see more

Resources

Get to know us better! Gain valuable insights into how we think by visiting our blog, or take a look at the industry events we're frequenting on our events page. You can also geek out with us by attending one of our security management webinars, or dive head first into the products and solutions we provide in our Resource Library. There's lots to keep you busy! 

Untitled-64

Blog



Gartner’s Recommendations for Security Policy Configuration Assessment Part…
Nov 15, 2017
Gartner research has uncovered a number of security policy challenges for enterprises. Among these challenges are the typical assessments necessary to fortify policy for compliance…
The Do's and Don'ts of Firewall Audit Tools
Nov 06, 2017
Opinions are like noses, so the saying goes. Everyone has one. Network Security Policy Management (NSPM) is an area where the voices are loud, but…
Why FireMon Continues to Dominate Network Security Policy Management (NSPM)
Nov 03, 2017
When looking at Network Security Policy Management (NSPM), it is important to observe the capabilities of prospective vendors. These capabilities become the automated core competencies…
Organizations play blame game over cloud data protection responsibility
Oct 30, 2017
A survey by Veritas Technologies last week revealed a startling stat about who organizations believe should be responsible or held accountable for data protection in…




Events

Webinars

Nov 09, 2017 6 Steps for Firewall Assessment for Compliance and Security
Don’t let the pendulum swings fool you; firewalls are not dead, and the perimeter still matters. But in addition to the perimeter we recognize the need for more internal segmentation to limit lateral movement and protect segregated zones like the red forest. So, we need and probably should have more firewalls than ever.
View
Oct 31, 2017 Think GDPR Doesn't Impact You? Think Again...
Companies across the globe are scrambling to meet the new compliance directives that are imposed by the European Union’s General Data Protection Regulation (GDPR) set to go into effect in 2018. If you’re thinking, “I’m not in the EU, so it doesn’t matter”, think again.
View
Sep 26, 2017 GDPR: Security Management Best Practices You Need to Know
In this webinar, FireMon’s resident GDPR expert, Tim Woods, will help lay the groundwork for a plan to comply by the 2018 deadline. We’ll also cover the vital role security management plays in protecting data from the start, including these specific capabilities you need to comply with Articles 25, 32, 35 and 58.
View
Sep 21, 2017 Quantify the Network Attack Surface to Improve Incident Response and Threat Detection

Many threat investigations begin with responders working to understand possible threat vectors on the network that could explain malicious activity. One powerful way to improve the efficiency of our responders is to help them understand the network attack surface as configured attack paths that represent potential exploit paths.

On Sept 21st we’ll share how FireMon’s Risk Analyzer and Immediate Insight products bring together threat investigation and attack path analysis to accelerate incident response and threat detection.
View

News

Sep 05, 2017
SAO v. SIEM Security Suites: And the winner is...
TechBeacon
Aug 30, 2017
Jimmy Nukebot Explodes on the Scene, Transforming NeutrinoPOS
Info Security
Aug 17, 2017
The Top Security Challenges for 2017
SC Magazine
Aug 14, 2017
Creditseva, KS Enterprises Breaches Highlight Need for Improved Cloud Security
eSecurity Planet
Jul 31, 2017
What is IT governance? A formal way to align IT & business strategy
CIO.com
Jul 28, 2017
How organizations can work toward GDPR compliance
Information Management
Jul 09, 2017
4 Signs Check Point Software's Best Days Are Ahead
Motley Fool
Jun 07, 2017
Qakbot malware from 2009 returns, causes Active Directory lockouts
SC Magazine UK
Jun 06, 2017
Botched security: Celebrities, other patients, affected after plastic surgery files are breached and stolen
SC Magazine
Jun 06, 2017
Election cyberattack proves people are still the biggest flaw
SearchSecurity
Jun 01, 2017
250K Photos Leaked in Cosmetic Surgery Extortion Attack
Info Security
Jun 01, 2017
OneLogin Breach Reignites Concerns over Password Managers
Dark Reading
Jun 01, 2017
OneLogin Breach Reignites Concerns over Password Managers
Dark Reading
May 29, 2017
How to manage the Complexity Gap
IT Pro Portal
May 26, 2017
Hackers upgrading malware to 64-bit code to evade detection
SC Magazine UK
May 25, 2017
83 percent of security staff waste time fixing other IT problems
Betanews
May 24, 2017
Unsanctioned Computer Support Costs Companies $88K per Year
Dark Reading
May 23, 2017
WannaCry Successor Is New ‘Doomsday’ SMB Worm That Uses 7 NSA Hacking Tools
Information Security Buzz
May 23, 2017
WannaCry? Not really. A report from the 11th Eskenzi PR IT Analyst and CISO Forum
Computer Weekly
May 18, 2017
Cisco Warns Of Un-Patchable WannaCrypt Vulnerabilities
Information Security Buzz
May 16, 2017
Here comes the cloud...and it's all right
SC Magazine
May 15, 2017
10 ways cyber security will evolve in the face of growing threats
Information Age
May 12, 2017
Managing Complexity Is No. 1 Security Challenge in FireMon’s Annual State of the Firewall Report
Computing Security
May 12, 2017
Sabre Breach
Information Security Buzz
May 12, 2017
FireMon Announces Industry’s First Intelligent Cloud Security Management Solution
IT Security Guru
May 12, 2017
FireMon Releases Third Annual State of the Firewall Report
Dark Reading
May 12, 2017
WikiLeaks drops 'Grasshopper' documents, part four of its CIA Vault 7 files
Wired
  See all news from 2017



May 30, 2012

FireMon Delivers Industry-First Complete Security Posture Management -- From Risk Analysis through Remediation

FireMon Security Manager 6.0 Offers the Only Fully Integrated Risk Analysis and Policy and Configuration Management Solution for Network Security OVERLAND PARK, KS — May. 30, 2012 FireMon, the leading provider of security management and risk analysis solutions, today announced FireMon Security Manager 6.0. This major upgrade represents the industry’s first security policy and posture management solution that fully integrates comprehensive risk analysis with configuration management, enforcement and auditing of network devices like firewalls, routers, switches and load balancers. This gives enterprises, government agencies and managed security service providers (MSSPs) unparalleled visibility to understand the scope of business vulnerability and prioritize the proactive defense of critical assets, while maintaining a high confidence that their security infrastructure is free of human error or incompatibilities between policies and protection. A surge in conversation and excitement around next-generation firewalls (NGFWs) and security infrastructures has overshadowed a shocking lack of visibility into how change – from software patches to access changes to new system deployments – has a domino effect that can open up silent vulnerabilities across a network. Security operations personnel are challenged daily to understand the interdependencies in a complex morass of legacy and new devices, and software, and the implications and potential for error they represent. A recent example of this occurred last month, when Medicaid and social security information of 780,000 citizens in Utah were exposed due to misconfiguration and ineffective access control. Even for those companies that have implemented some level of policy/configuration management, the data deluge and ability to trace the paths and assets that are at risk remain a challenge for many. The solution lies in the ability to automatically identify, assess and remediate the impact of change or misconfiguration on security policy and controls in real-time, and combine that with mechanisms that integrate comprehensive risk analysis to provide quantifiable and actionable intelligence to focus efforts on the most critical issues. FireMon Security Manager provides policy and configuration management, enforcement and auditing of network devices such as firewalls, routers, switches and load balancers, while monitoring for and alerting on configuration changes. Security Manager also assesses current configuration settings and audits these against best practices and compliance standards – and provides extensive options for remediating configuration issues. With the addition of a new patented risk analysis engine, Security Manager can now analyze the accessibility of any vulnerabilities from threat sources, measuring the impact, depth and risk of a potential attack. The integration allows Security Manager to evaluate, visualize and simulate attack paths throughout the network to assist security teams to quantify risk and prioritize remediation. In addition to traditional vulnerabilities detected by popular vulnerability assessment (VA) scanners, Security Manager can also incorporate penetration test results with Rapid7 Metasploit and factor proven exploits into its risk scoring. The risk analysis engine technology, obtained through the April 2011 acquisition of MIT Lincoln Labs startup, Saperix Technologies, has been deployed for more than a decade, is in use in demanding civilian and DoD environments, and is the fastest and most scalable automated risk analysis technology on the market today. “The growing complexity of networks and the increasing sophistication of adversaries have driven imperatives for better intelligence and focus in network security management,” said Jody Brazil, President and CTO of FireMon. “Any network change – from M&A integration to user, application or access changes to software updates – can cause issues from system failure to exposure of critical assets. FireMon’s hallmark has been its ability to understand and manage the implications of change in large organizations. Now, with the ability to rapidly analyze and map specific risk scenarios, we can enable security teams to better plan for change, and more effectively prioritize proactive efforts to defend their critical information assets.” FireMon Security Manager has set the standard in the industry as the most scalable platform for security policy and posture management. Its robust, distributed architecture deploys a single application server for central management and reporting. With remote, agent-less data collectors for additional monitoring capacity, Security Manager can monitor thousands of devices in a single deployment and supports a broad range of security and network devices. Security Manager’s role-based access permissions model allows for fine-grain control of user access permissions. Security Manager’s open architecture and online Nexus community enable users to create and extend analysis capabilities to meet any compliance reporting objectives or model policy impact based on each customer’s specific business needs.

About FireMon

FireMon provides enterprises and government with security management software that gives them deeper visibility and tighter control over their network security infrastructure. The FireMon solution set - Security Manager, Policy Planner and Risk Analyzer - enables customers to identify network risk, proactively eliminate those vulnerabilities and strengthen security throughout the organization, and reduce the cost of security operations and compliance. Together, they create a highly-effective and consistent solution for efficiently managing security operations. For more information, visit http://www.firemon.com. Follow us on Facebook, Twitter, or LinkedIn, or on our blog.

Resource Library

Audit Compliance

Datasheets

Policy Change

Solution Briefs

Policy Change

White Papers

Visibility Monitoring Management

Analyst Reports

Policy Change

Case Studies

Security Manager
Overview of FireMon’s Flagship Firewall Management Solution
Policy Planner
Overview of FireMon’s Change Automation Solution
Policy Optimizer
Overview of FireMon’s Rule Recertification Automation Solution
Risk Analyzer
Overview of FireMon’s Attack Simulation and Risk Measurement Solution
Immediate Insight
Overview of FireMon’s Immediate Insight Solution
Intelligent Security Management
Delivering next-generation security management that boosts productivity and accelerates the agility of business
Intelligent Policy Automation
Intelligent Policy Automation: Orchestrating Change Management with Speed and Security.
Hybrid Cloud Management
Visibility into and control over Cloud Services, including AWS and OpenStack Platforms
Accelerated Incident Response
Immediate Insight in action - Orchestration, automation and analytics for data assembly and discovery
Change Simulation & Risk Scoring
Proactively reduce risk based upon network exposure and host accessibility
Check Point Solution Brief
FireMon solutions and Check Point
Cisco Solution Brief

FireMon’s Intelligent Security Management platform enables users with Cisco Systems switches, routers and firewalls (Pix, ASA, FirePower) to work smarter, applying intelligence to the entire security program

Fortinet Solution Brief
FireMon solutions for Fortinet
Juniper Solution Brief
FireMon solutions for Juniper
NSX Solution Brief
FireMon solutions for NSX
Palo Alto Solution Brief
FireMon Solutions for Palo Alto
Planning Considerations for Compliance with GDPR
The GDPR deadline is approaching quickly. If you haven’t started your GDPR journey yet, now is the time.
2017 State of the Firewall
Networking continues to evolve, yet the firewall remains critical to securing today’s enterprises. FireMon is proud to present its 3rd Annual State of the Firewall Report
Firewall Cleanup Recommendations
The implications of firewall policy complexity, why it remains a problem today and how to resolve it.
Risk Solved: Automated, Real-Time Risk Analysis & Remediation
Risk analysis with real-time change configuration is key to managing security risks in your IT infrastructure.
Real-Time Data Triage
Our Immediate Insight platform from FireMon can help organizations overcome the limitations and gaps inherent to the current analytic market.
Bridging the SIEM Alert Triage Gap
Immediate Insight enables security teams to improve event triage and incident response, extending the value of your existing full-featured SIEM.
Automation Isn't One-Size-Fits-All
Intelligent Policy Automation
Intelligent Security Management

Helping Enterprise Security Teams Improve Resource Efficiency & Reduce Overall Risk Exposure

The Top 5 Myths of Data Breaches
Five of the biggest myths that exist about data breaches, and explain how and why they occur.
Firewall Sprawl: Top Four Security Gaps Exposed

Firewall technology has come a long way since its initial, most rudimentary forms. Next-Generation Firewalls (NGFW) are the latest development, and organizations are accelerating adoption to the new technology. But NGFWs aren’t a fix-all solution.

2016 State of the Firewall
2nd Annual State of the Firewall Report based on survey of 600 IT security practitioners.
Avoid These 'Bottom Ten' Networking Worst Practices
Gartner
Overcoming the Complexity Gap
Bloor
When You Can't Patch It, Protect It from the Network
Gartner
Firewall Sprawl
Aberdeen Group
Quantifying the Value of Intelligent Security Management
Aberdeen Group
Security Analytics Brings Data-Driven Security Into the 21st Century
Forrester
Automate Zero Trust Policy and Enforcement
Forrester
The Return on Security of FireMon’s Security Manager
IANS
Large Healthcare Provider
The customer sought a data analysis tool to correlate application data with network and security data to spot service-impacting anomalies. They did not have an accurate picture of interoperability between applications and the underlying infrastructure.
Major Airline
Following a merger with another airline, this customer was left managing a large number of firewalls and routers from different security vendors using a home-grown application.
National Insurance Provider
This national insurance provider had three problems to tackle regarding their firewall policies. First, the number of rules under management was overwhelming staff and processes. They needed to increase visibility and effectiveness of their firewall change request/workflow ticketing process. And they also need help maintaining compliance PCI DSS requirements.
Managed Service Provider
Each time this Global MSP engaged a new customer, they had to onboard the firewalls – sometimes hundreds per engagement – into their network. Part of the onboarding process required assessing the policies against internal best practices – a manual, line-by-line process that took an average of 16 hours/firewall and was extremely error-prone.