Every security administrator knows that security policies are the brains of a firewall. They dictate the effectiveness of the configuration and directly impact how well an organization is protected. But, as any admin will tell you, seeing how these policies perform across the network is a very manual “ugly” data-driven process that often results in misconfiguration and poor security.
As a matter of fact, a 2014 Verizon report noted the correlation between a badly configured firewall and the likelihood of a security breach. *
[Upgrade or download Dimension now!]
Today, that changes, with new updates to WatchGuard Dimension, the award-winning security visibility solution that comes standard on any WatchGuard UTM or NGFW. The latest release (v1.3) includes the industry’s first interactive, integrated policy mapping capabilities that delivers a comprehensive view of traffic flow and policy impact across the entire network. You can literally see how policies impact your network and security.
Teltec Solutions, one of our MSSP customers, said it best, “The ability to see and analyze in real time the exact impact these policies are having on customers is incredibly powerful. There’s no need for complicated reports, just an easy way for my entire team, even CIOs, to see what’s happening.”
Speaking of seeing what’s happening, let’s take a look at how it works.
First, you can visualize what policies are in use and how interfaces are connected (this shows 6 active policies, such as HTTP, HTTPS-proxy, etc.):
Second, you can visualize how subscription services are operating (this shows application control, web audit, IPS, Virus, DLP and APT):
Third, you can visualize how applications are traversing security policies (this view is filtered on the social network application category):
Fourth, you can visualize how a specific application is operating (this is further filtered on Twitter and shows policies and traffic flows related to that):
Finally, you can visualize real security threats and their disposition at a glance. This shows the Virus (GAV) being allowed through the SMTP-proxy policy. Perhaps it’s time to reconfigure the policy:
Beyond Policy Mapping, the new version of Dimension brings a variety of additional insightful reporting and new dashboard features that includes information on zero-day malware, details about website visits and traffic disposition, enhanced navigation, and consolidated CA certificate management.
And, as always, it comes free on any WatchGuard UTM or NGFW platform.
*2014 Verizon PCI Compliance Report – http://www.verizonenterprise.com/pcireport/2014/