The Best of Firewall Management - Omni Search
In this series, FireMon leadership shares their favorite features of the latest release of our device and policy management solution, Security Manager.
Jody Brazil, co-founder and chief product strategist, has overseen development of our flagship product since the beginning. He explains how Omni Search takes the power of a query language and turns it into Google-like search for rules and objects within your network.
A number of years ago, we launched a community site called Nexus where customers could download and share audit checks. We published a lot of them based on customer requests and feedback. After a year or so of collecting requests and publishing checks, we realized that nearly 90% of all the requests were around the concept of “search.” Customers wanted to be able to find rules that match some condition or combination of conditions as well as objects and where they are used.
Rather than writing unique custom checks for each one-off request, we had the idea to build a query language. This became the basis for FMQL and ultimately SIQL enabling users to search for all things with a powerful query language.
But, SIQL can be intimidating. So, what if we made it as easy as Google? We did with Omni Search. This very unassuming little feature is perhaps the most powerful feature of the entire application built completely around the power of SIQL.
Omni Search is the global search bar displayed at the very top-center of the application. It combines two key features: navigation and searching. Omni Search is significantly more effective for device navigation than the tree view in large environments. By simply typing in a few letters of the device name a list of devices is dynamically returned making finding a device quick and simple. And for searching, if you type text and hit enter you are presented with results fr beyond a list of devices. Using the power of SIQL, Omni Search returns a broad list of matching objects - think Google for your personal network security data.
As the name implies, Omni Search searches all things in Security Manager, specifically it searches across the entire domain of data for:
- Devices (by name, IP, vendor, description)
- Device Groups (name, description)
- Security Rules (name, sources, destinations, applications, users, comment)
- Network Objects (name, IP)
- Service Objects (name)
- User Objects
- Application Objects
- NAT Rules
Additionally, if you type in an IP Address (e.g.: 22.214.171.124, 10.1.1.0/24), Omni Search will do network-aware searching of these same objects. By simply entering an IP address, you can find all the network objects that reference that IP and a list of all the rules that use that IP Address in the source or destination. Imagine troubleshooting connectivity: in a few seconds, you can find all the references to a troublesome IP Address enabling immediate resolution to issues.
To see Omni Search in action, view a walkthrough of the feature here: