Forward Networks,
an industry leader in network assurance and intent-based verification,
recently announced enhancements to its Forward Enterprise platform that
will help security professionals. To find out more, VMblog spoke with
Chiara Regale, vice president of product management for Forward
Networks.
VMblog: Forward Networks has traditionally focused on the network
operations teams - and solving operational problems - why did you move into
Security?
Chiara Regale: Our
mission as a company is to make networks more agile, predictable and secure -
and the NOC is the foundation. Many members of our team are former operations
engineers who have felt the pain that comes with not having a single source of
truth for the network. The commitment to alleviating this pain is what led our
founders to create a digital twin of the network based on mathematical
algorithms that is always up-to-date and captures configuration and state
information for every device on the network.
Our
customers were incredibly vocal about extending access to this information to
the SOC, enabling both teams to work from up-to-date information means they can
improve their security posture and verify and validate their zero trust
architecture.
VMblog: What are the new features being added to the Forward
Enterprise platform?
Regale: We wanted to enable security teams
to identify, contain and prevent security incidents with greater ease and
efficiency than ever before. We added three new features to Forward Enterprise
that enable engineers to resolve issues without conducting data calls.
Because they provide consumable data with a single mouse click, we like to call
them "easy buttons."
- Blast Radius Identification and Isolation: Using data already collected by the Forward Enterprise
platform, this feature provides a granular view of compromised host
reachability. With a mouse click, security teams can identify the exposure and
where malicious actors could spread to across the network, enabling teams to
isolate the devices in a much simpler and faster manner.
- Zone-to-Zone Connectivity Matrix: Forward Enterprise has always captured firewall
configuration information on the network, but now it visualizes connectivity
details in an easy-to-read and always-current source of truth for zone-to-zone
connectivity. The matrix clearly indicates which zones have full connectivity,
partial connectivity, or no connectivity. Through the platform, engineers can
also easily determine the cause of unintended connectivity and build
verification baselines.
- Cybersecurity Vulnerability Reporting: Through comparing information from the NIST National Vulnerability
Database and the specific device and
configuration data collected from the network, Forward Enterprise now
automatically and proactively analyzes the network for flagged vulnerabilities.
Using API integrations the platform can automatically generate service tickets
in popular applications such as ServiceNow-meaning one less action item.
VMblog: How did you determine which features to focus on?
Regale: In classic start up tradition, we held a company-wide hack week and encouraged
our engineers do anything they wanted. Every project that came out of hack-week
had a security focus because that's what our customers were asking for and our
people are motivated by solving customer problems.
Using current methodology,
enterprise SOC and InfoSec teams spend countless hours tracking down
information that is already collected in our platform - our engineers looked at
how we could take what we have and create "easy buttons" that would help
everyone do their jobs better and faster. We wanted to give the SOC the
information they need in a curated way that is easy to understand and act on.
There was a strong focus on helping the security teams be more efficient and
effective as the current talent shortage makes hiring additional security
professionals is nearly impossible right now. Reducing the time required for
frequent tasks and presenting information in an easy to consume manner is
fundamental to helping security teams get off the reactivity merry-go-round and
assume a proactive posture.
VMblog: How do you anticipate these features will help network and
security operations teams?
Regale: Having a shared, single source of truth for the network will reduce friction
between IT teams and help them work better together. Customers who have already
given their SOC and InfoSec teams access to the Forward Enterprise Platform
report that it helps everyone achieve their individual priorities faster.
While each IT team has a specific remit, there is a ton of overlap, especially
between operations and security. A strong security posture depends on a healthy
network and being able to pinpoint and isolate any issues. We provide simple
and fast access to the information engineers need to keep the network secure
and healthy.
VMblog: Finally, are there specific industries that are more likely to
benefit?
Regale: Any company with a large network
will see improvements in the way their NOC and SOC operate. Organizations in highly regulated industries
such as finance will appreciate the new features we just announced, but also
will benefit from the being able to use the intent checks and snapshots within
the platform as an always on audit and compliance check.
Every enterprise is one ACL away
from an unwanted headline. To prevent config drift, security teams can set
intent alerts within the Forward Enterprise platform so that anytime a device
is configured outside of compliance, an alert is generated with specific detail
on how to remediate the situation.
##