FireMon has announced that Forrester Research, recognised FireMon in a snapshot of notable vendors for Zero Trust Platforms in The Zero Trust eXtended (ZTX) Ecosystem, published 19 January, 2018.
Zero Trust is an architectural conceptual model developed by Forrester Research that recommends how companies should redesign networks into "secure microperimeters." In addition, recommend that security teams "adopt a least privilege strategy and strictly enforce access control."*
"Zero Trust has become one of the key strategies for many CISOs who face increasing insider threats and the continued erosion of the perimeter," said Jeremy Martin, SVP of Engineering at FireMon. "We've seen that the operational management of the security infrastructure becomes even more critical in a network implementing Zero Trust, and we are proud to see that Forrester has recognized us in this report, and we believe it is attributable to the work we've done in preparing our technology to fit at the highest platform level."
The author of the ZTX report, Dr. Chase Cunningham, outlines the technologies best suited to "empowering and extending" Zero Trust initiatives. In a blog announcing the report, Cunningham explains the goal of ZTX, "Eventually a user will be able to reference this architecture and framework to specifically and succinctly determine which technical solutions from which vendors will enable their Zero Trust strategic goals..."
As Zero Trust architectures are more widely adopted, enterprises must maintain control of a more finely grained networks. FireMon's centralised management console gives security teams one place to manage the policies and rules that govern Zero Trust across the global network. It is the only configuration auditing solution** to also be listed as a Zero Trust platform in the eXtended Ecosystem report.
According to Forrester, to be a Zero Trust platform, vendors must:
- Offer market-leading capabilities in at least three Zero Trust components
- Create unique technical advantages to solution integration
- Develop and support robust APIs and a partner ecosystem
- Maintain a center of gravity for visibility, analysis, policy and automation
In addition to being named a Zero Trust platform vendor, FireMon was also included in the lists of security automation and orchestration, security visibility and analytics and network segmentation vendors.
"We are excited to see Forrester's recognition of our unique platform for Zero Trust," said Satin H. Mirchandani, Chief Executive Officer at FireMon. "As enterprises move toward Zero Trust, they require a platform that brings together vulnerability management, continuous compliance and security orchestration. We are delighted to be the only vendor able to deliver on all three essentials."
Cunningham states in the report that the most capable players have "well-documented APIs that are readily available for development and integration." Adding, "APIs must enable control and management of systems that don't necessarily live in your organization's infrastructure. These tools and systems enable real-time command and control of a wide variety of assets."
Extensive APIs and far-reaching technology integrations provide enterprises with a single console to enforce security across splintering networks. In 2017, one FireMon customer was making 120k API calls per day, resulting in deeper integration and adoption of firewall analysis and reporting across IT teams and systems.
"Managing a Zero Trust environment becomes a challenge as rulebases expand and thousands of segments become the norm," said Matt Dean, Vice President of Product Management at FireMon. "That's why enterprises choose FireMon's platform which delivers the necessary scalability and real-time visibility to support Zero Trust – all driven by robust APIs and airtight integrations."
As Cunningham writes in the Forrester report, "any vendor or technology worth their salt will have advanced API integration...If your selected technology doesn't have solid APIs to use, find a vendor that does."
*No More Chewy Centers: The Zero Trust Model Of Information Security, March 2016
**TechRadar™: Zero Trust Network Threat Mitigation Technologies, Q4 2016