TOTAL NETWORK VISIBILITY AND CONTROL

 The networks of today look very different to the legacy networks of the past, however, as staffing and technology changes over time, many organisations fail to audit their device configurations, rules and policies on a regular basis and effective device management becomes extremely challenging.  

We all read daily news stories about the latest IT security breaches; cyber crime is getting harder and harder to prevent and the attackers are growing in intelligence around how to get into your network.  The saying “a chain is only as strong as its weakest link” is highly relevant in IT security, as exploitable infrastructure becomes the easiest target for attackers. 

In most instances organisations will have little knowledge of exactly how vulnerable their infrastructure is; which is why the 2014 Information Security Data Breaches Report from PWC highlights that 81% of large organisations experienced on average 16 security breaches in the last 12 months, with the average breach costing them between £600k & £1.1m – that’s a lot of money being spent on corrective action, surely its more cost effective to act now than to pay ten-fold later once breaches occur?

The first step towards improving your security posture is to “baseline” device configurations of core and edge switching and firewalls, to ensure they can’t be exploited to gain access to network resources.

Our solution of choice in this area is Skybox, who deliver assurance solutions in three flavours:

 

Firewall Assurance

  • Identify security gaps by examining firewall rules and configurations from multiple firewalls automatically to keep your network secure and easier to administrate
  • Three stages:  1) Collect data & Normalise, 2) Analyse, 3) Report & Act
  • Ensure policy compliance with industry best practices, regulations and custom policies, including PCI DSS, SOX, ISO, NSA, NERC & FISMA with audit reports and compliance scorecards - maintain continuous firewall compliance with automated daily compliance checks 
  • Improve firewall performance by reducing the size and complexity of rulesets
  • Validate changes in advance using Skybox “what-if?” analysis to avoid introducing potential errors and evaluate the risk impact of any proposed changes
  • Maintain a full history of your firewall rule modifications with continuous change tracking

Change Manager

  • Automated, secure firewall change management workflow solution, bought with Firewall Assurance
  • How it works: 1) Request Change, 2) Assess Risk, 3) Plan Change, 4) Provision, 5) Verify Closure
  • Out-of-the-box solution that facilitates integration with third-party ticketing systems
  • Compares the proposed changes against internal policies and industry regulations to ensure continuous compliance
  • Calculate risk by identifying host-based vulnerabilities that will be exposed to a new portion of the network
  • Documents every change and maintains a complete audit trail with assessment, planning and verification of all change requests
  • Skybox doesn’t make any physical changes itself, it only provides trusted recommendations to be acted upon by your team

 

 

Network Assurance

  • Provides comprehensive visibility into your network structure, including the perimeter and access routes, by gathering and analysing device configuration data to create a detailed network model and topology map that can be exported into other applications such as Visio
  • How it works:  1) Collect device data, 2) Map device relationships, 3) Analyse
  • Identify security issues caused by device configuration errors
  • Find and analyse the root-cause of network path connectivity across a complex network in seconds
  • The network model is updated automatically, providing a working environment to stage security, compliance or other planned network changes, without impacting the live network
  • Includes strong reporting capabilities out-of-the-box, including daily or ad-hoc reports on compliance metrics and violations