Welcome!

Cloud Security Authors: Yeshim Deniz, Zakia Bouachraoui, Liz McMillan, Elizabeth White, Ravi Rajamiyer

Related Topics: Cloud Security

News Feed Item

RedSeal Systems Launches Network Security Assurance Software to Prevent Data Breaches

To address the accelerating trend of data breaches worldwide, RedSeal Systems today announced RedSeal Network Advisor 4.0, the industry’s first enterprise-wide network security assurance software. RedSeal Network Advisor continuously analyzes the end-to-end interaction of firewalls, routers and load balancers throughout an organization to comprehensively identify security holes in the infrastructure. RedSeal also validates that corporate network security policy is enforced, enables rapid remediation of unintended exposures and demonstrates regulatory compliance to auditors.

“Many enterprise networks are burdened by complex sets of access rules distributed across firewalls, routers, and other infrastructure devices. With every new rule or rule change there is the potential to create a gap in the network’s defense and violate an enterprise security policy or a mandated control,” said Phil Schacter, vice president and service director for The Burton Group's Security and Risk Management Strategies. “A systematic approach is needed to validate that current network security rules are consistent with required controls and enterprise security policies.”

RedSeal software continuously analyzes every firewall rule and router ACL on the network to audit both individual devices and how those devices interact to deliver security to the business as a whole. It summarizes enabled and prohibited access in simple diagrams and reports. These enable security management personnel to easily spot exposures that otherwise would have gone unnoticed until exploited by a hacker.

RedSeal Network Advisor 4.0 also verifies that the network enforces the security organization’s access policies, both internal and regulatory. Users can specify what access should be prohibited or allowed between security zones. RedSeal analyzes the access actually enabled on the network to verify that firewalls, routers and other devices are correctly configured. If a violation is discovered, RedSeal notifies the appropriate personnel. It then isolates the root cause of the access, identifying the exact devices, rules and ACLs that enable the risky access.

RedSeal Network Advisor 4.0 reduces the burden of audits for PCI DSS, NERC CIP, SOX, FISMA and other regulations. RedSeal automates control testing, decreasing the risk of a finding by auditors. RedSeal also offers reports that detail the controls and demonstrate that they are operating properly, lessening the time and cost associated with supporting each audit.

“The last year has seen a significant increase in both the number and seriousness of cyber-attacks,” said Tom Arthur, CEO of RedSeal Systems. “Organizations purchase billions of dollars of network security equipment each year to defend themselves, but a single configuration error can render their entire investment worthless. RedSeal’s software enables CISO's to make informed decisions before the next attack to assure their defensive posture is strong.”

Features and Benefits

Specific capabilities in RedSeal Network Advisor 4.0 include:

  • Network topology mapping: RedSeal generates and displays a map of the entire enterprise network, showing how subnets are interconnected by routers, firewalls and other devices.
  • Automated firewall audit: RedSeal analyzes individual firewalls to identify common configuration issues such as redundant rules, weak authentication and overly permissive access policies.
  • End-to-end assessment: RedSeal analyzes the interaction of all firewall, routers and load balancers throughout the enterprise to determine what access is allowed or denied between every two systems.
  • Security zone visualization: RedSeal summarizes the network infrastructure into security zones and determines the access between them. This instantly informs management if, for example, access exists between any internet or extranet connection and any financial server.
  • Continuous policy compliance: RedSeal aggregates network access policies, approvals and exceptions. It then continuously validates that the actual configuration of the network enforces these policies.
  • Root cause isolation: RedSeal automatically identifies the root cause of undesired access, pinpointing the exact devices, rules, and ACLs that combine to enable the access.
  • Closed-loop trouble ticket integration: RedSeal integrates with BMC Remedy Action Request System to open trouble tickets for policy violations. When the operations group marks the trouble ticket as complete, RedSeal will automatically verify that the violation has been remediated.
  • Compliance reporting: RedSeal automates control testing to prevent findings by an audit. RedSeal’s integrated reports document security policies (including approvals and exceptions) as well as demonstrate that the network complies with those policies.

RedSeal Vulnerability Advisor

RedSeal Systems today also announced RedSeal Vulnerability Advisor 4.0, software for actionable vulnerability management. RedSeal Vulnerability Advisor integrates with RedSeal Network Advisor to assess the results of vulnerability scans in the context of network security. This automatically identifies vulnerabilities that are exposed to untrusted networks or that can result in widespread access to critical systems. RedSeal prioritizes all vulnerabilities from enterprise-wide scans to isolate those that must be remediated immediately due to the risk they pose. In addition, RedSeal Vulnerability Advisor identifies mitigation options, validates scan coverage and provides reports for auditors that demonstrate control of business risk.

Pricing and Availability

RedSeal Network Advisor will be available in late June 2009. Pricing starts at $25,000. Existing customers of RedSeal SRM will receive RedSeal Network Advisor at no charge as part of their software maintenance agreement.

About RedSeal Systems, Inc.

RedSeal Systems develops security assurance software that enables organizations to assess and strengthen their cyber-defenses. Unlike systems that detect attacks once they occur, RedSeal identifies holes in the security infrastructure that could be exploited — before they are discovered by hackers. RedSeal software analyzes and simplifies the complex interaction of firewalls, routers, load balancers and hosts, delivering in-depth understanding of overall security posture, continuous compliance with regulations such as PCI, FISMA, and SOX, and actionable steps for risk remediation. For more information, visit RedSeal at http://www.redseal.net.

Photos/Multimedia Gallery Available: http://www.businesswire.com/cgi-bin/mmg.cgi?eid=5985342&lang=en

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

IoT & Smart Cities Stories
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
As IoT continues to increase momentum, so does the associated risk. Secure Device Lifecycle Management (DLM) is ranked as one of the most important technology areas of IoT. Driving this trend is the realization that secure support for IoT devices provides companies the ability to deliver high-quality, reliable, secure offerings faster, create new revenue streams, and reduce support costs, all while building a competitive advantage in their markets. In this session, we will use customer use cases...