Learn how SolarWinds can help fulfill your growing list of cybersecurity needs, especially around reporting requirements for DISA STIGS, FISMA NIST, and more. In this presentation, our product management team will share the latest features and product updates our federal customers are most interested in for Log & Event Manager (LEM), Firewall Security Manager (FSM), User Device Tracker (UDT), and Network Configuration Manager (NCM) with a focus on their security features. Learn More and Connect with SolarWinds Federal: Federal website: http://www.solarwinds.com/federal thwack Federal and Government group: http://thwack.solarwinds.com/groups/federal-and-government Twitter: http://twitter.com/SolarWinds_Gov

1. © 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
Combating Cyber Threats With
SolarWinds®
Federal Government Needs
Francois Caron
Product Management Director - Network Management and Online Demo
SolarWinds

2. © 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
Pressing Need for Stronger Agency Security
Cyber attacks are on the rise. Vulnerabilities are prevalent.
 48,000 cyber “incidents” involving government systems which agencies detected
and reported to DHS in FY 2012
 Civilian agencies don’t detect roughly 4 in 10 intrusions
 Weaknesses, vulnerabilities and flaws identified at the majority of audited
agencies
Source: “The Federal Government’s Track Record on Cybersecurity and Critical Infrastructure”. Feb 2014
 Majority of attacks move from penetration to data exfiltration in seconds to
hours
 Majority of attacks identified and resolved in weeks to years
Source: 2013 Verizon Data Breach Report

3. Exploit
Causing loss of
Risk
Minimize
Causing
Reduce
Mitigated
by
Risk Management: Cause and Effect
Threats
© 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

4. Controls to Reduce Risk
» Vulnerabilities
 Identification and correction of vulnerabilities – Vulnerability, Patch, Monitoring
 Do not introduce new vulnerabilities into environment – policy
» Threats
 Threat prevention – strong management of controls
 Threat identification and monitoring – intelligent visibility
People Budget Priority
© 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

5. © 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
The Answer?
Budget
• Identify technologies that serve the mission without bells and
whistles that will be rarely used
• Leverage monitoring capability as a compensating control for
areas that lack prevention
People
• Automate identification of threats and vulnerabilities
• Replace technologies that require more care and feeding than
value
Priority
• Reporting builds a case for security and compliance investments
• Automate to solve the people challenge

6. Staying In the Know and In Control
Cyber spies are everywhere and cyber attacks can come from anywhere. Understanding
what is going on in your environment at any given time is vital to combating security
threats and cyber attacks.
Does your agency have the situational awareness needed to spot an attack?
© 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

7. © 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
How SolarWinds Can Help
SolarWinds has helped hundreds of federal agencies improve their security situational
awareness to effectively combat cyber threats without the high cost and operational
overhead of competing security management solutions.
 Centralized visibility
 Configuration & change management
 Continuous monitoring
 Automated remediation
 Flexible reporting
Identify. Protect. Detect. Respond. Report.
SolarWinds’ solutions provide:

8. © 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
Log & Event Manager (LEM)
SolarWinds LEM is a comprehensive log management and SIEM solution that provides continuous
security monitoring of the entire IT infrastructure, combined with real-time event correlation and
automated remediation capabilities to immediately detect and stop an attack.
86% of survey
respondents said it
takes too long to
detect a cyber attack.
Threat Intelligence & Incident
Response Survey -
Ponemon Institute:

9. 5 Ways SolarWinds LEM Can Help
1. Centralized collection of network device, system, and application logs
with real-time event correlation to instantly view security breaches
2. Integrated Active Responses to immediately and automatically take
action to mitigate security threats and thwart an attack
3. USB defense technology with real-time device detection, file access
monitoring, and the ability to block usage to prevent endpoint data loss
4. Advanced search capabilities and data visualization tools to surface
information and perform fast and easy forensic analysis
5. Over 700 pre-configured rules for out-of-the-box usability and hundreds
of pre-packaged “audit-proven” security and compliance templates
including FISMA, DISA STIG, NERC-CIP and more
LEM
© 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

10. © 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
Firewall Security Manager (FSM)
SolarWinds FSM provides centralized, multi-vendor firewall management and configuration analysis,
including automated firewall audits and rule/object cleanup, along with rule change tracking and
change management reporting to find, fill, and prevent dangerous security gaps in firewall policies.
Through 2018, more
than 95% of firewall
breaches will be
caused by firewall
misconfigurations,
not firewall flaws.
Gartner research,
November 28, 2012

11. 5 Ways SolarWinds FSM Can Help
1. Automate and schedule firewall audits against customizable, pre-defined
security check catalogs, including STIG security checks
2. Analyze complex firewall configurations to identify and safely clean up
unnecessary and potentially dangerous rules
3. Utilize network-aware analysis to model changes and validate ACLs to
avoid inadvertently opening up a security hole
4. Leverage an intuitive, customizable dashboard for instant visibility into
risk profile and security status of firewall
5. Track and certify security rules and the business justification of changes
to maintain control and ensure continuous compliance
FSM
© 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

12. © 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
Network Configuration Manager (NCM)
SolarWinds NCM provides automated network configuration and change management with real-time
change detection capabilities, automatic backups of critical configs, and out-of-the-box network policy
assessment templates to maintain effective DISA STIG and NIST FISMA controls for network
configurations.
80% of unplanned
outages are due to ill-
planned changes made
by administrators
("operations staff") or
developers.
IT Process Institute's Visible Ops
Handbook

13. 5 Ways SolarWinds NCM Can Help
1. Real-time change alerts, along with access control, activity tracking, approval
workflows to protect against unauthorized configuration changes
2. Automated device configuration management and bulk change deployment to
save time and reduce the risk of human error
3. Automatic, scheduled backups of network devices with secure archival to
protect critical configuration information
4. Configuration comparisons with change rollback capabilities to quickly recover
a compromised or failed device
5. Out-of-the-box network policy assessment templates and reporting to ensure
configurations comply with federal regulations, including DISA STIG and NIST
NCM
© 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

14. © 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
User Device Tracker (UDT)
SolarWinds UDT delivers automated endpoint tracking and switch port security, including network
watch lists of users and computers, device whitelisting, and remote port shutdown to prevent
unauthorized access and maintain control of who and what are connecting to the network at all times.
49% of federal
employees surveyed
use personal devices
for work-related
tasks.
2013 Telework Exchange
Survey

15. 5 Ways SolarWinds UDT Can Help
1. Automated discovery and tracking of both wired and wireless activity to
maintain awareness of who and what are connecting to the network at all times
2. Fast and simple searching on IP address, username, hostname, or MAC
address to instantly find a user or device’s current and past location
3. Device whitelisting to identify safe versus rogue devices and click-of-a-button
port shutdown to protect against unauthorized access
4. Watch list with automatic alerts to quickly track down suspicious users or
compromised devices
5. Built-in, customizable reports on user or device data over specific time
periods or by network segment, including IPv6 inventory reports, wireless
endpoints reports, user history reports, and more
UDT
© 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

16. © 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
Q&A
16

17. © 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
Stay Connected & Learn More
» Stay Connected:
 Join the Federal and Government Group on thwack®
 Twitter®: @SolarWinds_Gov
 Call: 877-946-3751
 Email: federalsales@solarwinds.com
 Email our Government Reseller DLT®: solarwinds@dlt.com
» Learn More:
 Visit our Federal website: http://www.solarwinds.com/federal
 Watch a short demo video: http://www.solarwinds.com/sedemo
 Download a free trial: http://www.solarwinds.com/downloads/

18. © 2014 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
Thank You!
The SOLARWINDS and SOLARWINDS & Design marks are the exclusive property of SolarWinds
Worldwide, LLC, are registered with the U.S. Patent and Trademark Office, and may be registered or
pending registration in other countries. All other SolarWinds trademarks, service marks, and logos
may be common law marks, registered or pending registration in the United States or in other
countries. All other trademarks mentioned herein are used for identification purposes only and
may be or are trademarks or registered trademarks of their respective companies.