Networks Validates Zero Trust Architectures
June 29, 2021
Networks made enhancements to the Forward Enterprise platform that will
help security professionals identify, contain, and prevent security
incidents with greater ease and efficiency than ever. The three new
features enable security engineers to determine the blast radius of
compromised devices immediately, create an always up-to-date
zone-to-zone security matrix, and simplify efforts to remediate
cybersecurity vulnerabilities (CVs).
"Forward Enterprise enables network operations engineers to access and
gain insights from network information that previously was painfully
slow, or even impossible, to find. Fast, easy access to insights speeds
up troubleshooting, reduces outages, and enables IT teams to deliver
more applications without increasing staff," said Brandon Heller, Chief
Technology Officer and Co-Founder at Forward Networks. "Security
operations engineers can benefit from the same information, too! They're
under constant pressure to identify and remediate issues immediately,
but their efforts are slowed by a lack of network clarity, especially
when firewalls, load balancers, and complex network paths are involved.
By providing a single source of truth and "easy buttons" to complete
common security tasks, we help enterprises to strengthen their network
security posture and validate their zero-trust architecture, with a
level of accuracy and efficiency that was previously impossible."
Creating a single source of truth for NOC (Network Operations Center)
and SOC (Security Operations Center) engineers helps both teams deliver
business value faster by eliminating the need to request and share
information via phone or email. Now, everyone can instantly access
always current information on network behavior, security posture, and
topology. Security engineers tasked with remediating or preventing
events now have up-to-date information on traffic paths availability or
isolation, device connectivity, and the ability to track network
configuration changes that may have created a vulnerability.
"Traditionally, security teams haven't had access to the detailed
analysis of network behavior they need to diagnose issues or verify
compliance without requesting it from the NOC," said Chiara Regale, vice
president of product for Forward Networks. "Forward Enterprise collects
information on configuration and network behavior from Layer 2 through
Layer 4, which SOC and InfoSec teams need be effective. The features we
are announcing today are designed to curate and present this information
in a way that helps security teams accomplish their goals faster and
The three new features announced today simplify labor-intensive
processes for security teams and enable them to resolve issues without
conducting data calls.
Radius Identification and Isolation—using data already collected by the
Forward Enterprise platform, security operations engineers can now
identify the reach of a compromised host with a single mouse click. Once
the exposure is identified, isolating the devices is a much simpler and
Zone-to-Zone Connectivity Matrix—by continuously capturing firewall
configuration information, Forward Enterprise is an always-current
source of truth for zone-to-zone connectivity. The platform offers a
graphical matrix that clearly delineates which zones have full
connectivity, partial connectivity, or no connectivity. Using the
platform's Path Analysis, Network Query Engine, and network-diff
capabilities, engineers can easily determine the cause of unintended
connectivity. Additionally, the engineer can build verification
baselines from the Zone-to-Zone Connectivity Matrix using Forward Intent
Cybersecurity Vulnerability Reporting—using information from the NIST
National Vulnerability Database and the specific device and
configuration data collected from the network, Forward Enterprise
automatically analyzes the network for vulnerabilities and presents
information in an actionable format. Our API integration with ServiceNow
can automatically generate tickets, expediting the entire process.
and SecOps teams typically work with different toolsets and datasets to
assure service integrity and mitigate problems and threats respectively.
While the use of role-specific views and controls certainly add
operational value, a single source of truth and shared management
platform boost the efficiency and effectiveness of IT operations
overall," said Mark Leary, Research Director, Network Analytics, IDC.
"Here, IT organizations move forward by breaking down technology silos,
promoting cross-functional teamwork, and increasing IT staff
productivity and service levels."