Industry and governmental compliance mandates are only a basic guideline needed to ensure a minimum standard of security when applied across all participating organizations. To be compliant, an organization needs to undergo an audit to ensure the IT controls are functioning appropriately and that the policies and procedures are in place.
Unfortunately, IT audits are typically “snapshot’s” that happen infrequently and rarely reflect the true operational security posture of the network. The less automated and more complex the network, the greater the human effort required and more likely an outcome of incorrect findings. These efforts are also very costly which often reduces the frequency of an audit to an annual event for most companies.
It is this lack of automation that reduces the amount of accurate, traceable data on network device configurations and the changes made that can leave an organization open to attack, even if they have complied with an audit just a few days prior. Change is constant in a large complex network and if not properly tracked or validated, it can incur significant risk. Regulators continue to extend and refine the requirements of their network security standards, forcing organizations to prove that these measures have not only been implemented but are also being validated to ensure continuous compliance.
Continuous Monitoring with RedSeal Networks
RedSeal gives security and audit management staff the ability to define required policies and analyze compliance network-wide on an ongoing basis to:
- Confirm that controls are in place and functioning to enforce zone relationships within the specific parameters of regulations including PCI DSS, SOX, FISMA, NERC CIP, and FFIEC, FINRA, BASEL II.
- Provide auditors with detailed proof demonstrating that compliance is being maintained continuously and validated via automation on a regular basis.
- Document justification for access and detail any temporary exceptions including information on who exactly requested any modifications, as well as when it was granted, and why.
- Automates thirty seven requirements within Sections 1, 2 6, 10 & 11 of the PCI-DSS 2.0 Compliance Standard.
- Address both the continuous audit and controls monitoring disciplines of Layer 3 network infrastructure devices and host vulnerabilities across the end-to-end network.
Zones and Policy Engine
The Zones and Policy engine within the RedSeal 6 Platform allows an organization to perform continuous compliance monitoring of network access controls and segmentation against regulatory or internal information security policies. Zones and Policies can be as simple or as complex as defined by an organization. For instance, companies could map their NERC CIP or SOX controls to a policy, or simply identify critical systems and evaluate all access from the entire network to those systems. Zones can be comprised of logical networks and subnets regardless of where they are physically deployed around the world.
RedSeal allows organizations and government agencies to ensure that policies are being translated correctly, preventing the infrastructure from falling out of compliance. It also communicates the security posture of the network more effectively with auditors to avoid
failed assessments and subsequent fines.