Risk Management

Risk Management: Analysis, Simulation and Assessment

The implications of a firewall configuration error can be severe - from a security breach to network downtime, or even a network service interruption. Therefore, it is important to analyze the impact of every change before it is implemented in the production environment. The same is true for the firewall gateway operating system, where routine system maintenance can expose vulnerabilities or even disrupt business.

In addition, security managers must be able to assess risk and vulnerability at any given time - for all relevant network security devices. The challenge is greatest in distributed organizations with multiple teams. Inevitably, different teams develop their own standards and working methodologies. To ensure that everybody is successfully implementing security guidelines, organizations need to implement automated solutions that can evaluate risk and compliance at all times.

Security Risk ReportSecurity Risk Report

Tools for Security Administrators and Business Executives

To manage risk and ensure business continuity, SecureTrack uses a multi-step approach:

  • Security administrators define the organization’s security compliance policy for mission critical and risky services within SecureTrack. SecureTrack automatically compares every change that is made to the firewall configuration and sends out a real-time alert in case of a violation to the organization’s compliance policy. This capability is firewall vendor agnostic and implemented transparently in heterogeneous firewalls environments.
  • Before implementing a change, administrators can use SecureTrack’s Security Policy Analysis to simulate the change on the rule base and identify possible conflicts or violations. This pro-active risk analysis tool can save hours of painstaking, manual rule base review.
  • For administrators and managers alike, the automated Security Risk Report instantly evaluates the current level of risk and displays your Security Score along with scoring on a prioritized list of risk factors. The report can be run at the organizational level or per gateway, and indicates risk trends in addition to the current state. To determine the Security Score, the report uses your compliance policies as well as a group of pre-defined risk factors culled from leading industry standards.
Copyright © 2003-2010 Tufin Software Technologies Ltd.