Watch this video for an overview of the value of FireMon Security Intelligence Platform plus FireMon Lumeta:
To validate that devices on your network are managed by Firemon Security Intelligence Platform (SIP), integrate SIP with Lumeta. Then check the results on the FireMon Management Dashboard dashboard.
Here's how the integration works:
- Lumeta accesses the API of SIP (at a polling interval set by the user) and retrieves the inventory of SIP-managed endpoints.
- Lumeta correlates this inventory against Lumeta's authoritative index of IP address space. Any endpoint devices not running SIP are reported as undefended and not managed.
- Lumeta highlights the differences and commonalities into views that are presented on the FireMon Management Dashboard dashboard.
Criteria for Devices Pushed to Security Intelligence Platform
Upon Discovery by Lumeta, a device must meet two criteria in order to be pushed to Security Manager as a Synthetic Router
- Device must be an SNMP Responder
- Device must have more than one Interface
User Permissions Requirements
The following user permissions need be configured in Security Manager, at a minimum, for this integration to work:
- Administration > Data Collectors > Read/Write
- Module > Administration > Read, Security Manager > Read
- Device Group > All Devices > Read/Write
To create or edit the user group, browse to Administration > Access > User Groups.
Configuring the FireMon Feed
To configure the FireMon Security Intelligence Platform integration:
- On Lumeta's main menu, browse to Settings > Integrations > Other Solutions > FireMon.
- Enable the integration by moving the Active slider to the right.
The label changes from Off to On. To disable the feed while leaving the credentials in place, move the slider to the Off position.
- Input a Polling Interval to indicate the time that should elapse between fetching the latest feed data. Input 24 to poll daily, input 12 to poll twice a day, and so on.
- Input the IP address or system name of your SIP server.
- Input your SIP credentials.
- Click Submit.
The configuration is saved.
See FireMon Management Dashboard to see where the data from this integration populates in the Lumeta and Security Manager browser interfaces.