Firewall Network Risk Analyzer

With every access request granted, a potential security gap is created. The best way to combat unwarranted access is to preemptively identify and analyze areas of vulnerability. However, the complex nature of firewall configurations combined with the time-consuming burden of patching tens of thousands of vulnerabilities makes threats difficult to see and assess.

FireMon’s Risk Analyzer [PDF] reduces risk by analyzing your network infrastructure proactively and comprehensively, then simulating how attackers might gain access through vulnerabilities. With Risk Analyzer, organizations can quickly assess the impact of the potential attack, where multiple exploits can be used in combination and how prepared network defenses are to defeat an attack.

Enterprise-Ready Architecture

Risk Analyzer handles large, complex networks with tens of thousands of hosts and thousands of security devices, providing results in seconds, not hours.

Quantitative Risk Analysis

Risk Analyzer evaluates configuration data from network devices to provide a complete and accurate picture of your network.

Real-Time Defense Configuration

Risk Analyzer collects the latest configuration data from FireMon Security Manager with just one click.

Feature Overview

Risk Analyzer’s patented risk engine helps IT security teams discover weaknesses in the network, evaluate the impact of a combination of exploits and recommend changes proactively.

On-Demand Analysis

FireMon Risk Analyzer collects and reports the current configurations of network access controls deployed on firewalls, routers, switches, IDS/IPS, proxies and traffic gateways to ensure timely and accurate analysis. Thus, the remediation guidance provided by the application is based on live, changeaware data rather than periodic, out-of-date static sources.

Attack Simulation

attack simulation
FireMon’s network risk analysis is based on scan results from the industry’s leading vulnerability management solutions in addition to network configuration baselining.

  • Exploitability Simulation – an interactive model that illustrates which vulnerabilities are accessible. Accessibility is determined by the presences of open paths, hop paths or privilege upgrade exploits.
  • Vulnerability Prioritization – an ordered list of recommended remediation steps based on configurable risk criteria – including host criticality, network zone criticality, vulnerability severity and other assessment-specific variables.
  • Data Exporting – export simulation data via RESTful APIs to downstream solutions for more practical operational use in decision-making outside of console-based analysis.

Remediation Recommendations

Proactive What If Scenarios

In addition to the attack simulation functionality, remediation can also be simulated based on available patch strategies or access path changes to eliminate accessibility while still enabling critical services. The remediation simulation data can also be exported to aid patch management processes.

Access Path Analysis via Security Manager

Potential Attack Visualization
Decrease exposure and enable mitigation of risk by tracing all potential traffic paths, identifying problematic routes and implementing recommended adjustments to redirect access.

Risk Analyzer performs a topology-aware assessment of critical factors including device rules, access routing and NAT, and prioritizes risks based on ease of reachability, value of underlying assets and known patterns of existing attacks.

By adapting device rules to reroute access, risks can be addressed immediately and reduce complexity and time in patch remediation efforts.

To learn more about Risk Analyzer, participate in an in-depth demonstration or sign up for a free 30-day trial to test its capabilities in your own unique environment, click here.