We are very proud to introduce you to a new SolarWinds product: FSM, Firewall Security Manager.
If you have NCM, you really need to take a quick look at what this amazing new product can do.
I already own NCM, so why do I need FSM?
- You spend time around security statements in your configs, and you find them very hard to read, making them difficult to understand and risky to modify.
- Security statements in your configs have a long history and/or are modified by several people.
As a result, they are convoluted, redundant and sometimes possibly conflicting.You need to clean and simplify them, without impacting the traffic.
- You need security reports to tell you about the current security level of your configs and advise you how to improve, above and beyond the compliance checks of NCM.
- NCM is great for helping you roll-out an ACL or NAT change, but does not understand the effect that this change will have on the traffic.
In addition, the traffic on an end-to-end path is impacted by the combined effect of multiple firewalls and routers, and you need a tool that helps predicting the impact that one or more combined changes can have, from an end-to-end point of view.
Firewalling and security really are not my forte, how can FSM help?
- You need expert advice on firewalls and routers security so you don’t have to spend time becoming proficient in standards such as NSA, NIST, SANS or PCI or creating firewall compliance checks completely from scratch.
- You need a safe environment to experiment your changes, try several scenarios, and predict their end-to-end effect BEFORE pushing them live.
When you are satisfied with the predicted behavior, you want assistance in implementing these changes, and be able to roll back easily in case of problem.
Security is my bag already, what does FSM buy me?
- Even though you are proficient in this area, security is a complex domain and you’d like a tool that could help double check you work before your deploy to production.
- Auditors and/or security meetings require frequent reports on your current security levels and creating these report manually is an arduous task you’d love to automate.
- Your network is complex and you find it difficult to predict the effect of a change in firewall security rules, from an end-to-end perspective.
- User requests are driving you to make frequent changes to your security objects and you need a simple but effective change management process, allowing your users to request changes via a simple Web interface, which you can then review, implement, test and deploy.
Quick overview of the integration with NCM - right, they are already integrated!
- FSM can get device configurations directly from NCM’s database. No need to duplicate those configs in 2 separate products, NCM is and remains your config repository.
- FSM can execute changes (e.g. cleanup scripts) on devices via the NCM’s scripting feature. You maintain your device credentials in only one product - NCM - and not 2.
Install both and you really have a best of breed platform to rely on, as far as managing your firewall and router configurations!
Once installed, you can integrate and populate your FSM Inventory (left panel) with the configs contained into NCM for your firewall and router devices, by just selecting them in the list showed below, and hit Finish.
It takes just a few clicks, before you can get tremendous value from FSM.
Download the FSM evaluation copy here, you can do all this in less then 30 minutes.
If you you have 30 minutes and want to try this now, go there.
Go there for more about FSM: snapshots, use cases, feature descriptions, eval download, online demo (no registration)...
Post any question or comment about FSM and its integration with NCM in this NCM thread, or even better in the FSM forum here.
This whitepaper describes Firewall Analytics (FSM) and Configuration Management (NCM), in general terms, and more preciselly the integration between FSM and NCM.