View
1
Download
0
Category
Preview:
Citation preview
Matt Dean– Product ManagementMatt Hines – Product Marketing
August 12, 2014
Automating PCI 1.1.7 with FireMon Policy Optimizer
Agenda
Welcome
PCI DSS Compliance Challenges
PCI DSS Requirement 1.1.7
Automating using Policy Optimizer
FireMon and PCI – Other Areas
Demo – Policy Optimizer
Q&A
PCI DSS Compliance Challenges
Today’s Hurdles:
“Continuous” Compliance
Controls must be constantly validated
Complexity and Change
Business demands, threats, infrastructure
Oversight and Overhead
Audit prep and resource allocation
PCI DSS Requirement 1.1.7
Rules Recertification
Cleanup rules – Specifically unnecessary, outdated or incorrect rules, ensuring that all rules allow only authorized
services and ports that match documented business justifications. Organizations with a high volume of changes
to rules may wish to consider performing reviews more frequently, to ensure that the rule sets continue to
meet the needs of the business.
PCI DSS 1.1.7 Challenges
Existing Pain Points:
Changing Access Demands
Evolving business and landscape
Access/Rules Recertification
What’s necessary? Who owns it?
Fixed Internal Resources
Leveraging staff to do more
New Product – Policy Optimizer
Policy Optimizer - Bridging Silos
New, Automated Workflow:
Integrated policy review cycle
Optimize posture for operational, security & compliance requirements
Automated rule recertification
Business process implementation ensuring organizational adoption
Refined, documented access
Consistent review and closed-loop process for management
Network Ops, Security Mgmt,Audit/Compliance, Risk Mgmt
Policy Optimizer
Product Features: Rule Review
Rule Optimization:
Data for Review & Certification
Access, usage, documentation
Intelligent Policy/Rule Review
Smart policy/rules routing
Automated Review Process
Business process for review
Product Features: Edit Control
Policy Improvement:
Dynamic configuration search
Find all similar rules/controls
FireMon SIQL technology
Proprietary query language
Evaluate, review and test
Detailed intelligence and reports
Benefit – Integrated Workflow
Process Automation:
Fills gap in security& risk mgmt
Automated policy optimization
Significant compliance benefit
Continuous rules re-certification
Business-security communication
Bridging silos with workflow automation
Case Study – Global Financial
Real-World Demand:
Significant pain & expense
Manually recertify rules (PCI DSS)
15 full time staff worldwide
Using Policy Optimizer
Enable staff with data, workflow
Replaced rival shelf ware
Immediate benefits
Closed-loop process for PCI review
Rapidly addressed existing problems
FireMon Solutions: PCI Overview
Solutions Applicability:
Security Manager Platform
Firewall rules and policy assessment
Policy Planner Module
Policy analysis and change mgmt
Risk Analyzer Module
Prioritized vulnerability mitigation
FireMon Solutions: 7-of-12 Addressed
DSS-Wide Applicability:
PCI 1 Firewall rules and policy assessment
PCI 2 Policy analysis and change mgmt
PCI 6 Prioritized vulnerability mitigation
PCI 7 Control network access
PCI 10 Network logging and monitoring
PCI 11 Security system testing
PCI 12 Maintain policy effectiveness
FireMon Solutions: PCI Applicability
Requirements Addressed: PCI 1
Firewall rules and policy assessment
1.1 - Establish and implement firewall and router configuration standards.
1.2 - Build firewall and router configurations that restrict connections between untrusted networks.
1.3 - Prohibit direct public access between the Internet and card data.
1.5 - Ensure that security policies and operational procedures for managing firewalls are documented.
FireMon Solutions: PCI Applicability
Requirements Addressed: PCI 2
Policy analysis and change mgmt
2.2 - Develop configuration standards for all system components.
2.3 - Encrypt all non-console administrative access using strong cryptography.
2.4 - Maintain an inventory of system components that are in scope for PCI DSS.
2.5 - Ensure that security policies and operational procedures for managing vendor defaults and security parameters are
documented and validated.
FireMon Solutions: PCI Applicability
Requirements Addressed: PCI 6
Prioritized vulnerability mitigation
6.1 - Establish a process to identify security vulnerabilities using outside sources for security vulnerability ranking.
6.4 - Follow change-control processes and procedures for all changes to system components.
Requirements Addressed: PCI 7
Control network access
7.1 - Limit access to system components and cardholder data.
7.2 - Establish an access control system for systems components that restricts access based on need-to-know set to “deny all” unless specifically allowed.
7.3 - Ensure that security policies and operational procedures for managing firewalls are documented.
FireMon Solutions: PCI Applicability
Requirements Addressed: PCI 10
Prioritized vulnerability mitigation
10.1 - Implement audit trails to link all access to system components to each individual user.
10.2 - Implement automated audit trails for all system components to reconstruct events.
10.3 - Record particular audit trail entries for all system components for specified events.
Requirements Addressed: PCI 11
Security system testing
11.2 - Run internal and external network vulnerability scans quarterly and after any significant change in the network .
11.3 - Implement a standards-based methodology for penetration testing.
FireMon Solutions: PCI Applicability
Requirements Addressed: PCI 11
Change Detection Alerting
11.5 - Deploy a change-detection mechanism to alert personnel to unauthorized change of critical system files, configuration files, or
content files.
Requirements Addressed: PCI 12
Maintain policy effectiveness
12.2 - Implement a risk-assessment process that is performed at least annually and upon significant changes to the environment.
Recommended