Connect with us

Hi, what are you looking for?


Network Security

FireMon Adds Continuous Assessment to Security Management Solution

FireMon, a provider of security management and risk analysis solutions, this week announced the latest version of its security policy and posture management solution, Security Manager Version 7.0.

FireMon Logo

FireMon, a provider of security management and risk analysis solutions, this week announced the latest version of its security policy and posture management solution, Security Manager Version 7.0.

FireMon Logo

New features in the latest version are designed to help organizations quickly and efficiently manage changes, assess configurations and measure associated risks in real-time.

The new capabilities apply best practice models gained from its knowledgebase and library of hundreds of assessment controls to evaluate device configurations and network access policies. As a result, the company says, customers can more rapidly and effectively identify, assess and prioritize configuration and compliance with a higher level of automation.

“Organizations live in a constant state of change — from infrastructure evolution and device sprawl, to business and personnel upheaval,” FireMon said. “While point-in-time security and vulnerability assessments can provide a current snapshot of exposure, one employee addition/departure, a new VM or a change to a firewall rule can immediately render an assessment moot.”

With the goal of providing a continuous and real-time posture ‘reality check’ that prevents errors in oversight, core enhancements to Security Manager 7.0 include:

Continuous Assessment – Active and continuous assessment of compliance and security posture to analyze and trend the effects of administrative and environmental changes in the enterprise.

Best Practice Modeling – Moves from primarily device-centric to control-centric monitoring via prepackaged assessments from the FireMon knowledgebase, or custom assessment definition. Provides a higher-level view of data for quicker, more comprehensive assessments and a better understanding of the implications of change over time. 

Advertisement. Scroll to continue reading.

• Business Process Standardization – In addition to announcing Security Manager 7.0, the company launched Policy Planner Version 3.0, a policy and risk management solution that now supports the Business Process Model and Notation (BPMN) 2.0 standard, which has been adopted by other technology vendors including Accenture, Capgemini, France Telecom, IBM, Oracle, Red Hat Software, SAP AG and Unisys. Building on the BPMN 2.0 standard enables integration to existing business processes and solutions of FireMon’s firewall tools such as rule recommendation and analysis.

“While the old adage of ‘learn from your mistakes’ holds true in every job, the implications of even minor mistakes in security can have far reaching consequences — and more so the longer they go undetected,” said Jody Brazil, president and CTO of FireMon. “And dangerous mistakes aren’t limited to misconfiguration. Small, even valid, changes can have unexpected and unpredictable cascading effects farther along a network path.”

“If you have a good understanding of what the security technology that you’ve already paid for is doing, you can get a good idea of where your gaps exist,” Brazil previously told SecurityWeek. “By integrating real-time information and risk analysis into the platform, you have continuously up-to-date information about your network.”

Both Security Manager V7.0 and Policy Planner V3.0 are scheduled to be available in early Q2 2013, with pricing starting at $20,000.

Related: Configuration Mistakes Make for Costly Security Gaps

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Network Security

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud,...