Security integration must be simple, flexible and customizable

Josh Williams

Today, FireMon announced the ability to extend intelligent security automation to the cloudThis benefits our customers in that we‘re able to give them a single platform that continues to be infrastructure agnostic. This required a lot of integration work behind the scenes, but we felt it was important that we continue to offer our customers enhanced abilities to maximize existing investments. 

Those investments encompass many separate tools for managing multiple on-premise and cloud environments, devices such as switches and routers, and DevOp tools. There’s also a need for depth of integration  customers want two-way sharing of data between security devices, platforms, and applications so they can enable security more quickly. 

The growing scale and complexity of hybrid cloudsthe rise of DevSecOps and digital transformation efforts all demand faster security integration that enables the exchange of intelligent information for effective automation.  

Not only must integration be easy, but it must also be enterprise-grade and meet business expectations.  

Easy-to-use APIs better align DevOps and security 

FireMon’s annual State of Hybrid Cloud Security survey cements the need for better integration. It emphasizes the use of multiple, siloed tools and lack of automation as an ongoing challengeand that relationships with DevOps/Application teams aren’t improving  they’re either difficult or non-existent. 

Simplifying integration can go a long way to helping CISOs maximize existing security investments in third-party and multi-vendor security stacks. Lines of business are putting pressure on the speed of service delivery, and Chief Digital Officers are seeking to unify multiple platforms across versions, geographies, and domains as part of their digital transformation efforts. 

Similarly, DevOps teams want to integrate and monetize multiple tools across the security stackThey’re also reviewing tools that overlap and cut out tools so they can offload functions somewhere else. However, even when there’s a will, there’s not always an easy way. Inflexible APIs that are difficult to use often leads to costly professional services engagements and vendor support for help. Integration efforts are even abandoned completely if APIs are too complex. 

Because IT teams already have multiple tools to manage security, any new tool must integrate with what they have and supplement their functionalityThey want flexible platforms that support both out-of-the-box and custom integrations with third-party tools and two-way data sharing without additional complexity. 

If we want DevOps teams to be better aligned with security policy, they can’t be spending too much time grappling with APIsUnique customizations must be supported with easy drag-and-drop interfaces so they can be productive, and APIs must be able to provide all the data they want, whether they pull it from the cloud or on-premise. Ultimately, security architects and DevOps teams need to see value quickly from any new tool 

Integration that supports automation and customization 

Just like firewall changessecurity professionals would want most integrations to be automaticbut also have the option for partial or full customization for specific use cases. 

FireMon offers a broad set of APIs to support those deployment options, directly or through partnersDevelopers can leverage our robust APIs by connecting to them via clicks using the SwaggerUI or code. Using OpenAPI makes it easier to collaborate on the APIs, avoid errors during the coding process and ensure easy customization and quality. 

For out-of-the-box integrations, FireMon has focused on key platforms with which our customers want to easily connect. 

  • Microsoft Azure: FireMon’s integration enables customers to maintain continuous visibility and control even as public cloud workloads move and regroupSecurity policies are normalized and unified into a single view across the Azure public cloud and onpremise with monitoring, alerting, and observability for complex environmentsFireMon also supports Azure Marketplace application security groups.  
  • CISCO ACI: This integration enhanceCisco APIC’s capabilities for discovery and dynamic management of security policies across physical, virtual, and cloud deployments with defined access controls in simple interface. Our integration further reinforcesecurity controls through dynamic policy management and automation that reduces misconfigurations.  
  • ServiceNow: Integration with ServiceNow enables customers to log in and track change tickets without switching between ServiceNow and the FireMon tools. The ServiceNow workflow can be used to control the lifecycle of security policy-related changes with minimum disruption to IT services. Integration with FireMon’s Global Policy Controller speeds up the change management process. 
  • Swimlane: This integration enables security personnel to triangulate SOAR analytics with FireMon’s real-time visibility across known and unknown networks, including the cloud, providing continuous security control across traditional and virtual platforms. Policy management changes are accelerated while manual errors are reduced, and device rules no longer in use are automatically cleaned up. 

These enterprise-grade integrations leverage FireMon APIs that are flexible and easy to use, but they’re complemented by deep integration capabilities that enable DevOps to use their own toolchain for all integrations. FireMon’s RESTful APIs can integrate deeply with multiple tools across the enterprise security stack and configure flexible workflows 

Most of the time, security teams want out-of-the-box integration with common platforms for maximum automation, but FireMon’s APIs also enable the flexibility to code custom integrations quickly, complete with robust two-way data sharing and automation.