Single Source of Truth Improves Effectiveness and Efficiency of
Security and Network Operations Centers
Forward Networks, the industry leader in network assurance and intent-based verification, announced enhancements to the Forward Enterprise platform that will help security professionals identify, contain, and prevent security incidents with greater ease and efficiency than ever. The three new features enable security engineers to determine the blast radius of compromised devices immediately, create an always up-to-date zone-to-zone security matrix, and simplify efforts to remediate cybersecurity vulnerabilities (CVs).
“Forward Enterprise enables network operations engineers to access and gain insights from network information that previously was painfully slow, or even impossible, to find. Fast, easy access to insights speeds up troubleshooting, reduces outages, and enables IT teams to deliver more applications without increasing staff,” said Brandon Heller, Chief Technology Officer and Co-Founder at Forward Networks. “Security operations engineers can benefit from the same information, too! They’re under constant pressure to identify and remediate issues immediately, but their efforts are slowed by a lack of network clarity, especially when firewalls, load balancers, and complex network paths are involved. By providing a single source of truth and “easy buttons” to complete common security tasks, we help enterprises to strengthen their network security posture and validate their zero-trust architecture, with a level of accuracy and efficiency that was previously impossible.”
Creating a single source of truth for NOC (Network Operations Center) and SOC (Security Operations Center) engineers helps both teams deliver business value faster by eliminating the need to request and share information via phone or email. Now, everyone can instantly access always current information on network behavior, security posture, and topology. Security engineers tasked with remediating or preventing events now have up-to-date information on traffic paths availability or isolation, device connectivity, and the ability to track network configuration changes that may have created a vulnerability.
“Traditionally, security teams haven’t had access to the detailed analysis of network behavior they need to diagnose issues or verify compliance without requesting it from the NOC,” said Chiara Regale, vice president of product for Forward Networks. “Forward Enterprise collects information on configuration and network behavior from Layer 2 through Layer 4, which SOC and InfoSec teams need be effective. The features we are announcing today are designed to curate and present this information in a way that helps security teams accomplish their goals faster and more accurately.”
The three new features announced today simplify labor-intensive processes for security teams and enable them to resolve issues without conducting data calls.
- Blast Radius Identification and Isolation—using data already collected by the Forward Enterprise platform, security operations engineers can now identify the reach of a compromised host with a single mouse click. Once the exposure is identified, isolating the devices is a much simpler and faster process.
- Zone-to-Zone Connectivity Matrix—by continuously capturing firewall configuration information, Forward Enterprise is an always-current source of truth for zone-to-zone connectivity. The platform offers a graphical matrix that clearly delineates which zones have full connectivity, partial connectivity, or no connectivity. Using the platform’s Path Analysis, Network Query Engine, and network-diff capabilities, engineers can easily determine the cause of unintended connectivity. Additionally, the engineer can build verification baselines from the Zone-to-Zone Connectivity Matrix using Forward Intent verification checks.
- Cybersecurity Vulnerability Reporting—Using information from the NIST National Vulnerability Database and the specific device and configuration data collected from the network, Forward Enterprise automatically analyzes the network for vulnerabilities and presents information in an actionable format. Our API integration with ServiceNow can automatically generate tickets, expediting the entire process.
Visit www.forwardnetworks.com/security to learn more about these features and security use cases for Forward Enterprise.
“The NetOps and SecOps teams typically work with different toolsets and datasets to assure service integrity and mitigate problems and threats respectively. While the use of role-specific views and controls certainly add operational value, a single source of truth and shared management platform boost the efficiency and effectiveness of IT operations overall,” said Mark Leary, Research Director, Network Analytics, IDC. “Here, IT organizations move forward by breaking down technology silos, promoting cross-functional teamwork, and increasing IT staff productivity and service levels.”
About Forward Networks
Forward Networks is revolutionizing the way large networks are managed. Forward’s advanced software delivers a “digital twin” of the network, enabling network operators to verify intent, predict network behavior, and simplify network management. The platform supports devices from all major networking vendors and cloud operators, including AWS, Azure, and Google Cloud Platform.
Forward Networks was founded in 2013 by four Stanford Ph.D. graduates and is headquartered in Santa Clara, California. Investors include Goldman Sachs, Andreessen Horowitz, Threshold Ventures, and A. Capital. For more information, visit www.ForwardNetworks.com.