Now you can share information between FireMon Lumeta and FireMon Security Manager (SM) via API and create a group within Security Manager of Lumeta-discovered devices it (SM) does not manage (i.e., non-managed devices in Security Manager). Security Manager refers to devices ingested from Lumeta as "synthetic routers," and includes the data as part of the device's definition.
- Information on devices that profile as a unique router, switch or firewall in Lumeta are fed to FireMon Security Manager, provided SM does not already know about the devices.
- Data points like device vendor, operating system, and model are conveyed, along with the description "Discovered by Lumeta."
- Interface and routing information that Lumeta discovers along with the device is also transmitted to Security Manager.
To amplify FireMon management capabilities, first configure the FireMon Integration, and then review the FireMon Management dashboard, located on Lumeta's Dashboards > Integrations menu.
The FireMon Risk Analyzer and FireMon Security Manager dashboards are introduced here:
FireMon Security Manager
The Synthetic Routers Shared with Security Manager table identifies routers, Layer 3 switches and firewalls discovered in real-time by Lumeta and pushed to Security Manager as "synthetic routers." Only devices that are new or “unknown” to Security Manager are transmitted there automatically. In the context of Security Manager, these newly ingested devices are called "synthetic routers."
Forwarding Devices Unmanaged by Security Manager are forwarding devices Lumeta found that do not profile as routers, switches, or firewalls. Lumeta does not automatically push these findings to Security Manager. If the customer wants these findings in Security Manager, they must be added manually.
The Devices Unmanaged by Lumeta are those devices that Lumeta pulls from Security Manager. Ideally, this table will be empty, indicating that all devices managed by Security Manager have also been indexed by Lumeta. The presence of records in this widget indicates a lack of visibility: Maybe a firewall is blocking discovery, maybe there’s a misconfiguration, a necessary protocol is missing, or there’s a poorly placed Scout component.
The final widget—Security Manager and Lumeta-Managed Devices—is the full result of the Lumeta-Security Manager integration. Devices on a network that both Security Manager and Lumeta know about presented here, indicating that there are “no blind spots” and the customer has “full, visibility and coverage.”
FireMon Risk Analyzer
The top set of dashboard widgets shows assets Lumeta knows about, but FireMon Risk Analyzer does not. This means that FireMon is not defending the assets listed in the Assets Unmanaged by Risk Analyzer widget. Consider exporting these from Lumeta, and importing them to Risk Analyzer to complete its coverage.
Lumeta cannot "see" the assets listed on the Assets Unmanaged by Lumeta widget. This indicates that your Scouts cannot "see" into the network on which they are located. Check your Scout deployment. Perhaps the device is off-network. This set presents devices FireMon Risk Analyzer knows about, yet Lumeta does not.
Lumeta cannot "see" the vulnerabilities listed on the Assets Vulnerabilities Unmanaged by Lumeta widget. This set presents asset vulnerabilities FireMon Risk Analyzer knows about, yet Lumeta does not.
These panels will show any assets managed by both Lumeta and FireMon.
FireMon Device Details
The risk score, asset values and other device details associated with FireMon-managed devices.