You can’t fully mitigate risk without a complete picture of what you must manage. However, visibility is a moving target as new endpoints and devices are added to your infrastructure daily.
To maintain full visibility of rapidly scaling and increasingly complex hybrid environments, you must be able to take a step back so you’re working from a strong foundation that supports proactive detection, configuration, and agile adaptation. For many organizations, it’s often a constant game of catch–up because monitoring, configuring and updating their map of devices and endpoints is a manual process that can’t keep pace.
The ability to see new changes to your infrastructure is not the path to full visibility, though – it’s also mapping and managing what’s already there.
Building assets block visibility
Even on a slow day, people across large enterprises are spinning up new networks, devices, and applications. It could be DevOps adding a development server, marketing people adopting a Software-as-a-Service (SaaS) CRM tool, or the business absorbing a whole host of endpoints, networks, and applications by acquiring another company.
Ideally, you want to be able to ingest and digest all these changes automatically — this is the core benefit of FireMon Lumeta. It automatically populates your ever-changing map to give you the visibility you need as things are added or removed. The challenge for many organizations is they’re implementing Lumeta after years of endpoint and device proliferation, both through organic growth and acquisitions.
Initial discovery with Lumeta often uncovers misconfigured and even redundant devices with outdated rules and policies that are still active and posing a risk by being non-compliant. Organizations have also assimilated multiple endpoint management systems and host vulnerability management systems that add complexity to the security stack. The lack of integration further compounds the lack of visibility — there’s a bunch of different maps rather than a single view of the infrastructure.
Step back to move forward
In order to be proactively secure and compliant, you must retroactively map everything you have in place.
FireMon has integrated Lumeta with major endpoint management systems such as McAfee EPO in order to identify the devices on the network that don’t have the McAfee agent installed; this enables them to be viewed and remediated in a single dashboard. Similarly, we integrate with host vulnerability management systems so enterprises can quickly get a handle on their current environment even as it continues to grow. Lumeta can feed systems such as Tenable, Rapid7 and Qualys by discovering and relaying necessary information to prioritize scanning and remediation.
The integration with these common tools was just the beginning. We’ve now integrated Lumeta with FireMon Security Manager, allowing our customers to discover the firewalls, routers, and switches that aren’t already under management. We populate the map within Security Manager so you have the complete topology picture and can make decisions with confidence because you have complete visibility and all the data at your fingertips, whether it’s assets in your on-premise infrastructure or in the cloud.
Once you’ve cleaned up and configured everything you’ve discovered through Lumeta and built a dashboard with Security Manager, you have the complete visibility you need to mitigate risk. Since Lumeta continues to discover devices and endpoints as they’re added, you’re continually ingesting the data you need to have the single source of truth necessary for robust security posture and proactive compliance.
*** This is a Security Bloggers Network syndicated blog from FireMon authored by FireMon. Read the original post at: https://www.firemon.com/risk-mitigation-requires-complete-visibility/