In this series, FireMon looks at the five most important capabilities a network operator must build into their management practices in order to keep their environments secure, compliant, and ready to grow. Here is the second: integration.
Pillar #2 – Integrate Anywhere
So many security devices. So much sprawl. So little control or consistency. Network operators are swamped by multitudes of misaligned processes that fracture the work of network, security, and engineering teams. Manual processes around policy management slow responsiveness and lead to redundant efforts, while manual security and compliance checks across a diverse environment hinder deployment and throttle feature delivery. And when a new security tool is added, fitting it into the security stack often requires wholesale changes across the entire environment.
Less than 1 out of 4 network operators surveyed by FireMon report that their organizations are using integrated network security. That means that about 75 percent are still trying to manage their complex, multi-cloud environments on spreadsheets and connecting them with massive code projects that are hard to manage, hard to secure, and hard to prove are compliant.
As networks continue to grow in complexity, these struggles can’t be swept under the rug. Enterprise network operators are eager to use APIs to solve the pain of sprawl, hoping to increase their businesses’ overall efficiency and value, get a better ROI on their security spend, easily adapt innovative business models, and cherry-pick solutions based on features, not compatibility with existing assets.
That all sounds great, and it would be — if all APIs lived up to the hype. But not all APIs are created equal. Some are hard to understand or are poorly written, requiring DevOps to grind out even more complex code to get them to work. Then the new code must be tested, debugged, and tested again, and by then, the benefits of using an API have been whittled down to nearly nothing. When an update is needed or a new vendor is added into the stack, all that code needs to be checked and changed again. Hopefully, there is good documentation. In reality, there probably isn’t.
We at FireMon believe that integration isn’t just another feature – it’s the lifeblood of the modern enterprise, enabling organizations to extract critical data and deliver it instantly where it is most needed. Enterprises need robust, well-defined API structures if they intend to easily exchange information between all their security solutions.
The Agile Approach: API-First
FireMon’s integrations extend our network security policy management capabilities to other tools and platform, no matter where in your environment they reside – public cloud, private cloud, on-premise, or a hybrid mix. The result is a single, infrastructure-agnostic platform that enables two-way sharing of data between security devices, platforms, and applications, so security tasks can be accomplished faster and more easily.
Integrations can be automatic, partially customized, or fully customized, so every use case can be served, and DevOps can use their own toolchain for all integrations. Out-of-box integrations are available for the most popular platforms, including Microsoft Azure, ServiceNow, Cisco ACI, and Swimlane (and many more), but FireMon APIs are flexible enough to accommodate custom code, complete with two-way data sharing and automation.
In addition, FireMon’s agile NSPM platform integrates with SOAR, ITSM, vulnerability management, and DevOps tools. Any functionality can be integrated via code, Swagger UI, or workflow building blocks.
The KPIs of APIs
There are three key attributes to being able to integrate anywhere: extensibility, flexibility, and innovation, AND can meet these four critical KPIs:
- The API must enhance user experience and encourage greater interaction with the intuitive user interface
- It must be easy for DevOps to understand so they can focus on spinning up applications
- It must be flexible enough for DevOps teams to use in novel, innovative cases
- It must enable businesses to easily trial the FireMon platform in test environments for specific use cases.
Before we roll out any API, we make sure it fills all those requirements, because our APIs have to be easy to use if we’re going to help you become more secure, efficient, and agile.
What’s All This Look Like in Real Life?
FireMon customers report a 40 percent reduction in active rules and a $10.3M cost avoidance over 5 years. These benefits are achieved by reducing complexity – for example, one customer was able to reduce their number of firewall vendors from 9 to 4, gaining visibility across all firewalls with the ability to drill down, automation of their rule request process, automation of their policy audits, and the injection of compliance checks within existing workflows.
FireMon network security integrations are built to be flexible, but the most common use cases are:
Centralize management & orchestration of policies
Get accurate data through a single interface in real-time.
Get real-time scans by integrating FireMon’s native visibility features with vulnerability scanners and correlating them with network topology and security configuration data.
Support network changes
Integrate FireMon’s agile NSPM platform with other vendors’ security devices on-premise or in the cloud.
Accelerate change management
Fast-track integrations out of the box with ITSM tools. Extend ticket and routing processes and other workflows to network security policies.
Support enterprise automation
FireMon integrations extend beyond policy management, supporting discovery, risk mitigation and network configuration and management, through both native functionality and integration with third-party tools.
Streamline and speed incident response
Combine threat alerts from SOAR with FireMon rule recommendation and automation.
See for Yourself
See for yourself how you can gain 100 percent visibility into your complex environment and shorten SLA times while enforcing and unifying security policies across your hybrid infrastructure. Schedule a demo today to learn how FireMon can help you get more out of your existing security investments and increase the agility and security of your network right now.