Not Just Automation: FireMon Security Manager v8.23 Release Advances Scalable Network Security for the Hybrid Enterprise
The notion that technology advances go hand-in-hand with vulnerabilities is well accepted. And as risk continues to advance, this relationship requires close attention and our best efforts to manage. If you are reading this, you may be acutely aware of the domino effect that exponentially increases with the number of firewalls erected, the types of data to be secured, and the number of users that need eyes on the network. Coupled with added roles, compliance controls, and varied threat protection required across public and private clouds, complexity takes rein.
This is where FireMon’s Security Manager, already the de facto standard for users with complex networks to manage changes in real-time, ensure continuous compliance, and clean up firewall rules, goes a step further to help you simplify and scale. Let’s check out some of the key features available now to optimize your security management processes.
Cloud Support Automation
We get it. Cloud infrastructure brings numerous security concerns. This includes the lack of visibility between on-premises and cloud environments, monitoring security controls and changes, and maintaining compliance. Built-in security features may not be enough. In our latest Security Manager update, we add more cloud automation for your day-to-day tasks. For example, users whose firewalls produce large raw files, such as Microsoft Azure, can now expand the file size limit. This removes the need to export large files into another program for viewing changes and comparing differences, saving both time and visibility on one screen.
We also add the ability to push rule, network andservice object changes through Policy Planner. Google Cloud Platform users can now get support through Security Manager, Policy Planner and Policy Optimizer for manual, batch and schedule retrieval. Depending on your device pack, this may also include device discovery, security rules, network objects, and services.
When it comes to the cloud, your visibility into what is going on can be, well, cloudy. FireMon Security Manager v8.23 extends the same visibility, automation and policy management you expect on-prem to the cloud, all in one place.
Advanced Security Profiles and UTM Enhancements
Security profiles and UTM continues to play an important role in adding necessary visibility across devices. As profiles expand into groups – antivirus, anti-spyware, file blocking, URL filtering, vulnerability protection, and so on – from managing rule changes to compliance checks, profiles are critical to ensure control. We have normalized profiles for Fortinet, Palo Alto Networks, and Juniper devices. Depending on the gear you have, features include security profiles that help define an 'allow but scan' rule, which scans allowed applications for threats, such as viruses, malware, spyware, and DDOS attacks. When traffic matches the allow rule defined in the security policy, the security profile(s) that are attached to the rule are applied for further content inspection, such as antivirus checks and data filtering.
If you’ve organized security profiles into security groups, don’t worry, we’ve got you covered too. And most importantly, you’ll be able to see and track changes when security profiles are changed on the rule – or even run an audit or filter the list of rules that don’t have an associated security profile.
UTM security features: application control, advanced persistent threat protection, Web and content filtering, IP reputation, integrated WLAN controller, intrusion prevention system, data loss prevention and antimalware – antivirus and antispam – all combine with normalized security profiles to provide even more visibility. Taken together, advanced security profiles and UTM enhancements in Security Manager v8.23 deliver the threat visibility, protection, enforcement and control you have come to expect from FireMon.
More Reporting, Please
Reporting is still critical to your success, and we are always looking for ways to save your time by reporting on the important things to cut through the clutter. That’s why we built Security Manager to give you everything you need in a single pane of glass. Yet, sometimes, that window of information needs to be shared to facilitate compliance or to enable someone else to manage rule changes. We have made it easier to export and share with added reporting functionality.
For example, Check Point users may be familiar with the "show-changes" and "show-task" commands. In previous versions, a revision was attributed to the user that had made the push down to firewalls. However, there may be several users’ worth of changes within that push. With this update, you can ensure accountability and accuracy by pulling granular change data to identify and record the user who made the changes to the policy.This functionality is now available for newer versions of Check Point R80, and we still support granular changes for Palo Alto Networks Panorama users.
Another reporting tool that will make life easier is our updated Risk Attack Report. Now, wait. You may be thinking, “I already get risk analysis from FireMon.” True, but now you can easily export the prioritized patch recommendations provided after a simulated “Attack from Here,” feature. Great for those who want to run simulated attacks and send the results to a patch team. This includes each Patch Recommendation which contains the list of compromised assets, and vulnerability details including Effect, ID, Description, and Service affected. It can then be shared and used as an actionable to-do list with the patching team. The Risk Attack Report can help you prioritize gaps and ensure you get the most out of your available resources to reduce and manage risks.
FireMon Doesn’t Rest
With customers that span the Forbes Global 2000, we cannot rest on what we know and have done over the years. To that end, we have expanded our technology alliances to include more of the next-gen firewalls that you use to keep your enterprise network secure.