FireMon Marries Security, Agility in New Agile Network Security Policy Management Platform
FireMon is bringing agility and speed to a range of security capabilities that companies say they need to adopt cloud more quickly. IDN looks at FireMon’s marriage of “agile” with network security policy management platform technology.
FireMon is bringing more agile security capabilities to companies that need to adopt cloud more quickly.
With its attest updates, FireMon looks to modernize its NSPMP (Network Security Policy Management Platform) aims to support digital transformation and cloud initiatives while providing security and compliance assurance that enterprise customers need, according to FireMon’s senior vice president of engineering Jim Birmingham.
In specific, FireMon can drive agility across hybrid networks thanks in large part to a headless orchestration API, which lets users integrate with any existing system or process. It easily supports use cases to work with IT Service Management platforms, including ServiceNow and Security Orchestration Automation and Response (SOAR) tools.
This approach allows customers to drive security efficiency and eliminate misconfigurations caused by complexity and manual processes. The platform addresses inefficient rule creation and change processes, delivers risk assessment of change through pre-change simulation and provides policy change recommendation, Birmingham added.
FireMon CEO Satin H. Mirchandani detailed how the latest release came from customer feedback “Our customers have told us that traditional approaches to managing network security policy are too cumbersome for their dynamic cloud and hybrid environments. Our agile approach to NSPM delivers exactly what they’re asking for -- the ability to efficiently respond to increasing rates of change and heterogeneity while maintaining security and compliance,” he said in a statement.
“This launch is about giving our customers greater agility and responsiveness at a time when they absolutely need it,” said
Key features of the new FireMon’s Agile NSPM platform
Among the key features of the FireMon’s Agile NSPM platform include the following:
Unified View for Cloud Security Policies: FireMon is the first and only NSPM vendor to deliver a single, unified interface that allows you to manage and orchestrate cloud security policies in the same application, using the same visualization. FireMon’s approach does not treat a cloud like a firewall by requiring customers to purchase separate modules to view and orchestrate cloud security policies as separate visualizations from their firewall policies.
Instead, FireMon presents a unified view, treating a cloud like a cloud via what the company calls “a single lens” for cloud visibility. The premise is to enable users to manage network security policies from a single interface. Further, it lets users see cloud deployments the same way as on-prem infrastructures, even when security configurations differ widely.
Integrated Control: FireMon integrates with the native controls of multiple cloud platforms, including Microsoft Azure and AWS, to normalize and streamline security policies between cloud and data center environments. Whether a firewall is placed in a physical or virtual environment, FireMon’s monitoring capabilities provide equal visibility into security policies as with physical firewalls.
Headless Orchestration APIs: The FireMon NSPM solution provides comprehensive, open-API access to its full platform, allowing the integration of automated policy compliance and security checks into any system or workflow. Further, it gives enterprises the flexibility to inject security or compliance policies at any point in their workflow and change integration points quickly and easily. The API may be called through code or the Swagger UI.
DevOps teams cab also use their existing toolchain for all integrations instead of multiple proprietary vendor SDKs.
Customizable Workflows: FireMon empowers users to scale and perform network security policy management strategies for large and complex networks with visual displays to allow companies to work with network security devices, cloud security groups, and changing workflows.
In a recent blog post, Mirchandani noted that recent studies reveal that more than half of security directors (59 percent) believe that the lack of network visibility posts a “high or very high” risk to their operations.
In that context, Mirchandani’s blog detailed five actions to make your network more visible.
Know your network: Misconfigured, redundant, and unauthorized devices are lurking on your network – and everybody else’s. As businesses grow, change direction, and make acquisitions, rules and policies become outdated or redundant. The first step toward achieving network visibility is to retroactively map everything that’s already there.
Use one unified interface to gain visibility: Trying to enforce network policies with multiple tools and manual processes is frustrating, costly, and time-consuming. You need a single interface that provides continuous visibility into critical factors and automatically surfaces network policy data into one easily-understood visualization.
Choose a network visibility tool that provides actionable views: Many network visibility solutions rely on historic data, which doesn’t help you prevent risks that are emerging right now. Views should show data gathered from everywhere on the network, from the datacenter to the firewalls and across all environments, in real-time, and should be presented in a manner that is easy to understand so better decisions can be made faster. When events occur, notifications should be automatic.
Use the right search capabilities to isolate policies: You need an efficient way to isolate and examine detailed information about all your network security policies. A network visibility tool should include a search function that’s as simple as Google while also providing a more sophisticated search tool as well.
Deploy intelligent threat hunting: Effective visibility should not only prepare network operators to defend against known threats, it should also expose unknown threats. Unknown threats can be discovered by analyzing data patterns in real-time through a process known as data clustering, which automatically assembles and attributes data from large, disparate data sets. The ability to integrate external feeds from sources like VirusTotal and DeepSight is important, as is open-ended searches (as opposed to only base queries).
FireMon reported the following benefits from its latest version:
- 90% efficiency gain by automating firewall support operations
- 80% reduction in firewall and cloud security group misconfigurations
- 90% faster compliance reporting
- Reduction from hours to minutes in blocking malicious actors across a globally distributed network.
FireMon’s approach to a modern NSPM is getting favorable comments from analysts. Derek E. Brink, vice president and research fellow at Aberdeen Group, said:
“Organizations need to rethink their approach to managing their network security policies, not only to gain the operational efficiencies of automation but also to address the rapidly changing security threat landscape. FireMon’s Agile NSPM is designed to help IT security teams achieve both of these benefits, in addition to enabling the business.”