Security Experts:

FireMon Integrates Risk Analysis and Configuration Management

FireMon Security Manager 6.0 Delivers Integrated Risk Analysis and Policy and Configuration Management Solution for Network Security

FireMon, a provider of security management and risk analysis solutions, this week announced the latest version of its security policy and posture management solution, FireMon Security Manager 6.0.

The upgrade brings a solution to the table that combines risk analysis with configuration management, enforcement and auditing of network devices such as firewalls, routers, switches and load balancers.

FireMon Logo

The Overland Park, Kansas-based company says that as a result of having risk analysis and configuration management tied together, customers are able to gain visibility and understand the scope and business impact of vulnerabilities, and prioritize the defense of IT assets with peace of mind that their security infrastructure is less likely to have costly configuration errors.

[Also See: Configuration Mistakes Make for Costly Security Gaps

As enterprises rush to adopt new technologies such as next-generation firewalls, and other security and network appliances, managing security policy and configuration changes can be challenging, especially for organizations with larger, distributed networks. To help address these challenges, FireMon Security Manager helps IT teams automatically identify, assess and remediate the impact of change or misconfiguration on security policy and controls in real-time.

“If you have a good understanding of what the security technology that you’ve already paid for is doing, you can get a good idea of where your gaps exist,” Jody Brazil, President and CTO of FireMon told SecurityWeek. “By integrating real-time information and risk analysis into the platform, you have continuously up-to-date information about your network.”

FireMon Security Manager provides policy and configuration management, enforcement and auditing of network devices such as firewalls, routers, switches and load balancers, while monitoring for and alerting on configuration changes. It also presents options for fixing configuration issues and can provide configuration backups of security infrastructure devices.

“The growing complexity of networks and the increasing sophistication of adversaries have driven imperatives for better intelligence and focus in network security management,” Brazil said. “Any network change – from M&A integration to user, application or access changes to software updates – can cause issues from system failure to exposure of critical assets."

FireMon Security Manager 6.0As part of the risk analysis component, FireMon created what it calls “attack graphs”, a visual representation generated by its risk analysis engine that displays possible attack paths through a network on a map, and provides analysis and recommendations on how to reduce risk.

In addition to being able to import vulnerabilities detected by popular vulnerability assessment scanners, FireMon Security Manager 6.0 can also incorporate penetration test results from Rapid7’s Metasploit penetration testing solution to weigh on risk scoring.

Designed to be scalable and work with real-time information, FireMon Security Manger is built on a distributed architecture that utilizes a single application server for central management and reporting. With remote, agent-less data collectors for additional monitoring capacity, Security Manager is able to monitor thousands of devices and supports a broad range of security and network devices.

Pricing for FireMon Security Manager starts at US$20,000 for a “starter pack” which includes an appliance and support for five firewalls.

view counter
For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.