Gartner Research

How to Assess Risk and Monitor Compliance of Network Security Policies

Published: 26 June 2013

ID: G00245784

Analyst(s): Phil Schacter

Summary

A maturing class of tools discovers Layer 3 network controls and topology and enables associated risk assessment and compliance monitoring activities.

Table Of Contents

Summary of Findings

Analysis

  • Policy Assessment, Risk and Compliance
  • Policy Life Cycle Management, Change Tracking and Workflow
  • Operational Support, Availability and Problem Determination
  • Technology Trends
    • Virtualized Data Center Infrastructure
    • Cloud Computing and Cloud-Hosted Security Services
    • Device Support and Partner Programs
    • Network-Aware Tools
    • Next-Generation Firewalls
    • Automated Policy Provisioning
    • Network-Aware Vulnerability Triage
  • Maturing Market and Positioning
    • Firewall Analytics
    • Policy Management or Policy Life Cycle Management
    • Security Risk Management and Continuous Compliance Monitoring
    • Security Posture Management
    • Network Security Intelligence and Orchestration
    • Future Market Development and Positioning
    • Market Consolidation Opportunities
    • Market Outlook

Comparison

  • Rule Cleanup and Optimization
  • Routing Path Analysis and Network Topology Awareness
  • Application Context and Connectivity Management
  • Simulate and Assess Risk and Compliance Impact of Changes
  • PCI DSS and Other Compliance Reports
  • Request Workflow and Ticketing Systems
  • Vulnerability Analysis
  • Real-Time Event Correlation and Analysis
  • Push Rules
  • Platform Security Checks
  • Use Tools for Rule and Path Analysis in Complex Networks
  • Complement Device-Specific Configuration Management Interfaces
  • Shift to Proactive Change Monitoring and a Request Reconciliation Process
  • Prioritize Vulnerability Remediation Based on Network Context
  • Document and Manage the Life Cycle of Access Policies
  • Regularly Monitor and React to Trends in Risk and Compliance

The Details

  • AlgoSec's Security Management Suite v6.4
    • Supported Devices
    • Firewall Rule Assessment and Optimization
    • Network Topology Discovery and Path Analysis
    • Application Context
    • Operational Support and Problem Determination
    • Workflow and Policy Life Cycle Management
    • Compliance Verification and Reporting
    • Push Rules
    • Platform Security Checking
  • FireMon's Security Manager v7.0, Policy Planner and Risk Analyzer
    • Supported Devices
    • Firewall Rule Assessment and Optimization
    • Network Topology Discovery and Path Analysis
    • Operational Support and Problem Determination
    • Workflow and Policy Life Cycle Management
    • Compliance Verification and Reporting
    • Real-Time Event Correlation and Analysis
    • Vulnerability Management
    • Platform Security Checking
  • IBM Q1 Labs QRadar Risk Manager 7.1
    • Supported Devices
    • Firewall Rule Assessment and Optimization
    • Network Topology Discovery and Path Analysis
    • Operational Support and Problem Determination
    • Compliance Verification and Reporting
    • Real-Time Event Correlation and Analysis
    • Vulnerability Management
  • NetCitadel's Threat Response Platform
    • Supported Devices
    • Real-Time Event Correlation and Analysis
    • Push Rules
  • RedSeal's RedSeal 6 Platform
    • Supported Devices
    • Firewall Rule Assessment and Optimization
    • Network Topology Discovery and Path Analysis
    • Application Context
    • Operational Support and Problem Determination
    • Workflow and Policy Life Cycle Management
    • Compliance Verification and Reporting
    • Vulnerability Management
    • Platform Security Checking
  • SolarWinds Firewall Security Manager v6.4
    • Supported Devices
    • Firewall Rule Assessment and Optimization
    • Network Topology Discovery and Path Analysis
    • Operational Support and Problem Determination
    • Documentation and Life Cycle Management
    • Compliance Verification and Reporting
  • Skybox Security's Skybox View Enterprise Suite 6.5
    • Supported Devices
    • Firewall Rule Assessment and Optimization
    • Network Topology Discovery and Path Analysis
    • Operational Support and Problem Determination
    • Workflow and Policy Life Cycle Management
    • Compliance Verification and Reporting
    • Vulnerability Management
    • Platform Security Checking
    • Real-Time Event Correlation and Analysis
  • Tufin's Security Suite R13-2
    • Supported Devices
    • Firewall Rule Assessment and Optimization
    • Network Topology Discovery and Path Analysis
    • Application Context
    • Operational Support and Problem Determination
    • Workflow and Policy Life Cycle Management
    • Compliance Verification and Reporting
    • Push Rules
    • Platform Security Checking

Conclusion

©2020 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner’s prior written permission. It consists of the opinions of Gartner’s research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see Guiding Principles on Independence and Objectivity.

Already have a Gartner Account?

Become a client

Learn how to access this content as a Gartner client.