FireMon announced new capabilities in Security Manager 7.0 that improve organizational ability to identify, understand and manage changes in security posture – in real-time. These capabilities apply best practice models from FireMon’s knowledge base in security infrastructure management, with increased automation, customization and analytical capabilities.
To address this need for greater agility in security posture and risk assessment, the three main enhancements to Security Manager 7.0 include:
Continuous assessment – Offers active and continuous assessment of compliance and security posture to analyze and trend the effects of – and, if necessary, alert on – administrative and environmental changes in the enterprise.
Best practice modeling – Moves from primarily device-centric to control-centric monitoring via prepackaged assessments from the FireMon knowledge base, or custom assessment definition. Provides a higher-level view of data for quicker, more comprehensive assessments and a better understanding of the implications of change over time.
Business process standardization – The first security and policy management platform to support the latest version of the Object Management Group’s (OMG) Business Process Model and Notation (BPMN) standard. Building on the BPMN 2.0 standard enables easy integration to existing business processes and solutions of FireMon’s powerful firewall tools such as rule recommendation and analysis.
“While the old adage of ‘learn from your mistakes’ holds true in every job, the implications of even minor mistakes in security can have far reaching consequences – and moreso the longer they go undetected,” said Jody Brazil, president and CTO of FireMon. “And dangerous mistakes aren’t limited to misconfiguration. Small, even valid, changes can have unexpected and unpredictable cascading effects farther along a network path. Additionally, overt focus on previous device and configuration errors can create tunnel vision that prevents oversight of other devices. Our goal with 7.0 was to provide a continuous and real-time posture ‘reality check’ that prevents errors in oversight by continuously assessing the infrastructure based on best practices.”