Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

OPSEC Partners

NetIQ Security Manager for FireWall-1

Product Version Certified: Security Manager 5.1
Certified for use with: Check Point Next Generation

Product Description: NetIQ's Security Manager provides an advanced, central security console for real-time security event monitoring and automated response, host-based intrusion detection, event log consolidation, and security configuration management.

 
Key Features and Benefits
OPSEC Integration
 
  Download the Security Manager Documentation
 
The Company: NetIQ is the leading provider of solutions for managing, securing and analyzing all key components of an enterprise computing infrastructure-from back-end networks and servers to front-line applications and Web servers. The company is headquartered in San Jose, California, with development and operational personnel in Houston, Texas; Raleigh, North Carolina; Bellevue, Washington; and Portland, Oregon.   NetIQ
   
Key Features and Benefits

Security Manager's integration for Check Point enables security professionals to easily monitor and manage their firewalls and the events they generate. The real-time monitoring, analysis and automated response functions help users extend and optimize firewall defenses and enforce desired configuration times. By integrating Check Point FireWall-1 security events with events from a variety of other security products, Security Manager allows users to proactively protect distributed IT assets. This module couples the early-warning incident management system of Security Manager with your firewall system to provide identification and notification of external attacks or suspicious activity from a single console.

This product is enterprise-scalable to thousands of servers and workstations and allows organizations to fully integrate and leverage security events from other security solutions operating in the enterprise.

Key Benefits

  • Delivers real-time monitoring: Integrates with leading firewall systems to enable identification and immediate response to network attacks and violations of firewall configuration policies. The centralized reporting from consolidated firewall logs simplifies on-going management and enables monitoring of your firewalls for accidental misconfigurations.
  • Provides automated responses: Monitors events and alerts while providing automated responses to detected threats. For example, you can configure rules to immediately notify members of the security group when suspicious activity is detected.
  • Supplies single point of monitoring: Gathers all firewall-related events, alerts and other activities in one central location. This allows you to avoid sifting through volumes of distributed event logs to analyze firewall data. Additionally, to help keep this information secure, the firewall configuration information is stored in a safe, central repository.
  • Detects misconfigurations: Helps maintain firewall configuration policies by comparing identified security policies to the current firewall configuration. When the product detects a misconfiguration, the firewall administrator will receive an alert and can quickly address the issue.
  • Identifies external attacks: Detects intrusion attempts and allows you to configure automated notification so that defined recipients will receive an alert and can respond to apparent external breach attempts
OPSEC Integration
NetIQ Security Manager integrates with the Log Export API (LEA) of the OPSEC architecture in VPN-1/FireWall-1. When LEA is used, a secure connection is set up between NetIQ Security Manager and
VPN-1/FireWall-1. This connection provides the mechanism that safely and securely transfers data between the firewall and the analysis engine. By encrypting data at the firewall, LEA ensures that firewall logs are not tampered with during transport. The LEA connection also facilitates the creation of real-time reports without the need to export complete log files at every update interval, saving time and bandwidth resources.