RedSeal 6 v6.6
June 03, 2013
Perpetual software licence: c£641 per managed network device; appliance: c£9,622
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Rogue (Dark Space) discovery; ‘what if’ change control validation at network and standards level; network mapping
- Weaknesses: Would like to have a bit more view into regulatory/standards mappings
- Verdict: RedSeal replaces blindness to IT security risk with a firm understanding of where security is working, where investment is needed and where lie the greatest vulnerabilities to cyber attack
RedSeal 6 is a risk-based IT security management platform that enables organisations to identify, prioritise and respond to critical points of weakness in complex enterprise security control infrastructure. It accomplishes this through modelling enterprise network assets (i.e. routers, hosts, applications, etc.) and the security control/remediation infrastructure (firewalls, etc.) that protect those assets.
The tool uses risk analytics to examine the model to identify high concentrations of risk and non-compliance. These analytics provide risk managers with the information needed to drive planning and prioritised action that systematically reduces exposure to cyber attack.
RedSeal 6 is delivered as either software running on a general purpose server or as a pre-loaded appliance with a Linux-based OS. RedSeal software runs on a Microsoft platform and requires Windows Server 2003-2008. It uses a Postgres database for its backend data store.
The product is designed to continuously identify and prioritise key points of weakness in one's enterprise security controls. It models configurations from data collected from network devices - such as firewall, UTM devices, routers, load balancer and wireless controllers. It can also model data from vulnerability information pulled from several leading scanner vendors, and can pull security data from supported SIEM vendors.
RedSeal 6 can collect device configuration data from the leading configuration management databases, which enables users to automatically create needed asset pools. More importantly, users can instantly build a detailed network map with a visual of how things are attached in the enterprise, and what is reachable based on configured policies. This high-level overview of connectivity and reachability is a key strength for this product.
There is a new, winning feature in this release that uses analytics and creates groupings to easily show graphically where users may have gaps in network controls or unknown access based on policies. Administrators can model attack simulations and determine how threats might propagate through the environment, and can model changes to see what new vulnerabilities or threats are exposed.
RedSeal does not supply a regulatory or standards policy library, but that information is mapped in the backend so that users can create risk maps and reports for compliance against such standards as PCI and NIST. Also new in v6.6, this information can be fed into a GRC platform for enterprises requiring a more formal policy and compliance mapping solution.
Another new component is the change management workflow. This addresses risk assessment, 'what if' analysis, security oversight and continuous monitoring. There is additional support for BYOD risk from collecting information on mobile devices.
The reporting and visualisation capabilities are powerful while remaining easy to use. Administrators have high-level executive dashboards delivering key decision-making information to leverage investments based on risk. The analyst capabilities - which allow users to drill down to detailed information and quickly and easily identify, manage and remediate risks - are superb and include recommendations for best practice configuration and remediation.
Support starts at 20 per cent of appliance or licence fees and includes options for 24/7, four-hour or one-hour response.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- Same fate befalls Post Office broadband as hit DT?
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Former Expedia IT employee admits to hacking execs from the inside
- Cyber-insurance: What will you be able to claim for and is it worth it?
- Levelling the playing field against targeted attacks
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime
- IoTSF conference: EU should become de facto regulator