In this series, FireMon leadership shares their favorite features of the latest release of our device and policy management solution, Security Manager. Click Here to subscribe to the blog.
Jody Brazil, co-founder and chief product strategist, has overseen development of our flagship product since the beginning. He explains how OmniSearch takes the power of a query language and turns it into Google-like search for rules and objects within your network.
A number of years ago, we launched a community site called Nexus where customers could download and share audit checks. We published a lot of them based on customer requests and feedback. After a year or so of collecting requests and publishing checks, we realized that nearly 90% of all the requests were around the concept of “search.” Customers wanted to be able to find rules that match some condition or combination of conditions as well as objects and where they are used.
Rather than writing unique custom checks for each one-off request, we had the idea to build a query language. This became the basis for FMQL and ultimately SIQL enabling users to search for all things with a powerful query language.
But, SIQL can be intimidating. So, what if we made it as easy as Google? We did with OmniSearch. This very unassuming little feature is perhaps the most powerful feature of the entire application built completely around the power of SIQL.
OmniSearch is the global search bar displayed at the very top-center of the application. It combines two key features: navigation and searching. OmniSearch is significantly more effective for device navigation than the tree view in large environments. By simply typing in a few letters of the device name a list of devices is dynamically returned making finding a device quick and simple. And for searching, if you type text and hit enter you are presented with results fr beyond a list of devices. Using the power of SIQL, OmniSearch returns a broad list of matching objects – think Google for your personal network security data.
As the name implies, OmniSearch searches “all things” in Security Manager, specifically it searches across the entire domain of data for:
- Devices (by name, IP, vendor, description)
- Device Groups (name, description)
- Security Rules (name, sources, destinations, applications, users, comment)
- Network Objects (name, IP)
- Service Objects (name)
- User Objects
- Application Objects
- NAT Rules
Additionally, if you type in an IP Address (e.g.: 1.1.1.1, 10.1.1.0/24), OmniSearch will do network-aware searching of these same objects. By simply entering an IP address, you can find all the network objects that reference that IP and a list of all the rules that use that IP Address in the source or destination. Imagine troubleshooting connectivity: in a few seconds, you can find all the references to a troublesome IP Address enabling immediate resolution to issues.
To see OmniSearch in action, view a walkthrough of the feature here:
The post The Best of Firewall Management – OmniSearch appeared first on FireMon.