Prevent cyber attacks.
what you are missing.
SEE
Driven by the need to support evolving business objectives, enterprise IT infrastructures have grown increasingly larger, more complex and
more dynamic over the years. In order to secure these burgeoning infrastructures, network professionals have deployed equally complex
and sophisticated security controls, such as firewalls, intrusion prevention systems and access control lists. Yet, despite these controls,
cyber-attacks continue, enabling cyber-criminals to steal intellectual property and valuable business secrets.
The reason? While the controls themselves are effective at their tasks, they are deployed and managed in silos. The log files, configuration
files and interminable reports these controls produce are also too large and complex to analyze manually, which limits visibility into the
entire security picture and doesn’t create actionable results. Without a comprehensive solution for monitoring, analyzing and managing
risk enterprise-wide, security gaps form—and security professionals are blind to them.
What must be done to increase situational awareness
of the network infrastructure and close gaps in security?
• Visualize and understand your infrastructure with an up-to-date network map. • Proactively protect critical assets through dynamic data analysis.
• Continuously ensure your network is in compliance.
• Locate and prioritize the biggest risks among a large volume of identified vulnerabilities. • Efficiently prioritize incident response during an attack.
• Implement a consistent process to ensure access rules are implemented as designed. • Include security and risk impact analysis in change management.
Executive Summary
See Your Network
Prevent Cyber Attacks.
MAP
.
Netw rk Infrastructure Security Management
RedSeal Networks is the
lEAdINg pROvIdER
of
network infrastructure security management.
The RedSeal Platform is a cyber-security intelligence system that is based on proactive end-to-end complex network modeling and analysis. It provides network, security, and risk management teams with a firm understanding of where security is working, where improvement is needed and where the greatest attack risks lie. It replaces blind security management with a platform that enables enterprises to:
• Visualize and analyze the network infrastructure • Prevent cyber-attacks
• Automate and ensure compliance
The RedSeal Platform works without disturbing network traffic. It imports the configuration of network devices (Routers, Switches, Firewall, Load Balancers, Wireless Controllers, etc.) by repositories or live connections. Then, it builds the “virtual reality” model of the network and applies sophisticated mathematical computations to determine, for every endpoint, what can access what through what path. From there, the RedSeal Platform can do further analysis on risk and exposure by importing the vulnerability scan data and applying the access intelligence on it. As a result, users can utilize this analytical intelligence to instantly see what the access violations are, what the top exposures are and what the overall risk situation is.
Deployment Options
The RedSeal Platform is offered in three form factors for ultimate deployment flexibility: • Hardware Appliance
A powerful, Linux-based appliance that delivers the best performance for mid to large enterprises
• Virtual Appliance (OVA)
A virtual instance that can be deployed and managed in standard virtualization environments
• Software (Windows-Based)
Standalone software that can be installed on Window servers
Licensing
RedSeal Platform licensing is very straightforward: The license is based on the number of L3 devices managed. There are no separately charged modules and functions. There are no fees for end hosts—and there are no extra hidden costs. RedSeal Platform licenses are also charged ONCE, which means one unique L3 device can be managed by as many licensed RedSeal Platform instances as desired. This enables enterprises to implement flexible deployment scenarios that fit their needs.
FEaturES
The following tables list some major features from the RedSeal Platform:
Visualize & analyze
• Dashboards • Maps & Views • Risk Heat Map
• Instant Visual Threat Queries • Detailed Path Explorer • End-to-End Access Query
• Zones & Policy • Best-Practice Checks • Automated PCI/NERC/STIG Compliance
SEE
what
you’ve been missing.
Figure 1: Topology Map Figure 2: Risk Map Figure 3: Zones & Policies
Prevent Cyber attacks
• vulnerability Scan data Integration • Exposure Based Attack Risk Analysis • virtual Attack Simulation
• Rule-Change Impact Analysis • Exposure Based patching • Remediation prioritization
Scale & Integration
• Hierarchical Server Manager • Ticketing Systems Integration • egRC Systems Integration • SIEM Systems Integration
• Endpoint Management Systems Integration • Full-Blown North Bound ApI
with
SECu
rIty StartS
A solid building requires careful design, planning, and fastidious monitoring during the construction phase to ensure that implementation adheres to design. Infrastructure security requires the same process. Prior to adding more security controls and in preparation for changing access policies, the RedSeal Platform should be in place before you expand your network. The RedSeal Platform not only provides analytics-based, whole-network risk visibility, but also guides and validates the process of security implementation to ensure that it follows the blueprint.
the longer a network operates without redSeal, the more risky it can become.
The lack of visibility will not help build and maintain a secure network. Before deploying a variety of security point solutions, enterprises need to take the first and most basic step—get the RedSeal Platform and visualize vulnerabilities and compliance issues before they grow out of control.
Different teams, multiple ways to deliver value.
The RedSeal Platform is a system that will become a cornerstone for operations of both security teams and network teams. Each team has its top benefits.
For CISOs and CIOs:
• Actionable security metrics.
Proactively understand and monitor the overall security state of the network through automated and quantifiable attack risk metrics for situational awareness. • Deploy new networks securely.
Ensure security architecture from the start. Assess the attack risk at every step of the build-out (new branches, new data centers, etc.). • Operational excellence.
Efficiently carry out remediation through attack-based
prioritization. Automatically identify violations to ensure always staying in compliance.
For Security teams:
• Proactively ensure a bulletproof security architecture.
Continuously and automatically assess potential security holes by visualizing and analyzing the infrastructure risks.
• Exposure-based vulnerability management.
Readily prioritize the vulnerability remediation tasks by utilizing the calculated potential attack risk. • Avoid compliance penalties.
Automatically identify violations to ensure constant compliance and automatically provide proofs for external audit.
For Network teams:
• Constantly maintain accurate visibility.
Always up-to-date network topology (no more out-of-date Visio diagrams).
• Validate access changes ahead of time.
Ensure security and compliance. Identify the security impact of a change before applying it. • Implement Prioritized Incident
Response (IR).
Prioritize incidents based on potential breach impact, which are determined by actual access analysis and severity correlation. Figure 4: Attack Risk Analysis Report
Figure 5: Hosts Risk Report
“When we tied our vulnerability discovery process directly to our asset database,
RedSeal flagged some critical assets that weren’t properly documented. It used to be
very time consuming and expensive to analyze the impact of discovered vulnerabilities.
RedSeal’s fully automated process has saved us a great deal of time and thousands
of dollars in analysis.”
SVP and Enterprise Architecture Director, UMB Financial Corp.
“RedSeal helps us solve one of our most daunting security
challenges: making sure that the network only allows the access
that is absolutely necessary for the business.”
VP and CSO, Polk
“RedSeal was simple and painless to install, plus, it’s very
scalable, which is critical because of the fast-changing nature
of our environment.”
CISO, Interval International
about redSeal Netw rks
RedSeal Networks is the leading provider of network infrastructure security management solutions. RedSeal visualizes, analyzes and manages risk by automating a massive volume of device and policy data generated by enterprise network devices. RedSeal’s end-to-end network modeling and analysis delivers the comprehensive situational awareness CIOs, CISOs and security professionals need to prioritize risk and close gaps between point solutions to ensure compliance, prevent cyber-attacks and protect intellectual property.