www.firemon.com

Location: Varies

Travel: 50-70%

Department: CTO

Supervisor’s Title: VP of Solutions Architecture

POSITION SUMMARY
The Principal Solutions Architect is a bespoke solutions sales and delivery position, which requires assisting Account Executives and Sales Engineers in driving holistic security solutions focused on People, Process and Technology. The Principal Solution Architect applies practical industry expert experience and knowledge to address the specific needs of the client, obtains credibility for Firemon, and achieves a personal relationship with the client as is necessary to secure the opportunity and high-level manage to the success of profitable delivery. In addition the Principal Solutions Architect acts as an evangelist educating and discussing next generation solutions as it relates to the Security Architectures

PRIMARY DUTIES AND RESPONSIBILITIES

Partner with applicable partners from a technical perspective and create good will with our partners (including obtaining and maintaining select certifications.)
Assist in selling Firemon products and services. Create client statements of work and generate the bill of materials.
Deliver and manage large custom programs to clients leveraging people, process, and technology
Manage delivery outsourcing relationships on specific opportunities.
Overall attention to accuracy and detail with regard to documentation, Bill of Material (BOM), State of Work (SOW) and all written and verbal communications is critical to success.
Respond to customers, AEs and focus partners in a timely manner.
Present technical presentations and show true thought leadership to large groups and effectively communicate with all levels of internal and external customers
Set and meet expectations with regard to SOW, BOM documentations and other deadlines.
Resolve escalated questions or issues.
Mentor and coach Sales Engineers.
Own CISO, CIO, and CTO-level relationships with key customers.
Contribute to architecture discussions in a holistic manner covering people process and technology
Assist or lead in delivery of high level architecture engagements
Help develop lab scenarios for other Sales Engineers to run through in the lab environment.
Perform other duties as assigned.

QUALIFICATIONS
Education and Experience

High school diploma or general education degree (GED) required.
Bachelor’s Degree (B.A.) from four-year college or university in Computer Science or a related field of study; or one to two years related experience and/or training; or equivalent combination of education and experience required.
Must be able to communicate and present clearly to clients in all levels of an organization
Solid experience in architecture design experience, including datacenter, security and networking
Solid Experience in Datacenter Operations and Security Operations
Experience in major cloud provider architectures including AWS and Microsoft
Solid grasp of multiple enterprise operating systems, including flavors of UNIX, Linux, and MS Windows required.
Experience working in teams required.
Self-motivated with strong work ethic, able to work with minimal direction required
Strong organizational skills and ability to manage multiple projects with varying time lines required.
Ability to travel up to 70% of the time. Current valid U.S. driver’s license required
Advanced knowledge of leading security and datacenter products (examples include but not limited to Palo Alto, Juniper, Checkpiont, Cisco, Juniper, Brocade, Arista)
Experience giving technical and non-technical presentations or presenting to large groups preferred.

Language Skills
Ability to read, analyze and interpret general business periodicals journals, technical procedures, or governmental regulations. Ability to write reports, business correspondence, and procedure manuals. Ability to effectively present information and respond to questions from groups of managers, clients, customers, and the general public.

Reasoning Ability
Ability to define problems, collect data, establish facts, and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables. Ability to interpret a variety of instructions furnished in written, oral or from a sales quote.

Interested and qualified for an open position? Please send your resume to jobs@firemon.com

The post Principal Solutions Architect appeared first on FireMon.

While at least one epic winning streak ended over the weekend as Kentucky lost its bid to conquer the NCAA Men’s Basketball Tournament, FireMon’s Ignite Partner Program and Vice President of Channels Todd DeBell continue to rack up the titles.

thevarguy_2011 Earlier today, IT channel experts once again recognized DeBell for his industry-leading accomplishments in advancing FireMon’s channel efforts as he was named as one of The VAR Guy’s “Top 50 Channel Influencers”. With seven individual nominations – more than any other candidate listed by the channel media publisher – Todd, and the Ignite Program he spearheads, clearly continue to command widespread attention.

This latest accolade comes on the heels of last month’s news that for the third year in a row, FireMon was awarded a 5-Star rating in the CRN 2015 Partner Program Guide, with DeBell named as a CRN “Channel Chief” for the fourth year running.

As noted in FireMon’s recent Channel Momentum Press Release, the Ignite Program enjoyed a banner year in 2014, with 55 percent year-over-year sales growth driven by a 28 percent increase in new global partnerships, including triple-digit expansion in international markets and the federal sector.

Along with the recent industry recognition, FireMon’s channel efforts have also gotten off to a hot start in 2015, with the re-launch of its Partner Portal and related sales programs generating over 1,000 new business leads in only 45 days since introduction.

FireMon also recently completed its North American Distribution Launch with WestconGroup – through which it added 15 new channel sales partners – and continued to expand its global distribution network in other regions.

What’s the secret to this consistent success?

“The strength of FireMon’s platform and the updates to our Ignite Partner Program are making it easy for partners to select FireMon,” said DeBell. “Our partners see a true business opportunity because end users are asking for us by name and we rapidly enable them to deliver results that drive additional opportunities.”

With the annual RSA Conference coming up in just a few short weeks and FireMon scheduled to meet with many new and existing partners at the show in San Francisco, the Ignite program remains poised for continued expansion.

So while some record-breaking seasons have come to an end, it’s worth noting that today is Opening Day for Major League Baseball teams, and that for many teams the year is just getting started. To become part of a championship-caliber organization, contact channels@firemon.com for more information.

The post Channeling Excellence – FireMon’s DeBell Extends Win Streak appeared first on FireMon.

As we power through the excitement and unrelenting pace of RSA Conference 2015 this week in San Francisco, the larger theme for FireMon, as always, centers on advancing visibility in the network.

With the annual industry confab running in full swing, we’re engaged in all the traditional “awareness” activities – meeting attendees on the show floor, hosting customers and partners at gatherings and, yes, taking stock of all the other vendors decamped here to see who’s making noise.

However, above the din of this year’s recurring themes (threat intelligence and securing the cloud, for starters) and all the flashing lights dispersed both inside and outside the Moscone, I’m proud to say that FireMon has much more than sleight of hand to offer to anyone who’s looking beyond the surface.

On Monday, we took the wraps off Security Manager 8.0, by far the most advanced product in our ten year history; that revelation should be no surprise, as it’s our latest platform iteration, but innovation across the entirety of our flagship solution has resulted in something landmark.

From its redesigned horizontal data architecture, to its all new, KPI-laden interface – and just about everything in between – Security Manager 8.0 is an entirely different approach to management of network security infrastructure.

If FireMon has traditionally delivered a leading-edge set of capabilities for proactive analysis and improvement of network defenses, Security Manager 8.0 moves the needle in terms of providing continuous visibility into the critical factors that allow today’s security practitioners to achieve that goal – automatically surfacing that data at their fingertips.

Within the new KPI dashboard interface, the ability to isolate and examine detailed information regarding network security policies has been significantly expanded with the Google-like Omni-Search toolbar, and with the introduction of a heavily augmented Security Intelligence Query Language (SIQL).

As network security systems evolve, so must the solutions used to optimize their alignment. A revamped Traffic Flow Analysis (TFA) provides application-centric functionality to enable adoption of next-generation firewall architecture. On a related note, there’s also platform-wide support for use with IPv6 protocols.

With environments becoming more complex and segmentation more intensive, translation of network security infrastructure into conclusive, actionable views is equally important – addressed through enriched Access Path Analysis (APA) and Network Map Visualization NMV).

Despite anyone’s wish that standards compliance might disappear, PCI DSS 3.0 has increased requirements to embrace continuous assessment, and Security Manager 8.0 enables this process with dedicated reporting, approved by the PCI Council, to validate ongoing adherence.

Whether it’s the scalability, actionable dashboards or automated workflows introduced with this release, or even the increased flexibility resulting from its improved device SDK integration, Security Manager 8.0 directly addresses the specific needs of today’s organizations in managing their most fundamental and critical network defenses.

As always at RSA, there is a lot of tremendous research and development being unveiled, as well as a fair share of repackaging the same old thing, thinly veiled behind smoke and mirrors.

We’ve hired a magician and leveraged the theme of “tricks to effective network security management” to attract show-goers to our exhibition hall booth, but anyone who is watching closely should notice clearly that FireMon isn’t attempting to engage in distraction or misdirection.

Security Manager 8.0 introduces an entirely new approach to heightening visibility into and control over network security infrastructure. Stop by booth #1127, sign up for the webcast or request a demo to see the product for yourself.

We know you’ll be impressed by our latest innovation.

The post Advanced Visibility: Introducing Security Manager 8.0 appeared first on FireMon.

Anyone who attended the RSA Conference 2015 last week in San Francisco likely found themselves overwhelmed by the presence of security intelligence.

Whether it was the palpable human intellect present in the Moscone or all the security solutions positioned around the term “intelligence” on the show floor, one thing was certainly clear – the industry isn’t lacking in this area.

People smarts aside, many providers including FireMon have leveraged “intelligence” to articulate the value of their solutions for some time. The rise of the formal “threat intelligence” segment –the aggregation, analysis and delivery of information regarding emerging attacks – has only served to further popularize use of the term.

But let’s face it, no matter what type of intel you sell, the degree to which that information is actually actionable to its intended audience is the only real measurement of its value. This assertion is emphasized in the recently published Verizon 2015 Data Breach Investigations Report, which calls out threat intelligence in particular, citing the need for application of such data within a detailed context.

At FireMon, we’d argue that our solutions generate a particularly valuable breed of intelligence in providing continuous visibility into a wide range of critical aspects of network security management. Nowhere is this more evident than in the dashboard interface of Security Manager 8.0, which presents the user with a number of related Key Performance Indicators (KPIs).

Made possible through a re-engineered horizontal architecture, which my colleagues will address in subsequent posts, Security Manager 8.0 KPIs flip the management model on its head. Users are no longer required to seek out specific indicators of device and policy management on their own. Instead, that crucial information is provided to them in the dashboard.

What are some of the KPIs that Security Manager 8.0 generates? Among the most important are measurements including:

Average Security Concern Index (SCI) – the current level of firewall policy severity present throughout the existing infrastructure. This helps drive overall improvement.
Devices by SCI & Devices with Critical SCI – the most complex network security devices and which of those represent critical security management issues
Rules with Critical Control Failures – the rules in your policies that actually represent significant issues and result in real world gaps in security. This helps prioritize follow-up.
Redundant Rules & Unused Rules – rules currently implemented within your policies that are non-essential, obsolete and problematic. This allows for cleanup and removal.
Rules Identified for Improvement – firewall rules and resulting policies that can immediately be adapted to bolster security and drive down unnecessary complexity.

Continuous delivery of this data via the Security Manager 8.0 interface advances our flagship solution from one that allows practitioners to hunt down information around complexity, change and overall network security effectiveness, to one that proactively arms them with that actionable information.

The post Security Manager 8.0 KPIs – Actionable Security Management Intelligence appeared first on FireMon.

At FireMon, our core value lies in the intelligent interpretation of the configurations and events from devices on the network that apply policies. Understanding these concepts gives our customers a better picture of the true state of security in their environment. From that interpretation, we make specific recommendations to resolve issues that arise from normal operation of policy-based devices over time.

Speaking of policy and operations, over the last several years, many of our customers have migrated their firewall devices from traditional, stateful-inspection systems to devices with next-generation capabilities. This isn’t to say that they’ve all actually migrated to next-generation policies. With adoption of NGFWs, a whole new range of distinct capabilities exist, but we often continue to operate these devices with standard stateful-inspection policies – not fully leveraging the advanced security features that take management of network security to the proposed next-gen level.

This is where Security Manager 8.0 comes in. Regardless of the stage of your migration efforts – whether planned, initiated or completed – we can use next-gen-aware features to adapt policies and maximize the potential of these advanced devices.

A few examples of these capabilities include:

Policy Optimization – encompassing the cleanup and improvement of next-gen policies
NGFW Migration – evolving policies to account for and enable NGFW features
Applications Mapping – advancing policies to address specific policy items and/or flows

FireMon’s insight into both the configured policy and, just as importantly, the policy that is actually in use – and yes, these are often two different things – allows you to optimize your next-gen configuration to match how you actually plan to utilize the firewall in your network.

And once the next-generation firewall is in place, you can use FireMon’s Traffic Flow Analysis (TFA) feature to apply applications and user intelligence to these updated NGFW policies. This can be done either on a collection of security rules within your policy or based on a selection of source and destination networks. This can enable both firewall migration and policy conversion to an app-aware design.

As it was highlighted in the State of the Firewall Report, the vast majority of organizations have already deployed some level of NGFW systems, though only a very few count NGFWs among the majority of their firewalls. This clearly points out that the importance of NGFW policy migration will continue to grow as a critical capability within security management.

In a sense, FireMon Security Manager 8.0 represents the next-generation of management systems for network security device infrastructure based on its NGFW-specific capabilities. If you’re interested in seeing the product at work, just request an evaluation.

The post Next-Generation Management for NGFW Polices appeared first on FireMon.

When FireMon made the strategic decision to rebuild its industry-leading platform architecture, the goal was not simply to keep pace with others in the market today, but to further establish Security Manager as the only solution of choice for enterprise class organizations.

In achieving this goal, Security Manager 8.0 offers a new horizontal architecture that delivers previously unavailable performance and scalability. This further extends FireMon’s ability to provide deep, centralized visibility into changing network access vectors, allowing for highly actionable, dashboard-level views that empower network operations and security management teams to monitor network security infrastructure continuously.

Why is the underlying architecture so critical to the success of a solution like Security Manager? The value is found in its overall ability to scale to monitor configuration changes across hundreds, and many times thousands, of devices across an enterprise environment. This is all accomplished while rendering data quickly for the user to make important decisions.
Security Manager has always represented the state-of-the-art in scalability; however, driven by this new horizontally distributed data architecture, we’ve significantly advanced FireMon’s end-to-end performance.

For instance, Security Manager now distributes functions across multiple application servers to perform simultaneous analysis and normalization across platforms from multiple vendors, all while splitting out reporting functions on a dedicated appliance. In fact, all functions can now be run on a single appliance, or across multiple appliances, an extremely valuable capability that no other provider can match.

Several client environmental factors can also be used to effectively determine overall solutions scalability including key elements like events per second (EPS), frequency of change of monitored devices, and size of the configurations of monitored devices. Based on these elements, FireMon’s solution has always been ready to extend its scalability to handle numerous variables within customer environments, and Security Manager 8.0 further reinforces this strength.

Another key factor in building a world-class scalable solution is the ability to scale the database component of the given environment. With the release of Security Manager 8.0, FireMon will provide an option for customers to acquire an off-box database appliance for the first time.

Leveraging an off-box database in Security Manager 8.0 also allows for clustered application servers. Application server clustering allows for the use of multiple host resources to increase system performance, front-ending them with a load balancer to allow for multiple servers in the pool and pushing responses back to the client. The capability for clustered database servers is another feature on the short-term development horizon at FireMon.

FireMon has also spent a great deal of time developing a network-aware indexing architecture for handling security-related events, creating an entirely new engine that can be leveraged to search your policies in a previously unavailable manner. This engine is the power behind another one of Security Manager’s groundbreaking new features, the Security Intelligence Query Language (SIQL), which enables even faster, more actionable analysis than ever offered before.

FireMon will also be announcing its most powerful hardware appliance server yet made available, delivering the state-of-the-art for hard drive, memory and processing power capabilities. And lastly, the FireMon Operating System (FMOS) gets a lift via migration to the CentOS7 derivative of Red Hat, improving the robustness, reliability, scalability and security of our flagship solution.

In summary, our new horizontal architecture takes everything that FireMon has always offered as a market-leading capability around scalability and performance – enabling truly real-time, continuous assessment and monitoring – and increases that strength exponentially.

The post Security Manager 8.0 Architecture – Unmatched Enterprise Scalability appeared first on FireMon.

There’s no question that one of the most significant challenges facing today’s IT and network security practitioners is the continued adoption of cloud-based services, along with the concurrent evolution of related networking methodologies including Software Defined Networking (SDN) and DevOps.

For those of you who followed the FireMon State of the Firewall Report released in March, you’ll recall that one of the key findings of our survey of 700+ respondents was that – contrary to some opinions – traditional network security infrastructure will play a significant role in emerging cloud, SDN and DevOps environments.

In fact, the “Emerging Paradigms” segment of the report found 87% of respondents attesting that traditional or NGFW devices currently play a valuable role in securing virtualized environments. Another 60% indicated that those mechanisms already play a valuable role in securing cloud platforms.

One of the related issues that we’ve heard from analysts such as Gartner’s Greg Young is that many organizations have taken the all too familiar “adopt first, secure later” approach to the cloud. The most common scenario finds IT organizations spinning up instances to suit emerging business requirements, then deducing after the fact that additional security controls are required.

The involved work is typically acquitted slowly and piecemeal, based largely on a lack of dedicated funding. A good deal of effort goes into migration of existing network security infrastructure, and more importantly network security policies, to support cloud services.

This week, longtime industry analyst Jon Oltsik of Enterprise Security Group published additional research supporting these conclusions based on a survey of 150 IT security professionals about “challenges associated with enforcing security policies in public and private clouds.”

According to ESG’s survey, 32% of respondents said their organizations use multiple public/private cloud offerings and find it “difficult to coordinate security operations consistently across all areas.” Additionally, Oltsik notes that 31% of respondents believe “cloud computing exacerbates communications and collaboration problems” between operations and other IT groups.

Other key findings identify issues applying existing security policies to the cloud, troubleshooting cloud security problems and managing security controls that span both physical and cloud-based infrastructure.

The fact is, when you add it all up, a set of complex security management issues related to the evolution of networking is rapidly formalizing, and organizations are struggling to address them. At FireMon, we’ve not only encountered this in our research, but more importantly among our customers, mostly large enterprises.

As this scenario plays out, more effective best practices and technological solutions will clearly need to emerge as well. We’re already moving to address that opportunity, as evidenced by FireMon’s support for Amazon AWS and OpenStack Icehouse.

The new FireMon security architecture group is also working actively to help push our solutions ahead of the curve so that we’re there to support customer use of these rapidly maturing networking paradigms and the inherent security management issues they create.

And we’re just getting started on the next State of the Firewall Report which will seek to further outline many of these trends. If you have specific issues you’d like to see covered, .

The post Research: Cloud Security Concerns Mature appeared first on FireMon.

Job description
FireMon is a fast growing network security software development company based in Overland Park, KS. We have developed industry-leading Security Management and Network Risk Assessment Technology that is helping organizations globally protect and defend their corporate assets. FireMon strives to attract, cultivate, and retain exceptional talent. If you are interested in a growth opportunity, we encourage you to apply and start helping companies solve their growing security challenges.

FireMon is seeking an Inside Sales Engineer (ISE) to become an integral member of the FireMon Inside Sales Team. The candidate must have the aptitude to develop an expert understanding of the FireMon product portfolio, system architecture, and technical solution positioning. As a FireMon ISE you will learn how to explain, deftly demonstrate, and effectively communicate our product value proposition to potential customers.

Key Responsibilities:

Act as the technical point of contact during the sales cycle running product demonstrations, providing technical training and playing a key role in evaluations and pre-sales implementations
Monitor evaluation activity, working closely with the client to ensure business requirements are well defined, system is configured appropriately and key objectives are well defined
Work with client over the course of the evaluation to ensure strong adoption of system usage is in place and the necessary metrics for the evaluation are collected in order to prove product
value proposition at the conclusion of the evaluation period.
Expert on FireMon’s product portfolio, solution architecture, and key technical strengths
Must be comfortable leading online presentations and comfortable engaging the client’s technology team discussing product requirements and positioning
Keep up to date on competitor’s products in the market and provide feedback and input to product marketing on roadmap requirements and product direction
Work closely with the engineering/ development team on troubleshooting any issues, providing detailed input to diagnose and resolve client issues
Be able to perform in a high activity atmosphere and multi-tasking concurrent engagements
Understand client requirements and translate those requirements into FireMon solution offerings

Desired Skills and Experience Requirements:

College degree or diploma; equivalent work experience will be considered
2+ year work experience in related field
Strong presentation skills with the ability to build quick audience rapport
Solid understanding of network security, firewall management, and risk assessment technology
Ability to present, educate, and handle diverse Q&A sessions during presentations
Strong organizational skills coordinating both internal and client resources
Strong problem solving capabilities with a ‘get it done’ attitude, helping to overcome any technical hurdles, or objections, with the adoption and implementation of FireMon solutions during the presales process
Team player with excellent oral and written communication skills with the ability to work independently when required
Ability to adapt and work efficiently in a dynamic environment
Fluent in additional language used within the region will be a plus.

Locations
EMEA, NA, LATAM, APAC

Interested and qualified for an open position? Please send your resume to jobs@firemon.com

The post Inside Sales Engineer appeared first on FireMon.

Job description

FireMon is a fast growing network security software development company based in Overland Park, KS. We have developed industry-leading Security Management and Network Risk Assessment Technology that is helping organizations globally protect and defend their corporate assets. FireMon strives to attract, cultivate, and retain exceptional talent. If you are interested in a growth opportunity, we encourage you to apply and start helping companies solve their growing security challenges.

FireMon is seeking is seeking an exceptional individual for the Sales Engineer position to join our rapidly growing sales team.
Ideal candidates will be able to explain, clearly demonstrate, and effectively communicate our value proposition to potential customers. The candidate must have the aptitude to develop an expert understanding of the FireMon product portfolio, system architecture, and technical solution positioning.

Key Responsibilities

Be perceived as a technical expert and trusted resource
Build relationships with multiple functions, including managerial and executive levels as required
Fully understand the client’s business model and organizational structure
Expert understanding of FireMon’s product portfolio, architecture, and key technical strengths
Must be comfortable leading online presentations and comfortable engaging the client’s technology team discussing product requirements and positioning
Be able to perform in a high activity atmosphere while multi-tasking several concurrent engagements at once

Desired Skills and Experience Skills / Requirements

BS, EE/CS degree or technical school certificate or applicable experience
Minimum 6+ years’ experience that emphasizes networking routing, firewall management, vulnerability risk assessment, or related technologies
Strong presentation skills with the ability to build quick audience rapport
Strong network security skills with an emphasis on firewall management and network risk assessment technology
Strong organizational skills
Strong problem solving capabilities with a ‘get it done’ attitude
Team player with the ability to work independently when required
Ability to adapt and work efficiently in a rapidly changing dynamic environment with a willingness to manage multiple simultaneous projects
Willing to travel
Fluent in additional language used within the region will be a plus.

Locations
EMEA, NA, LATAM, APAC

Interested and qualified for an open position? Please send your resume to jobs@firemon.com

The post Sales Engineer appeared first on FireMon.

As editor-in-chief at DevOps.com, I spend a lot of time speaking with organizations about their operations. One of the most consistent themes I hear is that with today’s infrastructure – whether it’s related to code, cloud and virtual environments, on and off-premises, big data or application-centric – the complexity of managing and orchestrating IT is a difficult, if not impossible task.

There’s no doubt that this is most certainly the case with all the aforementioned factors to consider and, respective of that, all the moving parts in modern IT environments. However, I also try to remind people that this is a similar scenario to the realities we have dealt with in managing firewall rules for many years.

When I first started in security last century (not as long ago as that sounds), it was common for an organization to have a firewall or two, maybe even four if they were a really big shop. These firewalls always lived at the perimeter, and truthfully they were relatively simple devices. They could block traffic based on what port it was coming in or out of, and what IP address it was coming from, or going to.

That all sounds pretty simple but even then, in the hands of a network admin or two, the amount of rules that would pile up on top of each other over time would become astounding. Pretty soon you’d have a complex web of policies on your hands, much like the tangled mess wires found inside a data center.

firemon-curing-complexity Of course, as firewalls started to proliferate across the network, internally as well as at the border, this situation only grew worse. On top of this, firewalls themselves grew increasingly more complex and the rules you could set became more sophisticated. Layer the rapid employee turnover typical within many IT departments on top of this, and things began to get out of control. Within 18 months you could have rules that were put in place two or three admins ago, leaving the present admins with no clue as to why those rules were even there. Eventually, something had to bring order to this rapidly-scaling Tower of Babel.

Thankfully, driven by this reality, along came solutions like FireMon Security Manager The value proposition of FireMon was pretty straightforward, addressing this operational nightmare and giving practitioners something to help to make the overly complex firewall rules management process simple.

With this innovation, admins could now see what rules they had to address – and maybe even why they were there in the first place – then change them, delete them or enforce them, selectively or not. Eventually, you were able to automate firewall policy monitoring in general, and that brought a whole new approach to larger issues of network security management too.

Fast-forward to the current environment, where it’s not uncommon to find enterprise environments with hundreds of firewalls, where all of those evolving IT management paradigms that I listed are advancing rapidly. Without automated solutions, it’s hard to image how we could even begin to manage a world where organizations have to consider thousands, if not tens of thousands of extremely complex firewall rules and policies.

The folks in IT operations need to consider all of this and take heart, because the evolution of firewall management has proven that it is possible to manage complexity, with the reality that firewalls are still promulgating everywhere as living proof that tackling what may seem hopeless today, will become conceivable.

The truth is, while addressing today’s cloud-sprawling, continent-spanning IT infrastructure appears even more complicated than management of firewall rules at first blush, I’m confident that the market will respond with tools to make this all seem relatively simple someday.

I see this as a great market opportunity that several solutions are already seeking to answer. I don’t know which solution or set of solutions will eventually win, but I do know that it will have to thank tools like FireMon for showing us how to make the once seemingly impossible, possible.

The post Firewall Rule Management: Curing Technical Complexity appeared first on FireMon.

This year’s Gartner Security & Risk Management Summit strongly reaffirmed the pivotal role that network firewall infrastructure will continue to play, both today and in the immediate future.

While the annual analyst conference advanced an array of forward-looking concepts and methodologies, with the central theme of maturing best practices to support evolving digital business initiatives, the firewall’s role as a foundational element of security management schemes was unequivocally reinforced.

Tracking closely with the findings of FireMon’s State of the Firewall 2014 Report, Gartner analysts underlined importance of firewall infrastructure in stemming the current tide of breach incidents and grappling with further adoption of emerging networking models.

For starters, the market for firewalls remains the single largest area of IT security spending and only continues to expand. As Analyst Adam Hils highlighted in his overview of the 2015 Gartner Magic Quadrant for Enterprise Network Firewalls, the market reached $9 billion in 2014, a 9.5 percent annual increase; spending is slated to reach $10.5 billion in 2015, representing 10 percent annual growth.

Driven by a consistent five-year tech refresh cycle and adoption of more expensive next-generation firewall (NGFW) devices, Gartner expects the market to expand by 10 percent annually through at least 2017.

For the record, Hils and his colleague Greg Young, Gartner’s longtime network security czar, predict the “next-generation” moniker will fade, replaced by “enterprise firewall” as organizations shift toward ubiquitous adoption of devices that integrate IDS and malware sandboxing.

In their forward-looking “Network Security 2020” predictions, the two experts forecast that firewalls will remain critical even as the hotly discussed market for cloud access security brokers (CASBs) evolves. In fact, the analysts said such providers will not replace the need for firewall systems, but that the respective technologies are more likely to integrate.

The Gartner firewall “MQ” also contends that despite the rapid uptake of virtual and cloud platforms, virtual firewalls won’t exceed 10 percent of the overall market by 2018. This further reinforces the State of the Firewall’s finding that existing firewall infrastructure will not be quickly rendered less important by these emerging paradigms.

Beyond the presentations specific to network security, longtime Gartner analyst Neil MacDonald touted the need for more advanced monitoring and analytics capabilities to find their way into the “core” of next-generation security platforms in his annual review of Gartner’s emerging Adaptive Security Architecture model – a framework of processes and technologies conceived to help ward off advanced attacks. Such capabilities will help organizations move beyond existing siloes of security management data to gain a more effective, actionable IT risk management approach, MacDonald said.

That certainly jibes with our perspective here at FireMon, as we evolve our own solutions capabilities along those very lines to both amplify and extend the existing features found in the NGFW devices with which we integrate today.

Having attended the Gartner Summit many years now, it’s fascinating to see how quickly some areas of IT security evolve, while many of the larger issues – such as finding a way to cut through the avalanche of data to better empower business – always remain the same.

Both in listening to the experts and connecting with security practitioners on the expo floor, one takeaway was clear – the need to improve and advance management of network security infrastructure, specifically firewalls, remains as important as ever.

The post Gartner Summit Touts Firewall Fortitude appeared first on FireMon.

As my view of network security is grounded in my experience as a real-world practitioner I’ve always sought to back opinions with qualitative research, even when the evidence seems perfectly clear.

That said, when we hatched the idea of launching a new survey aimed at discerning the views of today’s enterprise security professionals regarding the “State of the Firewall”, I have to admit that I wouldn’t have predicted such resounding, thought-provoking results.

Based on over 700 responses garnered from wide range of practitioners representing a broad cross-section of vertical industries, the State of the Firewall 2014 Report, released today, firmly reinforces that firewalls remain as critical an element of network security strategy as ever. In fact, 92 percent of survey respondents directly endorsed this assertion. Along with this overarching validation of the firewall’s continued relevance, the report also sheds light on many other compelling concepts.

For starters, perhaps it’s not surprising that next-generation firewalls (NGFWs) are gradually taking over, with over 88 percent of respondents having already deployed at least some of the systems. However, many observers might be surprised that respondents rated both API integration capabilities and next-generation functionality as highly (or even higher in the case of APIs) as they ranked traditional factors of price, performance and manageability when selecting new device platforms.

This finding speaks volumes to me regarding the strategic nature of firewalls and the manner in which today’s practitioners are employing them – tying the devices even more deeply into overall security management via integration with other systems and deployment of advanced NGFW features, including applications awareness.

Yet, the biggest surprise, and perhaps greatest evidence of the firewall’s continued importance is found in the report’s final section where emerging networking paradigms including virtualization, cloud computing, software defined networking (SDN) and DevOps are addressed.

Clearly, many people believe that these evolving networking methodologies will introduce entirely new security models, and I wouldn’t argue that this won’t be the case. However, as evidenced by the report, most respondents also believe that today’s existing firewall infrastructure will continue to play a significant role in leveraging these emerging paradigms. I do feel that this is a fact that some network security futurists might tend to overlook.

We’re really pleased with the results of the State of the Firewall 2014 report in general because the findings provide us with greater visibility into some truly captivating perceptions held by today’s practitioners, the real-world experts.

Hopefully you’ll download the report, tell us what you think about it, and maybe even participate when we conduct our next survey.

You can also register to join us for a State of the Firewall webcast hosted by Alan Shimel of Network World and DevOps.com on March 11.

Thanks to all of you who took the time to help us gather this year’s results.

The post Numbers Don’t Lie – The Firewall’s State is Secure appeared first on FireMon.

Location: Overland Park, KS
Travel: Less than 10%
Position Type: Full time

ROLE AND RESPONSIBILITIES

FireMon is seeking a Senior Customer Support Engineer focused on supporting Immediate Insight customers by providing an advanced level of support for our IT data analytics focused solution. This is a diverse & key role where you will troubleshoot and resolve customer problems, test deployment scenarios, interface with QA and development on product issues, assist with knowledge management and transfer, and more.

Be lead contact for technical assistance to customers of the Immediate Insight IT data analytics product, including deployment, troubleshooting, configuration, usage.
Escalate issues and interface with engineering when required, assist with quality assurance testing.
Test customer deployment scenarios in FireMon lab, including non FireMon security / network tools
Assist with creation of technical content including knowledge base, tech notes, & self-paced training
Help monitor and reply to questions on customer product forum
Mentor and assist new or junior members of the team to successfully handle customer issues.

QUALIFICATIONS AND EDUCATION REQUIREMENTS

BS, EE/CS, or technical school certificate plus applicable experience
Minimum 3 years’ experience in a customer support role, including external client facing support
Experience testing and troubleshooting multi-vendor scenarios in lab or customer environments
Hands on experience with the following is required; Enterprise network and security monitoring and analysis solutions, networking, Linux, virtualized environments
(Training on Immediate Insight will be provided to hire, however experience with related technologies is a pre-requisite)
Experience with the following desirable; Splunk, Elastic, other big data analytics solutions, scripting
Ability to write technical knowledge content, create training videos, and deliver training.
Strong problems solving and organizational skills, with a get it done attitude
Ability to work independently, and also as a member of the team
Professional demeanor and ability to work directly with customers in challenging situations

Interested and qualified for an open position? Please send your resume to jobs@firemon.com

The post Senior Customer Support Engineer appeared first on FireMon.

Position Title: Senior Financial Analyst
Location: Overland Park
Reports To: Chief Financial Officer

POSITION SUMMARY: Provide support to Finance department in various capacities including reviewing operation performance, management reports and analysis, budgeting and forecasting, and financial modeling.

ESSENTIAL FUNCTIONS:

Coordinate and manage the annual budget process
Prepare financial statements and assist with month end close
Perform daily/weekly reporting of key financial metrics
Report to management on monthly results, annual plan, and other requests as received
Prepare monthly departmental budget to actual results and explain variances from plan
Analyze results and trends to identify improvement opportunities
Provide ad-hoc financial analysis to management including pricing analysis and contract review
Assist with preparation of board level reporting
Communicate with other departments (i.e.: Sales, Marketing) to resolve questions

OTHER FUNCTIONS:

Assist with annual audit
Assist with account analyses, journal entries and reconciliations
Assist with due diligence on future acquisitions

EDUCATION, EXPERIENCE, AND SKILLS REQUIRED:

Bachelors Degree in Accounting, Finance or Business Administration
4-7 years of progressive Finance experience
Solid grasp of accounting principles required
Detail-oriented and have proven analytical ability
Flexible and able to handle and prioritize multiple tasks
Self-starter with strong problem-solving skills
Possess a positive attitude and work well with others
Strong computer skills including Excel and PowerPoint

DESIRABLE QUALIFICATIONS:

CPA
Current/previous public accounting experience
Experience with NetSuite
Experience with business intelligence tools

Interested and qualified for an open position? Please send your resume to jobs@firemon.com

The post Senior Financial Analyst appeared first on FireMon.

Location: Overland Park, KS
Travel: Less than 10%
Position Type: Full time
Location: Overland Park, KS or San Jose, CA

ROLE AND RESPONSIBILITIES

FireMon is seeking a Senior Software Engineer position to join our rapidly growing development team for our latest product Immediate Insight. You will work with Product Management and other Engineers on the Immediate Insight Development Team. The full-stack Senior Software Engineer will be able to own a feature and take it from design to data model to server implementation to user experience.

Participate with business and engineering team members in the development of the data analytics platform.
Develop application specifications and designs which are scalable, extensible, maintainable and testable
Work in a top to bottom environment developing in the UI, application server and database.

QUALIFICATIONS AND EDUCATION REQUIREMENTS

BS, EE/CS, or technical school certificate plus applicable experience
Minimum 10 years’ experience in writing high performance code
Experience in both server-side and front-end application environments
Hands on experience with the following is required; Node.js, Javascript, and Elasticsearch
Experience with the following desirable; Splunk, Elastic, other big data analytics solutions.
Strong problems solving and organizational skills, with a get it done attitude
Ability to work independently, and also as a member of the team
Professional demeanor and ability to work directly with team in challenging situations

PREFERRED SKILLS

Linux
Virtualization (VMWare, KVM, AWS, etc.)
Websockets
Caching
Big Data/Data Science
Search Advertising Analytics
Natural Language Analysis & Machine Learning
Experience in Embedded Systems

Interested and qualified for an open position? Please send your resume to jobs@firemon.com

The post Senior Software Engineer appeared first on FireMon.

As my view of network security is grounded in my experience as a real-world practitioner I’ve always sought to back opinions with qualitative research, even when the evidence seems perfectly clear.

Hopefully you’ll download the report, tell us what you think about it, and maybe even participate when we conduct our next survey.

You can also register to join us for a State of the Firewall webcast hosted by Alan Shimel of Network World and DevOps.com on March 11.

Thanks to all of you who took the time to help us gather this year’s results.

The post Numbers Don’t Lie – The Firewall’s State is Secure appeared first on FireMon.

What’s the secret to this consistent success?

The post Channeling Excellence – FireMon’s DeBell Extends Win Streak appeared first on FireMon.

As we power through the excitement and unrelenting pace of RSA Conference 2015 this week in San Francisco, the larger theme for FireMon, as always, centers on advancing visibility in the network.

As always at RSA, there is a lot of tremendous research and development being unveiled, as well as a fair share of repackaging the same old thing, thinly veiled behind smoke and mirrors.

We know you’ll be impressed by our latest innovation.

The post Advanced Visibility: Introducing Security Manager 8.0 appeared first on FireMon.

In this series, FireMon leadership shares their favorite features of the latest release of our device and policy management solution, Security Manager.

Jody Brazil, co-founder and chief product strategist, has overseen development of our flagship product since the beginning. He explains how the new Security Manager UI gives you at-a-glance visibility into rule usage and performance.

A lot of work went into designing the UI of 8.0 to make it easier to navigate and find the information you’re looking for. In one of the iterations, we stumbled onto something that has become my favorite page in the entire application: the Rule Dashboard.

In one location, you can see everything you could want to know about an individual rule such as:

Rule Definition – details about the rule in a concise rule view
KPIs – such as cumulative severity, recent changes and number of times it has been “hit” in the last 24 hours
Key Rule Properties – such as unused, no comment, redundant, etc.
Trend view of rule usage over the previous 30-days
List of all control failures – a fantastic value
Full rule documentation with editing capabilities

In previous versions of the program and in current versions from our competitors, a user would have to run four or five separate reports to get some of this information. Even then, they could never report on all of this information. Given that a rule is what makes a firewall work and is responsible for allowing or blocking attackers, this view is extremely powerful.

Check out a screenshot of my favorite page below or watch a walk through of the dashboard here:

Firewall Management Rule Dashboards

The post The Best of Firewall Management – Rule Dashboards appeared first on FireMon.

In this series, FireMon leadership shares their favorite features of the latest release of our device and policy management solution, Security Manager. Click Here to subscribe to the blog.

Jody Brazil, co-founder and chief product strategist, has overseen development of our flagship product since the beginning. He explains how OmniSearch takes the power of a query language and turns it into Google-like search for rules and objects within your network.

A number of years ago, we launched a community site called Nexus where customers could download and share audit checks. We published a lot of them based on customer requests and feedback. After a year or so of collecting requests and publishing checks, we realized that nearly 90% of all the requests were around the concept of “search.” Customers wanted to be able to find rules that match some condition or combination of conditions as well as objects and where they are used.

Rather than writing unique custom checks for each one-off request, we had the idea to build a query language. This became the basis for FMQL and ultimately SIQL enabling users to search for all things with a powerful query language.

But, SIQL can be intimidating. So, what if we made it as easy as Google? We did with OmniSearch. This very unassuming little feature is perhaps the most powerful feature of the entire application built completely around the power of SIQL.

OmniSearch is the global search bar displayed at the very top-center of the application. It combines two key features: navigation and searching. OmniSearch is significantly more effective for device navigation than the tree view in large environments. By simply typing in a few letters of the device name a list of devices is dynamically returned making finding a device quick and simple. And for searching, if you type text and hit enter you are presented with results fr beyond a list of devices. Using the power of SIQL, OmniSearch returns a broad list of matching objects – think Google for your personal network security data.

As the name implies, OmniSearch searches “all things” in Security Manager, specifically it searches across the entire domain of data for:

Devices (by name, IP, vendor, description)
Device Groups (name, description)
Security Rules (name, sources, destinations, applications, users, comment)
Network Objects (name, IP)
Service Objects (name)
User Objects
Application Objects
NAT Rules

Additionally, if you type in an IP Address (e.g.: 1.1.1.1, 10.1.1.0/24), OmniSearch will do network-aware searching of these same objects. By simply entering an IP address, you can find all the network objects that reference that IP and a list of all the rules that use that IP Address in the source or destination. Imagine troubleshooting connectivity: in a few seconds, you can find all the references to a troublesome IP Address enabling immediate resolution to issues.

To see OmniSearch in action, view a walkthrough of the feature here:

The post The Best of Firewall Management – OmniSearch appeared first on FireMon.