FireMon, a network security policy management
company, launched what it is calling the industry's first agile network
security policy management (NSPM) platform, to enable cloud and digital
transformation initiatives.
According to Gartner's Hype Cycle for Network
Security published in June of this year, "Network security technologies, such
as enterprise firewalls, have been a foundational component of an
organization's security strategy for many years. However, hybrid IT
architectures that include both on-premises and cloud are becoming far more
widely adopted; at the same time, attackers becoming more sophisticated and attacks
more frequent. Because of these factors, the need for preventive security
technologies that are highly agile and are compatible with a wide spectrum of
the enterprises' IT infrastructure models is greater than ever before."
FireMon's agile solutions for managing network security and
compliance were developed in response to these tectonic shifts in the
enterprise technology landscape. Digital transformation, cloud migration,
SD-WAN, and DevOps are driving new requirements for security organizations, including
the ability to respond to change with intelligent automation and to support
deeply complex hybrid-cloud environments. FireMon customers are reported to
routinely experience up to 90 percent improvements in network security policy
efficiency while eliminating common misconfigurations which lead to breaches
and compliance violations.
According to FireMon, demonstrable customer results include:
- 90% efficiency gain by automating firewall support
operations
- 80% reduction in firewall and cloud security group
misconfigurations
- 90% faster compliance reporting
- Reduction from hours to minutes in blocking malicious
actors across a globally distributed network.
"Digital
transformation is accelerating your business - and also the complexity of your
business-critical network infrastructure. Organizations need to rethink their
approach to managing their network security policies, not only to gain the
operational efficiencies of automation but also to address the rapidly changing
security threat landscape. FireMon's Agile NSPM is designed to help IT security
teams achieve both of these benefits, in addition to enabling the business"
said Derek E. Brink, vice
president and research fellow, Aberdeen Group.
To drive agility across hybrid networks, FireMon solutions leverage
its headless orchestration API which allows customers to integrate with any
existing system or process including IT Service Management platforms like
ServiceNow, Security Orchestration Automation and Response (SOAR) tools like
Splunk Phantom and Palo Alto Cortex SOAR, and DevOps platforms like Red Hat Ansible
and HashiCorp Terraform. This allows customers to easily inject security and
compliance into any process. To drive security efficiency and eliminate
misconfigurations caused by complexity and manual processes, the platform
addresses inefficient rule creation and change processes, delivers risk
assessment of change through pre-change simulation and provides policy change
recommendation. To meet scale and heterogeneity requirements, FireMon
normalizes policy across thousands of firewalls, devices, and cloud security
groups through a single interface.
Key features of FireMon's Agile NSPM platform include:
Unified View for Cloud Security Policies: Because firewall and cloud constructs
are fundamentally different, traditional NSPM solutions have treated these
environments separately. FireMon has
solved this complicated problem and now offers a single, unified interface.
Cloud constructs such as security groups are presented natively, even as policy
is managed holistically across both cloud and on-prem environments.
Headless Orchestration APIs: Offers the most robust and flexible
API on the market and allows integrations with any system or process. Unlike manual processes or competitive
alternatives, the FireMon orchestration API gives enterprises the flexibility
to inject security or compliance policies at any point in their workflow and to
change integration points quickly and easily.
The API may be called through code or through the Swagger UI.
Most Extensive Support for SD-WAN and SASE: Customers extend policy and traffic
routing definition visibility and management into their SD-WAN enabled devices
to track changes, assure agility and reduce risk. With support for Zscaler, Palo
Alto CloudGenix, and Cisco Viptela, FireMon provides the most extensive SD-WAN and
SASE support on the market.
Customizable Workflows: Simple and clear visual
representation of workflows, combined with workflow change features, admins can
modify workflows quickly and without the need for extensive professional
services, resulting in improved flexibility and agility.
SIQL with Elasticsearch: Customers store and maintain
contextual data for customizable and granular search capabilities on any
network object for trend analysis, point in time comparisons, or
simulations.
FireMon Tags: Customers associate meaningful metadata to their rules and
objects and later use this metadata to identify matching rules or objects.
FireMon Tags manage network security policies more efficiently, simplifies rule
management and reduces the risk that something will be missed when making
network or policy changes.
"This launch is about giving our customers greater agility
and responsiveness at a time when they absolutely need it," said Jim
Birmingham, SVP of Engineering at FireMon. "The new features we're delivering
are to support digital transformation and cloud initiatives while giving our
customers the security and compliance assurance that they need."