Welcome!

Cloud Security Authors: Elizabeth White, Zakia Bouachraoui, Pat Romanski, Yeshim Deniz, Liz McMillan

Related Topics: Cloud Security

News Feed Item

RedSeal Systems Launches Network Security Assurance Software to Prevent Data Breaches

To address the accelerating trend of data breaches worldwide, RedSeal Systems today announced RedSeal Network Advisor 4.0, the industry’s first enterprise-wide network security assurance software. RedSeal Network Advisor continuously analyzes the end-to-end interaction of firewalls, routers and load balancers throughout an organization to comprehensively identify security holes in the infrastructure. RedSeal also validates that corporate network security policy is enforced, enables rapid remediation of unintended exposures and demonstrates regulatory compliance to auditors.

“Many enterprise networks are burdened by complex sets of access rules distributed across firewalls, routers, and other infrastructure devices. With every new rule or rule change there is the potential to create a gap in the network’s defense and violate an enterprise security policy or a mandated control,” said Phil Schacter, vice president and service director for The Burton Group's Security and Risk Management Strategies. “A systematic approach is needed to validate that current network security rules are consistent with required controls and enterprise security policies.”

RedSeal software continuously analyzes every firewall rule and router ACL on the network to audit both individual devices and how those devices interact to deliver security to the business as a whole. It summarizes enabled and prohibited access in simple diagrams and reports. These enable security management personnel to easily spot exposures that otherwise would have gone unnoticed until exploited by a hacker.

RedSeal Network Advisor 4.0 also verifies that the network enforces the security organization’s access policies, both internal and regulatory. Users can specify what access should be prohibited or allowed between security zones. RedSeal analyzes the access actually enabled on the network to verify that firewalls, routers and other devices are correctly configured. If a violation is discovered, RedSeal notifies the appropriate personnel. It then isolates the root cause of the access, identifying the exact devices, rules and ACLs that enable the risky access.

RedSeal Network Advisor 4.0 reduces the burden of audits for PCI DSS, NERC CIP, SOX, FISMA and other regulations. RedSeal automates control testing, decreasing the risk of a finding by auditors. RedSeal also offers reports that detail the controls and demonstrate that they are operating properly, lessening the time and cost associated with supporting each audit.

“The last year has seen a significant increase in both the number and seriousness of cyber-attacks,” said Tom Arthur, CEO of RedSeal Systems. “Organizations purchase billions of dollars of network security equipment each year to defend themselves, but a single configuration error can render their entire investment worthless. RedSeal’s software enables CISO's to make informed decisions before the next attack to assure their defensive posture is strong.”

Features and Benefits

Specific capabilities in RedSeal Network Advisor 4.0 include:

  • Network topology mapping: RedSeal generates and displays a map of the entire enterprise network, showing how subnets are interconnected by routers, firewalls and other devices.
  • Automated firewall audit: RedSeal analyzes individual firewalls to identify common configuration issues such as redundant rules, weak authentication and overly permissive access policies.
  • End-to-end assessment: RedSeal analyzes the interaction of all firewall, routers and load balancers throughout the enterprise to determine what access is allowed or denied between every two systems.
  • Security zone visualization: RedSeal summarizes the network infrastructure into security zones and determines the access between them. This instantly informs management if, for example, access exists between any internet or extranet connection and any financial server.
  • Continuous policy compliance: RedSeal aggregates network access policies, approvals and exceptions. It then continuously validates that the actual configuration of the network enforces these policies.
  • Root cause isolation: RedSeal automatically identifies the root cause of undesired access, pinpointing the exact devices, rules, and ACLs that combine to enable the access.
  • Closed-loop trouble ticket integration: RedSeal integrates with BMC Remedy Action Request System to open trouble tickets for policy violations. When the operations group marks the trouble ticket as complete, RedSeal will automatically verify that the violation has been remediated.
  • Compliance reporting: RedSeal automates control testing to prevent findings by an audit. RedSeal’s integrated reports document security policies (including approvals and exceptions) as well as demonstrate that the network complies with those policies.

RedSeal Vulnerability Advisor

RedSeal Systems today also announced RedSeal Vulnerability Advisor 4.0, software for actionable vulnerability management. RedSeal Vulnerability Advisor integrates with RedSeal Network Advisor to assess the results of vulnerability scans in the context of network security. This automatically identifies vulnerabilities that are exposed to untrusted networks or that can result in widespread access to critical systems. RedSeal prioritizes all vulnerabilities from enterprise-wide scans to isolate those that must be remediated immediately due to the risk they pose. In addition, RedSeal Vulnerability Advisor identifies mitigation options, validates scan coverage and provides reports for auditors that demonstrate control of business risk.

Pricing and Availability

RedSeal Network Advisor will be available in late June 2009. Pricing starts at $25,000. Existing customers of RedSeal SRM will receive RedSeal Network Advisor at no charge as part of their software maintenance agreement.

About RedSeal Systems, Inc.

RedSeal Systems develops security assurance software that enables organizations to assess and strengthen their cyber-defenses. Unlike systems that detect attacks once they occur, RedSeal identifies holes in the security infrastructure that could be exploited — before they are discovered by hackers. RedSeal software analyzes and simplifies the complex interaction of firewalls, routers, load balancers and hosts, delivering in-depth understanding of overall security posture, continuous compliance with regulations such as PCI, FISMA, and SOX, and actionable steps for risk remediation. For more information, visit RedSeal at http://www.redseal.net.

Photos/Multimedia Gallery Available: http://www.businesswire.com/cgi-bin/mmg.cgi?eid=5985342&lang=en

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

IoT & Smart Cities Stories
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
IoT is rapidly becoming mainstream as more and more investments are made into the platforms and technology. As this movement continues to expand and gain momentum it creates a massive wall of noise that can be difficult to sift through. Unfortunately, this inevitably makes IoT less approachable for people to get started with and can hamper efforts to integrate this key technology into your own portfolio. There are so many connected products already in place today with many hundreds more on the h...
The standardization of container runtimes and images has sparked the creation of an almost overwhelming number of new open source projects that build on and otherwise work with these specifications. Of course, there's Kubernetes, which orchestrates and manages collections of containers. It was one of the first and best-known examples of projects that make containers truly useful for production use. However, more recently, the container ecosystem has truly exploded. A service mesh like Istio addr...
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Charles Araujo is an industry analyst, internationally recognized authority on the Digital Enterprise and author of The Quantum Age of IT: Why Everything You Know About IT is About to Change. As Principal Analyst with Intellyx, he writes, speaks and advises organizations on how to navigate through this time of disruption. He is also the founder of The Institute for Digital Transformation and a sought after keynote speaker. He has been a regular contributor to both InformationWeek and CIO Insight...
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in ...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more busine...