FireMon in the News
Westcon Group is hoping to get bigger by thinking smaller. The distributor Monday launched a new incubation program aimed at bringing five up-and-coming technology vendors into emerging markets overseas.
The first company in the new program is FireMon, a fast-growing security company started by Gary Fish, the one-time CEO of FishNet Security, which earlier this year merged with Accuvant.
Kansas City Business Journal
Three Kansas City-area entrepreneurs will advance to the next round of competition in the EY Entrepreneur Of The Year Award. One of the three executives is Jody Brazil, CEO of Overland Park-based FireMon LLC.
Kansas City Business Journal
The Overland Park-based cyber security firm tapped industry veteran James Lewandowski to fill the role. Lewandowski brings a wealth of management experience from fast-growing companies, such as FireHost, where he most recently served as CEO. The Texas-based secure cloud hosting provider reported 70 percent revenue growth in 2014 and increased its workforce by about 60 percent, according to the Dallas Business Journal.
James Lewandowski joins the Overland Park, Kan.-based company from FireHost, a secure cloud and managed hosting company, where he was CEO. He has also held executive positions at Rackspace, McAfee, Yahoo, BMC Software and IBM.
In an interview with CRN, Lewandowski said he chose to join FireMon because he sees it solving a problem in the network security marketplace with a solution to abstract and automate policy management. As he comes on board, Lewandowski said he hopes he can leverage his 30 years of channel and market expertise to deepen FireMon’s market penetration.
Jody Brazil, CEO of FireMon: “With the continued advancement of preventative technologies and efforts to catch emerging attacks at the network perimeter, it’s interesting to see that Verizon still continues to highlight a general “detection deficit disorder”. Coupled with the finding that most attacks occur in a very short period of time after the initial compromise, this speaks to the fact that it remains extremely difficult to identify and prevent threats in anywhere close to real-time. As a result, the clear takeaway is that organizations must continue to focus their efforts on strengthening and improving existing defenses. Taking a more comprehensive, proactive approach to risk mitigation remains the most viable alternative, coupled with advanced threat detection methodologies…”
KANSAS CITY BUSINESS JOURNAL
FireMon LLC has added two new members to its management team, both of whom previously worked at FishNet Security Inc. in the same roles.
“These two new hires are indicative of very aggressive growth plans for FireMon,” CEO Jody Brazil said. “They’re both important to our growth today, but they are also central to that vision of the company we see in the next year and two years out.”
Less than two months after a blockbuster merger between Accuvant and FishNet Security, two of the company’s executives have been scooped up by partner network security intelligence company FireMon.
On Thursday, FireMon announced it had added Brandy Peterson as chief technology officer and John Van Blaricum as vice president of marketing. Both executives held the same title at FishNet before starting at FireMon in February.
THE VAR GUY
Security intelligence solution provider FireMon has appointed former FishNet Security executives Brandy Peterson and John Van Blaricum to its executive team. Peterson will assume the role of chief technology officer, with Van Blaricum stepping in as vice president of Marketing. Both men began their new positions in February.
KANSAS CITY BUSINESS JOURNAL
Overland Park-based FireMon LLC has acquired a California-based tech firm.
Immediate Insight’s six employees, including the company’s two founders, will join FireMon but will not relocate to Overland Park. The acquisition will result in the hiring of five to 10 employees during the next few months in marketing and research and development positions, FireMon CEO Jody Brazil said.
Security vendor FireMon has acquired Immediate Insight with an eye towards bolstering its network security intelligence capabilities with real-time security event analysis.
Founded in 2012, Immediate Insight combines natural language, machine learning and correlation in an interface to find relationships and anomalies in data. The goal behind the deal is to help enterprises, government agencies and others better identify gaps in their network security infrastructure and improve incident response.
THE VAR GUY
FireMon has acquired security event analysis provider Immediate Insight for an undisclosed sum, the company announced.
FireMon expects the acquisition to create the industry’s first dedicated solutions offering that combines network security intelligence with real-time security event analysis, which will allow enterprises to identify security gaps in their network security infrastructure.
IT SECURITY GURU
FireMon has announced the acquisition of Immediate Insight to add proactive network security intelligence and real-time security event analysis to its portfolio.
Combining detailed network security intelligence with real-time security event analysis, the expanded capability will enable users to better identify gaps in their network security infrastructure, as well as triage any active compromise by automatically re-provisioning policies to prevent resulting attacks.
FireMon announced its acquisition of Immediate Insight today.
According to FireMon, with Immediate Insight, the security intelligence solutions provider has added speed comparable to a search engine as well as simplified analysis to its operational security event data.
Award-Winning Ignite Partner Program Fuels 55 Percent Sales Growth; Marquee Distribution Partnership With WestconGroup Leads Expanding Global Footprint
OVERLAND PARK, KS -(Marketwired – Mar 18, 2015) – FireMon, the industry leader in proactive security intelligence solutions, today announced that its award-winning Ignite Partner Program has fueled another record-setting year, delivering a 55 percent increase in total sales and triple-digit expansion across international markets.
There was a substantial increase in compliance with Requirement 1 Control 1.1, which has to do with the documentation of firewall standards. About 75 percent of organizations were compliant in 2014, compared to 51 percent in 2013. The ones who weren’t compliant were likely just listing all change tickets instead of documenting how the firewall feature was being used. The requirement’s goal is to map and analyze the specific configurations of these devices and ensuring the firewall is working properly, Jody Brazil, CEO of FireMon, told SecurityWeek. Brazil noted the failure to do so means there is no real world improvement to security.
Meeting the requirements of a global standard on payment card data security is putting pressure on IT teams and may be preventing them from protecting businesses’ commercially sensitive information and customer data, an IT security expert has said.
Firewalls, though an older security technology, still have a role as a foundational element of network security infrastructure, both today and in the future.
That’s the assessment from FireMon’s State of the Firewall 2014 Report, based on a survey of over 700 network security practitioners.
A new FireMon report, based on a survey of over 700 network security practitioners, reveals that firewalls remain highly strategic to organizations’ current and future security strategies – with an overwhelming 92 percent of respondents indicating that firewalls will stand as a “critical” component of their security infrastructures for the foreseeable future.
Demise of firewall is a long way off, according to recent survey results.
Firewalls still remain a crucial element within network security regimes. According to the Firemon survey, conducted among 700 IT security practitioners, only a scant 4 percent of organizations reported that firewalls are less critical than in years past or not critical at all. Meanwhile, 58 percent of organizations said that firewalls are as critical as they’ve always been. And 37 percent reported that they’re actually more critical now than they’ve ever been.
INFORMATION AGE: Insight and analysis for IT leaders
The firewall continues to play an important role in network security management, as part of a next-generation solution combined with cloud and SDN technology.
In a security landscape of dissolving perimeters and spreading attack vectors, the humble enterprise firewall is no longer considered very sexy. But the firewall is still the first line of defence, and as a new report on the state of the company firewall by security management firm FireMon indicates, it’s still alive and well.
FireMon Report Finds 90 Percent of Practitioners Still View Firewalls as a Strategic Security Pillar; Highlights Firewalls’ Significant Role in Securing SDN, Cloud and DevOps Environments
FireMon, the industry leader in proactive security intelligence solutions, today announced a new report that reinforces the firewall’s role as a foundational element of network security infrastructure, both today and in the future.
TECH RADAR PRO
Do you know who has access to your network?
Making headlines across the globe, security breaches have become a daily occurrence. As such businesses need to reassess the importance of ensuring the network is secure against potential third-party or supply chain partner data breaches, by understanding the level of access partners may have, without knowledge, into the network.
TECH TARGET: SEARCH SECURITY
In comparing UTM vs. NGFW, organizations find it difficult to see if there are differences between the two products or if it is just marketing semantics.
According to Jody Brazil, CEO of Overland Park, Kan.-based security management firm FireMon LLC, SMBs and remote office locations were attracted to the UTM, but larger enterprises tended to favor the NGFW to standalone devices throughout the network, minimizing the impact on firewall performance.
VIRTUAL STRATEGY MAGAZINE
In a survey of 725-plus security professionals that FireMon conducted in Nov. 2014 (and will publish in its inaugural “State of the Firewall” report) there seems every indication that practitioners regard existing firewalls as a central component of their evolving management strategies.
TECH TARGET: SEARCH SECURITY
A new report from FireMon finds that firewalls are still a critical security component, but firewall policy management is a major pain point for admins.
IT professionals still see firewalls as a critical component of network security, but are having trouble keeping up with labor-intensive firewall policy management.
KANSAS CITY, MO (KCTV)
Mark Carney, the vice president of strategic programs at Firemon, says the hack is just as scary as it seems. Firemon is a worldwide cyber security firm headquartered in Overland Park, KS.
“Healthcare is not new to hacking incidents,” Carney said. “Forty-two percent of breaches from last year were from the medical or health care industry.”
Network and security gear distributor Westcon Group has announced a distribution agreement with security vendor FireMon.
Westcon partners will have access to FireMon’s Security Intelligence Platform, which is described in the announcement as a “context-aware source of real-time network security intelligence”.
“While many companies have adequate security policies in place, most rely on reactive management processes that only fix problems after they’ve surfaced. In the current environment, this approach is simply too risky. That’s why FireMon delivers proactive insight into network security, compliance and risk – helping practitioners avoid issues before they occur,” said Todd DeBell, VP of Channels and Distribution, FireMon.
Kansas City Business Journal
“The cyber security space is hot right now,” said Gary Fish, executive chairman of FireMon LLC. “We were busting at the seams in Overland Park and obviously needed more space. I expect it won’t be long until we fill that space up as well. We’re looking at several different expansions over the course of 2015.”
Government Security News
As in previous years, the Government Security News Homeland Security Awards was divided into three broad categories of entries: Best Vendors of IT Security Products and Solutions; Best Vendors of Physical Security Products and Solutions; and Most Notable Programs, Projects and Initiatives of Federal, State, County and Municipal Government Agencies.
FireMon was considered finalists in a number of these categories.
“This information is effectively like giving the world a child’s treasure map, a very simple dotted line to follow with a big red X that says, ‘Treasure Here,’” said Jody Brazil, founder and CEO of FireMon, a security firm based in Overland Park, Kansas.
“They are going to have a very, very difficult time insuring that any actions they take to clean this is going to have any lasting effect,” he said.
“Shut it all down,” says Jody Brazil of FireMon. He says that throwing away the entire company isn’t a solution. But for now, he recommends shutting down all external communications and all Web access entirely (and bringing it back slowly and carefully), resetting all passwords, instituting change control, doing a massive assessment of all systems, and aiming to get business running appropriately again in weeks, not days. “It’s a very drastic approach,” he says, “but the right one.”
“As with any advanced malware, the discovery of Regin reinforces that it’s impossible to detect many of today’s cutting-edge attacks, and in cases such as this, often not until years after their initial distribution. Based on this reality, organizations need to maintain constant vigilance in terms of monitoring internal security controls, especially network segmentation. By ensuring that access is enforced properly such that sensitive data is only available to the appropriate set of applications and users, the impact of these threats can be mitigated, even when they’re actively present in the environment.”
Overall, v3 will help IT security pros in advancing the overall protection of their organizations, says Charles Danley, senior compliance engineer at FireMon. “The updated and new security controls are greatly improved and guidance now looks to ensure security is built into the business process for day-to-day operations, which people have often cited as a shortcoming of previous iterations of the standard,” he says. “In this sense, pursuing compliance will track more closely with the core goals of operational security, which is the right direction.”
Westcon Imagine 2014 – You’ve got your security technology in place and your SIEMs and logs – now you need an automated method to leverage those existing network security tools.
Enter security analytics, heralded by some as ‘the next big thing’ in IT security.
Fresh Business Thinking
This summer’s announcement from the government that all UK employees now have the right to request flexible working hours, giving them the opportunity to work from home, was a privilege that was previously only applicable to care workers or those with children.
There are good things and bad things about being a business leader. How can cloud help you free up time for the fun stuff? Sometimes being a CIO is like being a dentist. Even though it’s for their benefit, extracting information from users is as exhausting and painful as pulling teeth.
It is absolutely worth verifying with your vendors that they will support the new format, from vulnerability scanners, managers, GRC systems, patch management, and security intelligence platforms that all use CVE-ID¹s in one way or another,” says Jody Brazil, CEO of Firemon. Additionally, organizations need to think about home-grown systems that could be dependent on CVE identifiers.
Ruby Khaira, Sales Manager, FireMon, highlights how FireMon helps businesses to simplify, analyze, and manage their network security infrastructure.
Policy Optimizer uses a workflow approach to compliance rule automation. It is another tool that is following the trend of getting more than security admins involved in security. Using the workflow allows line-of-business owners, developers and operations people insight and say into what rules are in place and why.
Federal News Radio
Program will discuss: Progress Report on Continuous Monitoring, Profiles of Successful Continuous Monitoring Programs, Top Priorities with Continuous Monitoring, Lessons Learned, Challenges still to overcome, A Vision for The Future.
FireMon quickly painted a picture of our network in a way we can understand. FireMon enables us to efficiently and effectively assess our network for complexity and risk by monitoring our devices in real time.
FireMon is seeing strong momentum in its firewall policy management and network security analysis platform as businesses race to rip out legacy security appliances in favor of new gear with modern threat detection capabilities, the company’s Channel Chief, Todd DeBell, told CRN.
Over the next few years, new generation firewall technologies are likely to be integrated even further into the enterprises. Even advances like software defined networking are unlikely to diminish the need for firewalls, argues Jody Brazil, founder and CTO of security vendor FireMon.
In December 2013, Target, a large US retailer, was the victim of a severe data breach that left more than 110 million consumer credit card and personal data records exposed to hackers.
FireMon Security Manager is a Finalist for the “Best Risk/Policy Management” award at the SC Magazine Europe awards in London on April 29th.
Round Twelve: Best Risk/ Policy Management Solution
Most data breaches are not failures of technology, but of people, either because the correct policies were not in place, were not communicated or not followed. So what are the components of a policy that people will follow, that lets them do their job without compromising security at the least – and ideally, enhancing it? And what level of risk is acceptable for your business? Have you even calibrated your risk factors?
“You saw IT spending dip during the recession years, but you did not see security dip,” crackles the voice of Jody Brazil, CTO and Founder of FireMon from the boardroom phone. “it’s because security is seen as a must-have, and whilst IT is of course one too, it’s one that measured by ROI whilst security is measured more by ‘How scared are you?'”
Analysts and some security firms talked about the end of the perimeter, coining the abstruse term “deperimeterization.” Instead of going away, however, an organization’s security perimeter has simply become more distributed, says Jody Brazil, president and chief technology officer of FireMon, a configuration and policy management firm.
So how do private enterprises follow the government’s lead to implement this sort of continuous security monitoring? While decision makers could opt to purchase any number of commercial monitoring products from vendors like Symantec Corp., Tenable, TripWire Inc., FireMon Inc. among many others, chances are most enterprise networks have some version of the necessary tools in place to get started. However, before tools are discussed, let’s take a look at an important piece of the CSM planning process: device classification.
Business Computing World
Theorising what the most important IT security issues to address may be at any given time is always a highly subjective issue, particularly in this world of advocates, specialists and vendors fixated on their own particular piece of the puzzle.
However, inherent bias aside, based on the very nature of layered security and attack escalation there’s no question that network security sits at the very heart of it all. While a huge number of threats filter in through Port 80 and other avenues, if network security is properly aligned and continuously adjusted a lot of problems can be mitigated even if not altogether avoided.
A lawsuit accusing Facebook of mining private messages for information it can pass on to advertisers stands as a reminder to businesses that privacy is a relative word on a social network, experts say.
NetFlow analytic data is particularly great at detecting anomalous “hot-spots” of activity that could indicate existing issues or an active breach, says Jody Brazil, president and CTO of FireMon. “For example, NetFlow data can be leveraged to isolate compromised hosts by identifying those communicating with botnet command and control machines, or to highlight those hosts utilizing unusual ports,” Brazil says.
Improving criminal sophistication is another recurring theme. Matt Hines, product manager at FireMon, points to the continuing evolution of botnets as an example.
Theorising what the most important IT security issues to address may be at any given time is always a highly subjective issue, particularly in this world of advocates, specialists and vendors fixated on their own particular pieces of the puzzle… As such, here’s a rundown of the most pressing network security issues that remain heavily in play looking ahead into 2014, and for that matter, nearly all year round. Regardless of whatever area of security you’re focused on or the specific types of threats you seek to limit, if these specific areas are addressed more effectively, there’s much to gain and a lot less to lose.
January ushers in a new year, but the cybersecurity threats that come with it will for the most part look an awful lot like the ones agency IT managers already know. They will continue to morph, evolve and multiply to keep admins on their toes.
I recently conducted a cursory audit of our firewall rules using a tool called FireMon, uncovering several that aren’t utilized. I’m all for security and even more, redundant, security, but security measures that serve no real purpose don’t help.
Bernard Zelmans, general manager of EMEA at FireMon, said: “There have been few subjects that have stirred more controversy in information security than PCI DSS. Some say it has done more to raise the level of security preparedness of millions of merchants than anything before, whereas others claim it is responsible for dumbing-down security to a checkbox standard.”
IT Security Guru
Bernard Zelmans, general manager EMEA at FireMon, welcomed the changes as a move from a security check box posture to a more holistic risk management approach. “This will hopefully entail a more security centric approach to PCI compliance rather than the least common denominator approach of earlier versions of PCI,” he said.
Government Security News has announced its 2013 Homeland Security Awards finalists, and in some cases preemptive winners, in three different broad awards categories: Vendors of IT security products and solutions; Vendors of physical security products and solutions; and noteworthy achievements of federal, state, county and municipal government agencies.
FireMon a finalist for Best Continuous Monitoring Solution.
With the ever increasing threat of cybercrime knocking on one’s door, many large organisations are reliant on IT security teams to protect their vast network from attack. As many Chief Information Security Officers (CISOs) will attest, the larger the network, the more complicated the job. According to Gartner more than 95 per cent of firewall breaches will be caused by firewall misconfiguration, not firewall flaws.
As IT organizations seek to make better risk-based decisions about security practices, perhaps the number one component for success is the IT risk assessment. However, even when organizations actually conduct a risk assessment, they frequently fall prey to mistakes that can greatly devalue the exercise. Here are some of the most common blunders to avoid.
Vivemos na era da violação dos dados. Todos os dias há uma nova história sobre a invasão de uma rede, que termina no roubo de informação confidencial ou sensível. Números de cartões de crédito, dados pessoais, enfim, há uma miríade de informações que podem ser extraídas de forma criminosa de algum site ou serviço online. E tanto a indústria quanto a sociedade em geral não deixam de buscar uma saída para esse problema, que pode causar prejuízos na casa dos milhões. Estima-se que, no Brasil, este número ultrapasse os R$ 20 bilhões anuais.
Computer Business Review
FireMon’s CTO and founder, Jody Brazil, talks to CBR about where the blame lies with security breaches.
FireMon’s CTO and founder, Jody Brazil, debunks common myths about the data breaches that plague both the private and public sectors.
VitAL Security Magazine
To help you decipher fact from fiction, Jody Brazil, President and CTO of FireMon, reveals the biggest myths that exist about data breaches, and explains how and why they occur…
Global Security Mag
Philippe Lerer, FireMon : , les entreprises doivent déployer un outil de gestion pro-active des firewalls
FireMon était présent pour la première fois aux Assises de la Sécurité, afin de mieux se faire connaitre sur le marché français. Cet éditeur américain s’est installé en France, il y a moins d’un an afin de proposer ces solutions de management des firewalls. A l’occasion de sa participation FireMon présentait la version 7 de son produit. Pour Philippe Lerer, Regional Sales Manager, FireMon, les entreprises doivent déployer un outil de gestion pro-active des firewalls.
Britain raises the stakes in cyber warfare
According to Ruby Khaira of FireMon, “The real issue, as I see it, is being able to find enough computer experts to build an effective force, with a distinct shortage of security personnel within the private sector, this could be a very real problem. The MoD therefore will likely need to have a robust training plan in place to train those they hire for the cyber defence force, and will then need to offer a good enough package to keep those security professionals from moving to the private sector.”
Experts praise Pentagon’s march to security standards
Consolidation of the Defense Department’s 15,000 networks expected to cut costs, as well as improve security against Edward Snowden-like leaks.
The Pentagon’s decision to move its thousands of networks under a single security architecture is the right strategy to bolster defenses against hackers and malicious insiders, experts say.
SC Magazine UK
As the Bring Your Own Device trend continues to grow we are seeing that many people using their smartphones at work are blurring the lines between professional and personal use, which is creating an ‘always-on’ trend. This change in culture means that now more than ever people find themselves logging on and checking emails and working from home, or even abroad.
Added layers of complexity create even more interdependencies and need for systematic change management approach.
Private sector IT security pros weigh in on the evolution of the chief security officer role.
IT administrators may be the first line of defence against hackers eager to tap into companies’ networks. But even they may have some inaccurate beliefs about how hackers operate – and those can have frightening consequences for their businesses’ data.
The Data Chain
We live in the age of the data breach. It seems that every day we hear about yet another breach of a computer network resulting in the theft of confidential or sensitive information.
Computer Business Review
Ruby Khaira, regional manager for UK, Northern Europe and India at FireMon said: “Today’s security landscape is fast changing and organisations are failing to address the challenges that are being posed by sophisticated criminal enterprises.”
For a long time the lament about HIPAA was that it was a dog with no bite. Well, the reality of HIPAA fines are changing that perception rather quickly.
ITProPortal probed Matt Hines, Product Manager at Security Management company FireMon, about the very real security threats induced by the skills shortage and what can be done to mitigate it before it is too late.
SC Magazine UK
“The skills shortage is the same issue for everyone and with all budgets, as everyone has got the same problem with too much work and too few people. If you automate your employees you can move forward.”
Accountability for a data breach
In March 2013 the US Senate Select Committee on Intelligence named cyber risk as its top global threat. The committee said that the global system was dealing with uncertainty and doubt in the face of new and unpredictable cyber threats.
Bank Info Security
“Ninety-five percent of firewall breaches are caused by misconfigurations, not because of problems with the firewalls themselves,” Skurla says. “They’re a very proven technology … frequently not managed as well as they need to be because of the tremendous volume of activity going on around them.”
“This is not just ignorance or poor management” Brazil said. “Systems administrators are given the keys to the kingdom and entrusted not to do harm with it.”
Agencies can achieve a much bigger bang for their precious bucks by investing in better management of existing security assets.
We are nearly three months into sequestration, and the world – or even the U.S. government – has not ground to a screeching halt.
SC Magazine UK
With the ever increasing threat of cyber crime knocking on one’s door, many large organizations are reliant on IT security teams to protect their vast network from attack… But what happens when a breach has occurred? Can an individual be held accountable, or is it fair to put the responsibility entirely on your security team?
Wall Street Journal
FireMon Named to Homeland Security Today’s Rising 10 of 2013
FireMon, the leading provider of security management and risk analysis solutions, today announced that it has been named to Homeland Security Today’s Rising 10 of 2013. Recognizing the “Innovators and Game Changers” who serve the federal sector, FireMon was selected to represent the “Continuous Monitoring” category based on the company’s industry-first capabilities in continuous assessment of security infrastructure policy and risk posture.
“We do not see any immediate impact” on cybersecurity, said Jody Brazil, president and CTO of FireMon, an enterprise security management company. “In [the Defense Department] we see no impact whatsoever; cybersecurity is still a priority. In the other agencies it is less certain.”
“For an outside attacker gaining access to protected resources, ultimately the board room is going to be held accountable,” Brazil said. “They will want to push responsibility down through [their] organizations to the people requesting change [to technologies or systems]. That person should be held accountable and responsible for the security failures of those systems in the same way that they would be held responsible for the financial failure of a project.”
“In the physical sphere the U.S. is proud to have the best trained and best equipped fighting force in the world,” Brazil said. “This must be our mission in the cyber sphere as well and backed with real resources immune to budget battles. Technology can be used to better optimize the process and procedure of an active cyber defense, and can focus resources to ensure the most effective use of that budget. But in the end, technology can assist in analysis, but can never replace trained analysts.
“If the firewall is doing its job and dropping traffic, and you trust the technology that you have purchased, why are we focusing all of our attention on the traffic that is being dropped and not on the traffic that is getting through?” Brazil says.
Jody thinks that there are some common myths around firewall management that need to be debunked. In fact, look for more on that from FireMon soon. But among these Jody says FireMon’s own research shows that most attacks are not due to inadequate firewalls or the technology being obsolete. Most of the time it is due to misconfigurations that lead to successful breaches.
Product name: Security Manager Version 7.0 Key features: Enables security and operations teams to more effectively identify, understand and manage changes in security posture – in real-time. New capabilities include Continuous Assessment, Best Practice Modeling and Business Process Standardization. It is the first security and policy management platform to support the OMG’s BPMN 2.0 standard. More info.
The multiplication of internal firewalls to comply with regulations like PCI and minimize risk to critical databases and applications has created a rats nest of firewall configuration issues.
Many organizations now recognize this regulatory compliance conundrum and are responding with their pocketbooks. New enterprise investment in cybersecurity is now driving innovation in required areas like Advanced Malware Detection/Prevention (AMD/P, Damballa, FireEye, Sourcefire, and Trend Micro), big data security analytics (IBM, LogRhythm, PacketLoop, RSA Security, Solera Networks), and continuous monitoring (FireMon, Red Seal, Symantec).
Help Net Security
FireMon announced new capabilities in Security Manager 7.0 that improve organizational ability to identify, understand and manage changes in security posture – in real-time.
New features in the latest version are designed to help organizations quickly and efficiently manage changes, assess configurations and measure associated risks in real-time.
SC Magazine UK
Jody Brazil, president and CTO at FireMon, says: “We sweat bullets day in, day out to make sure our software is easy to use.”
Jody Brazil, president and CTO of network-device management firm FireMon, for example, likes to tell the story of one customer, a hosting provider, whose firewalls would seize up every week or so. The problem: Too many unnecessary and conflicting rules in their policies.
Bernard Zelmans, General Manager EMEA at IT security management product firm FireMon said: “Any initiative that helps encourage business executives to take proactive measures to identify what assets are at risk on their network versus reacting and patching after a breach has occurred can only be a good thing.
F. Ward Holloway, Vice President of Business Development at FireMon, says he will be supportive of Obama’s order if it amounts to a “concrete action plan to help reduce and eliminate breach events” that are occurring daily and receiving more public attention. “Specifically, there needs to be a commitment to moving to a proactive versus reactive network security posture,” says Holloway. “The technology already exists to do this.”
A remediation plan would be a good step forward to Richard Towle, head of federal markets at FireMon. “If not for a troubling history preceding this incident, this report could be seen as an opportunity to improve,” Towle says. “If classified information was truly not compromised, the organization could use what was taken to inform themselves about risks in the “reach-ability” of critical assets and associated access vulnerabilities.”
IT Security Teams Should Focus on Security Resolutions Rather Than Security Predictions
The well-established and saturated firewall market has been a channel mainstay that has enabled partners to create entire practices and build out service revenues for decades.
But a lesser known derivative springing from the firewall market is the growing niche of firewall management. And while it remains relatively small and specialized, increasing network complexity coupled with a more sophisticated spate of threats, promise to give the market a swift upward boost.
Key Features: Access Path Analysis allows Security Manager customers to proactively predict and forensically record network packet flow and obtain detailed path analysis for more effective risk analysis and better informed remediation activities. FireMon Insight combines a Web-based Dashboard with a new FireMon Query Language to enable an ability to visualize the current state of network and security configuration.
Kansas City Business Journal
Belated, but widespread, adoption of cyber security software will help FireMon LLC more than double its revenue to about $20 million this year.
Access Path Analysis complements FireMon’s Risk Analyzer, which sniffs out potential risks in an organization’s network. Access Path enhances risk management by tracing the potential traffic routes, identifying the weakest links and providing guidance for redirecting to more secure avenues.
Putting sophisticated hackers aside, having systems on your network vulnerable to aged and well-worn exploits also makes your organization a target to the much larger population of opportunistic attackers, as well,” said Matt Dean, the chief operating officer at the security firm FireMon. “Many of the attacks we see are more about (attackers) finding things that can be exploited, and that they know how to exploit than they are about targeting a specific company,” he said.
Firemon etwa bietet mit dem Security Manager 6.0 Risikoanalyse und -bewertung, Konfigurationsmanagement sowie Durchsetzung und Auditing von Netzwerkgeräten wie Firewalls, Routern, Switches und Loadbalancers. Das Tool nutzt verteilte Datenkollektoren und soll in Echtzeit die Auswirkung von Veränderungen beispielsweise an Policies identifizieren, einzuschätzen und korrigieren.
“The biggest challenge in network security today is matching the pace at which new threats are launched, morphed, and adapted. Existing network security controls are often an ineffective countermeasure, largely because manual configuration is time-consuming, and the management information necessary to correctly react is locked in disconnected systems,” said Jody Brazil, president and CTO of FireMon. “While SDN presents a great opportunity for rethinking connectivity it is also an opportunity to
Companies need visibility in two ways: They need to know what devices employees have and how those devices affect their risk, says Matt Dean, chief operating officer at FireMon, a security management software company. “You want to manage and control the risk that you’re exposed to, so if a mobile device shows up on your wireless network, you understand what risk it poses to your network,” he says.
Threats are increasing and becoming more targeted and aggressive, says Matt Dean, COO of security vendor FireMon. “Certainly part of that response for most organizations are the people who prepare for, detect, and respond to threat activity,” he says. “Skills in network risk assessment, application security, and forensic analysis continue to be in very high demand. As organizations shift from a reactive mode to a proactive security stance, skills in assessing network posture and application v
FireMon’s Bernard Zelmans says MSSPs can build trust by being transparent about their work
FireMon’s tools are designed to help you more effectively manage network security gear by giving you visibility into what the tools are doing/how they are configured and how they interact with other systems in the security ecosystem.
Matt Dean, chief operations officer for FireMon, agreed, saying that he often sees corporations make security compromises in Internet-enabled business applications. ‘They are constantly balancing security with usability, the ability to access this data when and where people need to,’ Dean said.
Azlan expands its offering in UK
Azlan, the enterprise networking business unit of Computer 2000, has added FireMon’s range of network security solutions to UK VARs. FireMon’s solutions enable enterprise and public sector customers to assess vulnerabilities and to defend networks from external threats.
The value-added resellers and managed services providers in the UK will be offered the company’s analysis and policy and configuration management solutions, as it says.
The agreement with Azlan is the US firm’s first UK distribution deal. Mark Corrigan, head of enterprise and Access Networking at Azlan says the new signing complements its existing vendor relationships “very well indeed”. He says: “For our customers addressing the enterprise and public sector markets, security and policy management is a growing opportunity.
US-based firewall management vendor FireMon has appointed its first UK distributor eight months after touching down on this side of the Atlantic.
FireMon has granted Azlan access to its full range of network security solutions, including its recently launched FireMon Security Manager 6.0.
Well-entrenched and decades old, the traditional firewall market is undergoing dynamic changes driven by demand for mobility, virtualization and cloud. Users need next-generation firewalls to handle these complexities, but they are resistant to change. Channel partners will find great sales opportunities if they can help their customers understand the need for next-gen appliances.
IT Security Pro
FireMon says Olympics creates a unique challenge for IT security professionals
The Olympics may be allowing a large number of people to work from home over the weeks of the Games, but Juan Lyall, EMEA channel manager with FireMon, says that it also creates a number of challenges for the IT security staff in their organisation, who may be inadvertently opening the corporate computer platform to an attack.
Bernard Zelmans, General Manager EMEA for FireMon, has some cautionary words of warning about what to look out for if you are going to allow your staff to work from home during the Olympics.
Remote working during the Olympics raises a number of serious access management challenges, according to security management provider FireMon’s general manager EMEA, Bernard Zelmans.
Two new products that were demonstrated at the Black Hat 2012 security conference use different techniques to try to prevent cyber-attackers from penetrating enterprise networks.
SC Magazine UK
No business should be under-prepared for the effect of the Olympics, but the issue could be the delivery of applications and services to remote workers.
Firewalls are a mature technology and yet their administration has evolved very little in two decades… …poor firewall management defeats the purpose of change by ineffectively controlling access and limiting visibility; poor management also increases the cost associated with security management. Changes in general, whether to a firewall, router, application or any other part of the IT infrastructure…
Is the linchpin of security a victim of its own success?
The Department of Homeland Security, through its Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), issued a warning last Friday about security vulnerabilities in the Tridium Niagara AX Framework, a popular software platform that integrates various control systems and devices and allows them to be managed over the Internet.
The VAR Guy
Security management and risk analysis solutions specialist FireMon announced its flagship security policy and posture management solution, Security Manager, has been designated “McAfee Compatible” for its integration with McAfee Firewall Enterprise V8.
If IT security departments want to truly meet the risks posed by today’s advanced threats, they need to get more scientific with how they develop their strategies. Because based on the breach statistics and malware infection rates, the old methods aren’t even close to adequate, security experts warn.
CSOs are mixing an assortment of technologies, approaches and policies to shore up defenses on the changing corporate boundary…
…FireMon key to Accor’s policy administration.
Product name: Security Manager Version 6.0 Key features: The first security policy and posture management solution that fully integrates comprehensive risk analysis with configuration management, enforcement and auditing of network devices like firewalls, routers, switches and load balancers. Gives enterprises the visibility to understand the scope of business vulnerability and prioritize the proactive defense of critical assets. More info.
The FireMon Security Manager with Policy Manager and Risk Analyzer is the ultimate policy and risk management tool.
FireMon Security Manager 6.0 Delivers Integrated Risk Analysis and Policy and Configuration Management Solution for Network Security
FireMon Security Manager 6.0 Offers the Only Fully Integrated Risk Analysis
FireMon delivers Industry-first complete security posture management
Help Net Security
FireMon has rolled out the next rev of its security management and risk analysis platform. FireMon Security Manager 6.0 provides extended capabilities around risk analysis, configuration management and policy enforcement, plus the auditing of firewalls, routers, switches, load balancers and other devices on the network. The net result is a high level of visibility into overall network security and the defense of critical assets.
Detecting a threat does little good if the targeted company is not ready to respond. Security experts weigh in on ways to speed a business’ response to threats
FireMon at Check Point Experience 2012: Fact-Based Network Security and Posture Management
Presentation to Address Advanced Firewall Management and Risk Visibility Solutions
FireMon, the firewall management vendor spun-off from security integrator FishNet Security, reported 50 percent year-over-year sales growth in 2011 that propelled it to profitability. It also reported a “dramatic” growth in new customers.
Firewall management vendor FireMon is launching a European channel assault after hiring its first heads in the region.