Access and Visibility

Visualize access across your network environments and interpret access controls

Networks that are on-premise, with private and public clouds are constantly growing and changing, from new devices coming online to clouds being deployed, and it’s very difficult for organizations to keep track. Team members leave, taking with them institutional knowledge.

As a result, blind spots exist, tasks aren’t completed, and mistakes are made, resulting in potential cloud misconfigurations that can leave your critical assets exposed and your organization vulnerable to costly data breaches.

With RedSeal, you can feel confident with full cloud visibility into your as-built, hybrid network, and prove all access is exactly as you intended.

RedSeal cloud security solutions and security posture management

RedSeal brings all your cloud network environments—public clouds, private clouds, and on-premise—into one comprehensive, dynamic visualization.

You can’t secure what you can’t see. Trust what you see is complete with a RedSeal model that provides context of your true, as-built environment. With RedSeal, visualize all connectivity, proactively harden your network by determining all possible access routes to exposed resources, and understand the location and level of security controls within your cloud infrastructure.

  • Hybrid, cross-fabric visibility of your entire network
    • RedSeal has the most comprehensive network security modeling capability in the industry, with an end-to-end approach of your as-built network, including public cloud (AWS, Azure, GCP and OCI), software-defined (VMware NSX, Cisco ACI) and on-premise
    • RedSeal analyzes your network and builds a topology model, so you can understand and continuously monitor your whole network in one unified view
    • RedSeal isn’t just a map, it’s a rich-data model of your network with all your AWS cloud security and Azure cloud security inventories in one place. You can query the model with questions
      • How can A get to B, and if so – or if not – which network devices, over which ports and protocols, and which rules are allowing or blocking access
  • Quickly visualize all access paths–intended and unintended–across your infrastructure
    • Blue lines in the RedSeal model represent actual access, opposed to intended access often presented in Vizio-style network diagrams. RedSeal calculates access by analyzing your device network configuration files, resulting in a single source of truth
  • Visually validate and manage your network segmentation policies
    • Meet external compliance mandates such as PCI, NERC-CIP, and CMMC with out-of-the-box templates
    • Create and run custom access policies for your internal organizational mandates
  • Reveal hidden areas of your network
    • RedSeal helps you ensure you know everything on your network by maintaining a complete inventory of your assets
    • Discover dark spaces in your network and move those assets from unmanaged to managed
  • Find network inconsistencies
    • Quickly identify network inconsistencies, such as overlapping IP space and duplicate VLANs, that can increase risk to performance and security

Go beyond good intentions and interpret access across all your network environments, including access for native cloud controls and firewalls. RedSeal generates a model of your infrastructure, not just a map, so you can query the underlying rich data and be confident in your ability to secure access throughout your network.

  • Understand how everything on your network is connected.
    • Only RedSeal shows you all available paths across your network, including your cloud, SDN and on-premise environments
    • Visualize end-to-end access, intended and unintended, between any two points of your network
    • Visualize detailed access paths—even those without live traffic—and pinpoint rules affecting access
  • Validate network segmentation policies
  • Help automate change management and ticketing/workflow applications
    • Reduce churn – RedSeal’s network model will proactively check for potential policy violations and cloud computing vulnerabilities before approval
    • Validate change requests –  RedSeal will tell you if a change will increase your exposure or violate compliance/segmentation policies
    • Determine if critical resources have unintended exposure
    • Assess security risks related to network and firewall changes
  • Run queries to uncover access path details
    • The RedSeal Detailed Path tool tells you if access is possible between any two points on your network
    • Provides a summary of access that tells you if the path is “Fully Open,” “Partially Open” or “Fully Closed”
    • Provides a rapid path analysis, including seeing each individual network device along that path, and which ones are enabling or blocking access
    • From RedSeal, you can open the configuration file for that device and immediately pinpoint the config file line that is allowing or blocking access
    • Communicate change requests to your internal teams via your ticketing system such as ServiceNow, within context of the overall configuration file
  • Model access policy violations with Secure Impact Query
    • RedSeal is able to model proposed changes to the network and check them for exposure to security misconfigurations and vulnerabilities and violations of access and segmentation policies (mentioned earlier)
  • Prioritize network vulnerabilities based on access
    • Where the vulnerability is matters, and to what it has access
    • By adding network context into your enterprise network vulnerability management program, RedSeal enables you to perform a true risk-based vulnerability prioritization of the findings from your existing scanners, not just based on CVSS scores
    • By comparing your scan data with a continuously updated RedSeal model of your network, RedSeal helps identify which assets to target for scanning, and helps identify and resolve any gaps in your vulnerability scanner coverage
    • Customers use RedSeal to add additional criteria to scanner data:
      • Is the vulnerability reachable from an untrusted network?
      • If it’s compromised, can attacker reach my critical assets?
  • Accelerate incident investigation with network context
    • With RedSeal cloud security solutions, quickly locate a compromised device, determine which assets bad actors can reach from there – and get information to stop them
    • Since RedSeal’s model includes all possible access paths, you’ll see the paths a network attacker could take to valuable assets. And you’ll get specific containment options so you can decide what action to take — from increasing monitoring, to placing honey pots, to changing firewall rules, to simply unplugging the device — decreasing your network incident response time
    • We integrate leading cybersecurity incident response products such as Splunk
Announcing RedSeal Stratus — the easiest way to understand and protect your cloud attack surface.Get a demo.