Demonstrating Continuous Compliance Across the Hybrid Enterprise

Elisa Lippincott

Change. The regulatory environment is always changing and staying on top of it with an IT landscape that is growing and evolving into hybrid cloud mishmashes is a daunting task.  In this two-part blog series, we intend to show you how with FireMon Security Manager and Lumeta you can not only get better visibility into the state of your security policy compliance but audit your security posture to ensure compliance as your environment changes.

FireMon helps you address the following:

  • Maintain continuous compliance with industry standards
  • Continuously monitor security enforcement point changes that could lead to unnecessary exposure, misconfiguration, unauthorized change and unacceptable risk
  • Generate detailed reports for all periodic assessments
  • Capture valuable policy documentation to meet compliance assessment requirements
  • Ensure that policy changes adhere to existing requirements
  • Recertify all mandated firewall rules and configurations
  • Identify threats and security holes in security policies that could be exploited by hackers
  • Help detect and mitigate security vulnerabilities
  • Provide actionable intelligence for remediation guidance

What does continuous compliance mean? With FireMon, continuous compliance takes seconds with automated audit reporting and alerts you when you start to drift. Only FireMon can offer continuous compliance, because it is the only solution with real-time monitoring, traffic flow analysis, and custom controls to give you a 360-view of the entire network.

 

Changes have moment by moment implications for security. With FireMon’s real-time monitoring you get to see what’s happening instantly, take corrective actions and continue to meet the security policies you’ve defined.

Traffic flow analysis monitors traffic patterns and assess their effects on your state of security. It’s not enough to have a well-written firewall rule, you need to see the result from rules, the traffic they produce and act when compliance with security controls drifts.

FireMon Security Manager delivers more than 350 preloaded controls – with the ability to customize and create your own – to mix and match to your specific compliance needs. Customized controls can work together in any combination, tailoring compliance for internal or regulatory standards including: PCI DSS 3.2, NERC CIP, Federal DHS CDM, NIST and many others. Security Manager is also pre-loaded with a number of assessments, like FireMon Best Practices, DISA STIG, NIST (SP) 800-41, PCI, Palo Alto Firewall Security Configuration, etc. The Security Concern Index (SCI) is a metric that provides an audit score so you can easily keep track of your compliance posture.

An assessment is a set of controls you assign to a device or devicegroup that notifies you when a change occurs in the device or device group. Instead of running an audit on each device or device group, assessments allow you to proactively monitor device trends.

You can assign one or more assessments to a device group. Once your assessment is assigned, Security Manager monitors the status of assigned devices against that assessment. You can set up email notifications to notify you when there is a change to a device or device group.

Security Manager also comes with a number of reports that can be used for compliance right out of the box. For example, Check Point users can access the Multi-Domain Report to receive granular results in the Multi-Domain Administrator audit check for a selected Check Point device. FireMon is continuous compliance, so we provide the Compliance and Assessment Report that provides continuous monitoring of a device or device group whereby a report is generated every time there is a change on the selected device.

The Control Report displays the single compliance control results against a device or device group. Security Manager also ensures PCI-DSS v3 validation with the PCI DSS Payment Card Industry Data Security Report.

This is just a snapshot of the reporting capabilities you get out-of-the-box with FireMon Security Manager.

Now you know why FireMon Security Manager is the defacto standard for network security policy management. Stay tuned, in our next review of compliance, we’ll detail the network-level discovery data and security auditing available in our Lumeta solution.

 

Special thanks to Director of Technical Services, Ron Miller and Knowledge & Instructional Content Manager, Mark Maxwell for their assistance with this post.

This is the first post in a series examining compliance. Read the second post here.