FireMon Unveils Network Security Analyzer

Risk Analyzer gives FireMon's 75 partners the option of selling a new standalone product or using the software themselves to sell risk-assessment services, Jody Brazil, president and chief technology officer, said. The new product starts at $30,000.

Overland Park, Kan.-based FireMon targets a couple of niches within the security market. Its Security Manager builds a management layer on top of an organization's firewalls, while Risk Analyzer builds a priority list from the thousands of systems and application vulnerabilities detected by corporate scanners from vendors like Qualys or Rapid7. The new product stems from FireMon's acquisition in April of risk analysis firm Saperix Technologies.

Risk Analyzer crawls through a corporate network building a chart of the network systems that malware would travel through -- firewalls, switches, routers, proxies and intrusion detection and prevention systems. With the model, the tool presents a risk score that a company can use to determine whether subsequent actions taken actually decrease risk.

Along with the score, Risk Analyzer prioritizes vulnerabilities that need to be fixed as quickly as possible for the greatest improvements in security, Brazil said. The assumption behind the tool is that not all vulnerabilities are important. For example, a flaw in an application that's not exposed to the Internet would carry less risk than a vulnerability on a Web server. "There's a difference between vulnerability and risk," he said.

Making that distinction is how companies can get the most out of their security budget by spending money on the most critical problems, Brazil argues. In addition, Risk Analyzer can provide metrics when chief information officers ask whether security is improving. "This is a solution that helps answer that question," he said.