Story image

Security analytics: Helping you do more, with less

23 Oct 14

Westcon Imagine 2014 - You’ve got your security technology in place and your SIEMs and logs – now you need an automated method to leverage those existing network security tools.

Enter security analytics, heralded by some as ‘the next big thing’ in IT security.

Mick Stephens, Regional Director, Australia and New Zealand at FireMon, says by integrating a layer of security analytics, intelligence and automation into an existing network security infrastructure and processes, organisations can more effectively find, correct and ultimately avoid gaps in their security framework.

“Intelligent automation of tasks, such as firewall rule administration, allows greater speed of service delivery while ensuring compliance requirements are always met,” Stephens adds.

It is, he says, a way to do more, with less, and achieve better security outcomes.

“We can provide overwhelmed security, risk and compliance teams with automated intelligence to more effectively achieve key objectives. Automate the repetitive, time-intensive security tasks and free up skilled resources to focus on the complex issues that need the human touch.”

He says the increasing complexity of delivering IT security outcomes in the face of increased ‘breaches of significance’, and the obligations of aligning these outcomes to corporate and industry regulations and compliances, is driving the need for security analytics.

“This is then wrapped in the shroud of downward budgetary pressure and the increasingly problematic issue of finding and retaining quality security staff.

“This all leads to organisations needing to do much more with less. Freeing up an organisation’s resources to address these broader issues by automating security processes, but doing this in an intelligent and analytical way, is a step to achieving this outcome.”

In a recent survey FireMon commissioned, 73% of respondents considered their firewall policies ‘somewhat complex’ to ‘out of control’.

“Cleaning up and tightening the process around the commission and, as importantly, the removal of rules, unquestionably decreases the risk surface. This is even more complex in multi-vendor environments, not to mention adding next-gen firewalls into the equation.”

Stephens says FireMon’s Security Manager is a ‘real-time, proactive analytics solutions’, rather than a post-event log analytics SIEM.

“Security Manager is a complementary addition to a SIEM and can be integrated with all primary providers’ solutions. Both have a place, but the better your security posture (as an example, the cleaner the firewall rule base is) the less likely an organisation is to have security breaches and less need for post-event analysis.”

FireMon provides real-time collection and analytics of security device configurations, with related analysis and reporting, rule clean-up and resource efficiencies, audit and compliance clean-up and reporting, among others.

Changes are detected real-time and alerts issues on unauthorised changes. The analytical data is then used for intelligent automation of repetitive, time intensive security tasks. Historic and real-time data is also used for predictive modelling of threat scenarios based
on an organisation’s current configuration.

“For example, in a network planning and risk assessments project where there is a need to allow additional services, connection of business partners or in the case of business mergers, new divisions, we can assess and predict the potential access risks prior to deployment.”

For more information visit

Mercury Energy sells smart meter business for $270m
“Metrix’s large installed meter base, deep customer relationships and innovation platform, make this a natural acquisition."
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Hands-on review: The Logitech R500 laser presentation remote
With a clever ergonomic design, you’ll never have to glance at the device, unless you deliberately look to use the built-in laser pointer to emphasise your presentation.
Noel Leeming slapped with $200,000 fine for misrepresentation
“This prosecution related to multiple consumers in multiple locations. It was not isolated or ‘one off’ conduct.”
What to think about when planning IT infrastructure in schools
An expert with a history of builiding successful IT infrastructure for the unique education sector shares their advice for getting it right.
Review: Should you buy the Fitbit Charge 3?
If you are new the to the world of wearables you might be wondering if Fitbit’s new offering is a good first step. Maybe I can help with that.
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Dell dominates enterprise storage market, HPE declines
The enterprise storage system market continues to be a goldmine for most vendors with demand relentlessly rising year-on-year.