces each morning is "what to do first?" Big picture planning, threat detection, refining operations and automating compliance clamor for attention every day. How to be most effective? By consistently making fact-based decisions, based on operations data, that reflect your organization's priorities.
Learn More
February 14, 2012
Ops Task or Risk Vector? – Managing Firewall Rules
Typically seen as an operations task, managing firewall rules has both tactical and strategic implications. Done incorrectly it can raise an organization's risk posture, compromise policy compliance and halt business operations. Understanding these multiple risks in real time – BEFORE making any changes – is the key to effective and pro-active perimeter defenses.
Learn More