Introducing FireMon Risk Analyzer

FireMon’s Risk Analyzer Module evaluates the effectiveness of the security infrastructure by analyzing the exposure of identified system vulnerabilities in the context of the network access controls. Using the results of vulnerability scanners and the network and security data from Security Manager, Risk Analyzer [PDF] identifies all potential attack paths into and through the network. The result is a picture of risk, with the probability of successful attacks through existing defenses. To reduce this risk most effectively, Risk Analyzer prioritizes remediation activities including vulnerability prioritization.

Firewall Network Risk Analyzer

Vulnerability Prioritization

Understand where defenses already mitigate existing vulnerabilities versus those that pose a significant risk to the organization. This is required by PCI DSS to ensure an effective vulnerability remediation program is in place. With that comes:
Vulnerability Prioritization

Pre-change Risk Analysis

Identify potential risk associated with change requests by integrating Risk Analyzer and Policy Planner. New risk exposure is identified by modeling the proposed change and evaluating the effects of the change before the change is ever made.

Firemon Firewall Security Image

Effectiveness Measurement

Measure the effectiveness of ongoing risk mitigation and patch remediation efforts to chart improvements and track performance.

Potential Attack Visualization

Potential Attack Visualization
Map all paths of available access from threats to vulnerable applications, providing real-world IT risk visibility.

  • Detailed access path analysis showing how an attack could traverse the network
  • Topology aware analysis taking into account firewall rules, routing and NAT
  • Exposed vulnerabilities identified
  • Firewall rules responsible for allowing access identified
Continuous Attack Surface Monitoring

Continuous Attack Surface Monitoring

Use the intelligence provided by knowledge of all attack paths to measure exposure across the entire network and drive mitigation efforts.

Network Security Enforcement Gap Analysis

Network Security Gap Analysis

Identify places where policies fail to work in concert to provide desired protection with direct knowledge of critical assets.

To learn more about Risk Analyzer, participate in an in-depth demonstration or sign up for a free 30-day trial to test its capabilities in your own unique environment, click here.