• No results found

TECHNOLOGY INTEGRATION GUIDE

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "TECHNOLOGY INTEGRATION GUIDE"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

TECHNOLOGY INTEGRATION GUIDE

TECHNOLOGY

INTEGRATION GUIDE

INTRODUCTION

RedSeal’s cybersecurity analytics platform integrates data from your network devices and security solutions to provide a comprehensive model of your network and its security posture. By combining all this information, RedSeal optimizes the value of each individual solution, prioritizes security issues by putting them in the context of your network, and shortens remediation cycles.

NETWORK DEVICES AND INFRASTRUCTURE

Routers

Load Balancers

MANUFACTURER DEVICE NAME/OS VERSIONS SUPPORTED

Alcatel-Lucent 7750SR-c12/OS 11.0.R4 SR-OS 11.0.R4 Arista* EOS 4.2.7 – 4.11.4 Cisco* IOS 11.0 - 15 Cisco* IOS-XR 3.8 – 4.2 Cisco * NX-OS 5.1, 6.x, 7.x Cisco VPN-3000 4.x H3C* Comware 5.20.106 HP* ProCurve #K.15.12.0012 Huawei* VRP5 5.120

Juniper* JunOS 8.5 – 10.4 + 11 & 12

Open Source Linux Router IP tables, routes, netstat, IP address

MANUFACTURER DEVICE NAME/OS VERSIONS SUPPORTED

A10* ACOS 2.7.1

Brocade* IronWare BigIron/FastIron 8.0, ServerIronXL 7.5 Cisco CSS 11501/11050/ 11150

Citrix* NetScaler 9.2

F5* BIG-IP 10.2, 11.0 – 11.3 Radware 4408 with Alteon software 26.x or 28.x

Riverbed SteelApp SteelApp Traffic Manager 9.1 (Stingray)

(2)

TECHNOLOGY INTEGRATION GUIDE

Firewalls

Wireless Controllers

MANUFACTURER DEVICE NAME/OS VERSIONS SUPPORTED

Check Point File, OPSEC R65, R70, R71, R75, R76, R77 Cisco* FWSM v2, v3, v4

Cisco* PIX v6.3, v7, v8

Cisco ASA v8

Cisco Catalyst 6400 ACE A2 (3.1) Cisco ACE Software appliance A4 (2.1a) Dell (SonicWALL) Sonic_OS 5.9.x.x Fortinet Fortigate FortiOS 4.x, 5.x Juniper* ScreenOS 6.x

Juniper* JunOS 8.5 – 10.4, plus 11 & 12 McAfee Firewall Enterprise 7, 8.1.2, 8.2.0, 8.2.1, 8.3 McAfee (Stonesoft) NGFW 5.7.0

Palo Alto Networks* PAN-OS 4.x, 5.x, 6.x

Virtualized/Cloud Infrastructure

MANUFACTURER DEVICE NAME/OS VERSIONS SUPPORTED

Aruba* ArubaOS 6.1.3 Cisco Wireless Controller 7.4 Cisco* Aironet IOS 11.0 - 15

MANUFACTURER DEVICE NAME/OS VERSIONS SUPPORTED

AWS VPC N/A

AWS Config N/A

VMware vShieldEdge VMware 5.5.0

MANUFACTURER DEVICE NAME/OS VERSIONS SUPPORTED

BMC Network Automation BladeLogic 8.2.0 Cisco Security Manager 4.3.0 EMC Ionix Voyence N/A HP Network Automation Opsware 7.6, 9.0, 9.1 Infoblox NetMRI 6.4.1, 6.9 Open source RANCID N/A

SolarWinds NCM (Orion) 5.5.2, 6.0, 7.0.2, 7.1.1, 7.3 Tripwire Tripwire Enterprise 8.1, 8.1, 8.2

Configuration Management Databases (CMDB)

1

Specific device support varies with each CMDB vendor. Please refer to RedSeal’s Data Import Plugins Guide available from the RedSeal Support Portal for additional considerations on integration with CMDB systems. RedSeal also supports importing device configurations that have been saved to a file. Refer to documentation from specific device vendors for additional information on using this methodology.

(3)

TECHNOLOGY INTEGRATION GUIDE

MANUFACTURER DEVICE NAME/OS VERSIONS SUPPORTED

LockPath Keylight 4.1

RSA Archer 5.3

Symantec CCS Suite 11

MANUFACTURER DEVICE NAME/OS VERSIONS SUPPORTED

HP ArcSight ESM

McAfee ESM 9.2

Splunk 6.1

Governance/Risk/Compliance (GRC)

Security Information and Event Management (SIEM)

MANUFACTURER DEVICE NAME/OS VERSIONS SUPPORTED

Alert Logic (Critical Watch) FusionVM 4 DDI Frontline 5.0 BeyondTrust REM Security Management Console 3.7.9 & 3.8 BeyondTrust eEye Retina 3.8 & 5.16 McAfee Vulnerability Manager 7.0.1 & 7.5 Outpost24 OUTSCAN, HIAB (hacker-in-a-box) 3.2.7 Open source nMap 6.25 Qualys QualysGuard 7.6 Rapid7 NeXpose 4.12 Symantec Vulnerability Manager 10.0.5

Tenable Nessus 4.6.2.1 & 4.8, 6.0 Tripwire (nCircle) IP360 6.8.9, 6.9, & 7.3.x

SECURITY SOLUTIONS

Vulnerability Scanners

Security Management

MANUFACTURER DEVICE NAME/OS VERSIONS SUPPORTED

Cisco Enterprise 4.3.0 McAfee ePO 4.5, 4.6, 5.1 Tenable Security Center CV 4.6.2.1, 4.8, 5.0

(4)

TECHNOLOGY INTEGRATION GUIDE

REDSEAL INTEGRATES AND OPTIMIZES SECURITY SOLUTIONS

Overview

RedSeal’s cybersecurity analytics platform creates a complete inventory of all of the Layer 3 devices and infrastructure in your network, including routers, load balancers and firewalls, along with cloud-based and virtualized devices. It imports configuration data to build a digital model of your network, including all connectivity and access paths between any two points on it.

RedSeal correlates the model with vulnerability scan data to put security issues in context. With this, RedSeal is able to prioritize your network’s most critical security issues (based on access/downstream access), so you can address them first.

RedSeal makes your compliance initiatives–as well as your own policies–more efficient and effective. You can set up a policy in RedSeal, then monitor and prove compliance quickly and continuously. RedSeal has key controls for PCI, NIST 800-53. NERC CIP and HIPAA.

Importing and analyzing device configurations

RedSeal uses a variety of communications methods to collect device configurations and security data. The following methods are supported, but may be specific to a particular device or solution:

• CVS (Concurrent Version System) • FTP

• HTTP(S)

• Java Database Connector (JCBC) • SCP

• SFTP (Secure FTP) • SSH

• Telnet

• Windows File Share

Configuration management databases (CMDB)

RedSeal can get information from an existing CMDB to build the model of your network without having to access devices directly. Because RedSeal analyzes configuration settings, it helps identify any network devices not currently known or managed within the CMDB.

Network devices (routers, load balancers, firewalls, wireless controllers)

RedSeal can also directly access and analyze devices whose configurations are missing or incomplete. It analyzes the configuration files of your network security devices on multiple levels:

• Finds connected devices or hosts not otherwise known or identified

• Runs a series of vendor-specific industry best practices on all network devices

• Verifies the integrity of firewall rulesets, including identifying redundant or unused rules

RedSeal can also import configuration data that has been saved to a file, so that direct access on the network is not required. For more information on importing from a file, refer to RedSeal’s Plugins Guide available from the RedSeal Support Portal, which gives more detail on what devices and file formats are available with this option.

(5)

TECHNOLOGY INTEGRATION GUIDE

Cloud infrastructure (public and private)

RedSeal enables you to unify your physical and cloud network security. It supports Amazon’s popular Virtual Private Cloud (Amazon VPC), through either the AWS SDK or AWS Config. This integration with AWS allows RedSeal to analyze your cloud infrastructure and its connection to your physical network, including risk, policy compliance, and industry best practices.

Virtualized infrastructure and datacenters

RedSeal provides the ability to include details about virtualized environments in its model of your network. This includes processing ACL settings from virtual environments, modeling those environments, and factoring them into policy compliance and risk analysis.

Vulnerability management solutions

RedSeal incorporates vulnerability scan data from the industry’s leading products and calculates every possible access path between all hosts. Using assigned (default or user defined) asset values and potential lateral movement or downstream risk, RedSeal’s patented algorithms provide a list of the most critical actions you need to take to improve your network security.

Governance, risk, and compliance (GRC) solutions

RedSeal can access data from GRC solutions, as well as provide data to a GRC solution. Sample integrations include:

RedSeal can also be configured to send data to SIEM solutions that enhances the context of the data these products provide to their customers.

Security information and event management solutions (SIEM)

RedSeal can be configured to send data via syslog to external systems. The information that can be exported includes: • Detailed host information, including risk metrics,

compromised hosts, hosts reachable from untrusted zones, or hosts that have access to your most critical assets

• Results from RedSeal device best practice checks • Anomalies in the network model (e.g. dangling subnets, duplicate IPs)

• Policy status summary for each policy you have defined (e.g. PCI, internal)

Specific SIEM solutions that RedSeal integrates with include: • HP ArcSight: RedSeal exports data directly into ArcSight ESM using the standard CEF communication format.

• Splunk: RedSeal exports data to a Splunk dashboard, including comparisons to industry best practices, vulnerabilities and downstream risk.

• McAfee ESM: RedSeal exports data via syslog • IBM QRadar: RedSeal exports data via syslog • McAfee ePO: RedSeal imports host information from ePO. ePO

collects data from RedSeal including host attack risk, critical asset access and downstream risk which enables improved prioritization and policy setting.

• RSA Archer: RedSeal imports asset and group values, which are then used in RedSeal’s risk metrics calculations and reports.

• Symantec: Control Compliance Suite (CCS) collects information from RedSeal, including host

risk exposure, vulnerability status, and device best practice violations.

• LockPath: RedSeal enables faster remediation by sending prioritized vulnerability and risk information to LockPath’s Keylight Security Manager, which routes it to the

References

Download now ( PDF - 5 Page - 308.00 KB )

Related documents

THE IMPERFECT STORM: ETHICAL RESPONSIBILITIES OF REHABILITATION COUNSELORS WHEN DISASTER AND DISABILITY COLLIDE

difficulties involved in applying traditional ethical standards and principles to disaster response work3. • Discuss several case examples of types of ethical dilemmas that may

The Top 5 Tools for Social Proof

The wildly popular culture document shared by Netflix explains simply: It’s easy for any company, regardless of their actual ethics and values, to display values that aren’t

The Effects of the Financial Crisis on Systemic Trust. CEPS Working Document No. 316, 17 July 2009

It is thus not surprising that re-establishing trust in the financial system has become a key task for policy- makers throughout Europe (and the US). This paper aims to contribute

Saudi Income Tax Law

(b) If a partner is retiring from membership in a personal company and receives a distribution that causes the retiring partner to recognize gain on the disposal of the

Jovens de Baixa Renda: Aspirações de Consumo e Funk Ostentação

A partir da revisão teórica, que evidencia fatores como comportamento de consumo, mercado de baixa renda, poder da marca e os resultados obtidos pelas pesquisas, foi

M. S. Krishnan. MS in Industrial Administration, 1993 Graduate School of Industrial Administration Carnegie Mellon University, Pittsburgh, PA

“Drivers of Life-cycle Cost and Quality in Software Products: An Empirical Analysis,” Workshop in Information Systems Economics, 1995, London School of Business, London,

NewGL JVA Documentation

In the customizing the ledger groups can be assigned to different accounting principles (Financial Accounting (New) -> Financial Accounting Global Settings (New) -> Ledgers

ETHICAL ISSUES IN DEFENDING A TERRORISM CASE: STUCK IN THE MIDDLE

In the twenty-five years of this statute, which was enacted in 1978 to cover foreign intelligence-gathering within the confines of the United States, no court