RedSeal's SRM automates the creation of a unified network inventory and topology. As configuration data is input to SRM, the system renders the interconnectivity and relative location as well as configuration detail about all elements in the network including security devices, servers and subnets. The graphical output, which is updated instantaneously each time new network information is introduced in the system, may be exported to Microsoft Office Visio facilitating sharing and broad cross organizational use.

 

RedSeal's SRM automatically collects (i.e. on a user defined schedule) router and firewall configuration information to create the comprehensive picture of the network's components and their interconnectivity. Each time data is imported (a process which takes minutes), RedSeal's SRM checks every firewall and router configuration as well as the security policy rules for those devices to verify that they have not been inadvertently misconfigured. Example checks include default password, lack of security on administrator access, redundant Access Control Lists (ACLs) to name a few. Each check failure represents either a best-practices policy violation or a symptom of a configuration error. Users of SRM get guidance on possible remediation steps and visibility as to where in the configuration or security policy the violation was found.

 

RedSeal's SRM computes the real-world permitted traffic based on the configuration information gathered from filtering devices. Using the Network Path Explorer feature, users can query the topology model for allowed traffic flows and compare the results to security policy requirements to quickly identify and pinpoint important infrastructure discrepancies that affect security and availability of key services.

 

The SRM ThreatMap displays graphically, one breach at a time, the multi-step path an exploit may take in penetrating critical business resources. The threat map is based on the traffic analysis, any host patch and vulnerability data, and RedSeal's own knowledge base of vulnerabilities and impacts.

 

RedSeal's SRM conducts a risk analysis that measures the network's risk posture based on calculation of the probability of exposure as well as the value of network assets. The output is represented as mapping of risk hot spots. The RiskMap? layout is designed with functional roles in mind, allowing users to quickly locate network areas and key business assets that are the targets of threats. Users may drill down on a hot spot to see the constituent elements (i.e. servers) and the threats to which they are exposed.

 

RedSeal aggregates the outputs of traffic, threat and risk analysis in a number of pre-configured reports. This actionable information ranges in content from giving a detailed network inventory, to a list of all Network Configuration Checks conducted per device and is inclusive of the vulnerabilities and risk scores of servers, device groups and key assets. The reports can serve as a punch list of all open security items to be addressed as well as a running record of how the risk of exposure of key assets is trending over time.