FireMon Security Manager

To validate that devices on your network are managed by FireMon Security Manager, integrate it with Asset Manager. Then check the results on the FireMon Management Dashboard

Here's how the integration works:

  1. Asset Manager accesses the API of Security Manager (at a polling interval set by the user) and retrieves the inventory of Security Manager managed endpoints.
  2. Asset Manager correlates this inventory against Asset Manager's authoritative index of IP address space. Any endpoint devices not running Security Manager are reported as undefended and not managed.
  3. Asset Manager highlights the differences and commonalities in views presented on the FireMon Management Dashboard.

Criteria for Devices Pushed to Security Intelligence Platform (SIP)

Upon Discovery by Asset Manager, a device must meet two criteria to be pushed to Security Manager as a synthetic router

  1. Device must be an SNMP Responder
  2. Device must have more than one Interface

User Permission Requirements

The following user permissions need be configured in the Administration module, at a minimum, for this integration to work: 

  • Administration > Data Collectors > Read/Write
  • Module > Administration > Read; Security Manager > Read
  • Device Group > All Devices > Read/Write

To create or edit the user group, browse to Administration > Access > User Groups.

Configure the FireMon Feed

Configure the integration as follows:

  1. In Asset Manager, go to Settings > Integrations > FireMon, and click Configure
  2. Turn on the Enabled toggle to activate the integration.
  3. Enter a Polling Interval (by Hour) to indicate the time that should elapse between fetching the latest feed data. Input 24 to poll daily, input 12 to poll twice a day, and so on.
  4. Enter the DNS name or IP address of your SIP server in the Server Name field.
  5. Enter the Username and Password used for SIP.
  6. Select the Zones to pull data from.
  7. Click Test to confirm that the feed is configured correctly.
  8. Click Save.  

Go to the FireMon Management Dashboard to see where the data from this integration populates in the Asset Manager and Security Manager interfaces.