Federal Information Security Management Act (FISMA)
Ensuring Network and Data Security for the Critical Information Infrastructure in the United States
The Federal Information Security Management Act (FISMA) is designed to protect critical information infrastructure of the United States Government. It sets minimum security standards for information and information systems and provides guidance on assessing and selecting the appropriate controls for their protection. Each Federal agency and its contractors are required to develop, document and implement policies that meet the FISMA standards. These include among others -
- Periodic risk assessments of the magnitude of harm that can be caused by unauthorized access;
- Detailed procedures that cost-effectively reduce these risks;
- Subordinate plans for providing adequate information security for networks, facilities, information systems, or groups of information systems, as appropriate; and
- Procedures for detecting, reporting, and responding to security incidents
The National Institute of Standards and Technology has issued a Special Publication 800-53 to provide guidelines for selecting and specifying security controls for information systems supporting the executive agencies of the federal government. We use the broad guide line topics to highlight some of the contribution areas of WhatsUp Log Management and WhatsUp Gold Infrastructure and Application Management Solutions to the FISMA compliance efforts by a federal agency.
The WhatsUp Event Archiver and Event Alarm databases maintain detailed historical data that can be analyzed to assess existing security practices and network vulnerabilities. Further, WhatsUp Event Analyst, provides the capability to filter, correlate and report on the volumes of data in an automated way and come up with practical insights that can guide risk assessment.
With insight from the risk assessment stage, security planners can set up and verify the right level of log collection, storage and analysis for all network assets using the WhatsUp Log Management products. This helps the agency and auditors to continuously verify compliance and uncover new security threats.
The WhatsConfigured plug-in automates the backup, restore, update and change management of the startup and running configurations of all network devices. It also securely stores both current and past versions of configuration files to provide an audit trail of changes made.
System and Communications Protection
WhatsUp Gold and its FlowMonitor and FlowPublisher plug-ins provide detailed visibility into the traffic on the federal agency network. Any external access attempts or connections from unknown networks and IP addresses, as well as data transfer to unauthorized locations on the Internet from within the internal network (as might happen in a malware attack) are captured and available for analysis. Network administrators can detect these changes in near-real time and take specific resolutions steps to protect agency systems and communication efforts.
System and Information Integrity
The WhatsUp Solutions support system and information integrity by securely storing management and event log data in standard databases and using encryption and cryptographic hashing methods where required.
The WhatsUp Gold Alert Center is built from the ground up to manage information on events occurring on the network, providing resolution workflows and setting up escalation processes if responses are delayed or initial resolution attempts are unsuccessful. Both WhatsUp solutions deliver email and mobile notification alerts to help network operations staff to quickly initiate triage processes to resolve evolving issues.
Both the WhatsUp Gold infrastructure and applications management platform and the WhatsUp Log Management solutions support restricted, role based privileges and domain access rights to user and administrators on a need to know basis. WhatsUp Event Alarm can also be set up to immediately alert to changes in user role and group privileges for data and information system access.
Accountability and Audit
The comprehensive event log data maintained in the WhatsUp solution is a goldmine for federal agencies and their external auditors to ascertain when and what changes were made to information and systems credentials and by whom. Event logs also record each successful or failed attempt at information or system access. This delivers a level of accountability and audit that is the foundation to a solid information security strategy.