Lumeta now offers a DisruptOps/AWS integration, which replaces the Lumeta CloudVisibility engine.
DisruptOps is a cloud security operations platform to monitor, alert and respond to security risk across your public cloud infrastructure.
Prerequisite
To use the feature, you must have the DisruptOps platform deployed in your AWS environment. For guidance, pen a Support ticket (lumetasupport@firemon.com) and request Disrupt:Ops. FireMon Support will respond by providing you with implementation steps and login credentials. They will also help you deploy the necessary "cloudformation stack."
Configuration
- To configure this new integration, browse to Settings > Integrations > Disrupt:Ops and click Configure.
- Complete the form, supplying your Disrupt:Ops credentials as the Username and Password (not your AWS credentials).
DisruptOps Cloud Dashboard
Navigate to Dashboards/Integrations and view your results under the DisruptOps Cloud Dashboard
Security Group Risk
Lumeta considers the following factors in calculating the Security Group violation:
- Wildcard in a Security Group.
- IPv4 mask is too large for a Security Group.
- Src/Dest checks disabled on an instance
- Inbound/outbound path to the public internet (direct and indirect)
Instance Inventory
Lumeta will display AWS Instance Information including Instance ID, Public MAC Address, Public IP, VPC ID, Security Group IDs and Region. All this information can be configured into reports; combing you cloud instance information with your on prem devices.
Map
Lumeta Map offers a quick view of your AWS instances. Map can be organized by Region, Account, or VPC ID.
The Map will only show Regions, Accounts, and VPC IDs for which we have retrieved EC2 Instances.