FireMon Security Manager 6.0 Integrates Risk Analysis, Policy and Configuration Management Solution

FireMon’s security posture management solution tackles risk analysis through remediation.

Note: ESJ’s editors carefully choose vendor-issued press releases about new or upgraded products and services. We have edited and/or condensed this release to highlight key features but make no claims as to the accuracy of the vendor's statements.

FireMon, a security management and risk analysis solutions provider, is now shipping FireMon Security Manager 6.0. This major upgrade to the security policy and posture management solution fully integrates comprehensive risk analysis with configuration management, enforcement, and auditing of network devices (such as firewalls, routers, switches, and load balancers). This helps enterprises, government agencies, and managed security service providers (MSSPs) understand the scope of business vulnerability and prioritize the proactive defense of critical assets while maintaining a high confidence that their security infrastructure is free of human error or incompatibilities between policies and protection.

A surge in conversation and excitement around next-generation firewalls (NGFWs) and security infrastructures has overshadowed a shocking lack of visibility into how change -- from software patches to access changes to new system deployments -- has a domino effect that can expose silent vulnerabilities across a network. Security operations personnel are challenged daily to understand the interdependencies in a complex morass of legacy and new devices, software, and the implications and potential for error they represent. A recent example occurred last month, when Medicaid and Social Security information of 780,000 citizens in Utah were exposed because of misconfiguration and ineffective access control.

Even for those companies that have implemented some level of policy/configuration management, the data deluge and ability to trace the paths and assets that are at risk remain a challenge. The solution lies in the ability to automatically identify, assess, and remediate the impact of change or misconfiguration on security policy and controls in real-time, and combine that with mechanisms that integrate comprehensive risk analysis to provide quantifiable and actionable intelligence to focus efforts on the most critical issues.

FireMon Security Manager provides policy and configuration management, enforcement, and auditing of network devices such as firewalls, routers, switches, and load balancers while monitoring for and alerting on configuration changes. Security Manager also assesses current configuration settings and audits these against best practices and compliance standards and provides extensive options for remediating configuration issues.

With the addition of a new risk analysis engine, Security Manager can analyze the accessibility of any vulnerabilities from threat sources, measuring the impact, depth, and risk of a potential attack. The integration allows Security Manager to evaluate, visualize, and simulate attack paths throughout the network to assist security teams to quantify risk and prioritize remediation. In addition to traditional vulnerabilities detected by popular vulnerability assessment (VA) scanners, Security Manager can also incorporate penetration test results with Rapid7 Metasploit and factor proven exploits into its risk scoring. The risk analysis engine technology, obtained through the April 2011 acquisition of MIT Lincoln Labs startup Saperix Technologies, has been deployed for more than a decade, is in use in demanding civilian and Department of Defense environments, and is the fastest and most scalable automated risk analysis technology on the market today.

FireMon Security Manager is a scalable platform for security policy and posture management. Its distributed architecture deploys a single application server for central management and reporting. With remote, agent-less data collectors for additional monitoring capacity, Security Manager can monitor thousands of devices in a single deployment and supports a broad range of security and network devices. Security Manager’s role-based access permissions model allows for fine-grain control of user access permissions. Security Manager’s open architecture and online Nexus community enable users to create and extend analysis capabilities to meet any compliance reporting objectives or model policy impact based on each customer’s specific business needs.

More information is available at

Must Read Articles