Informational insights are insights that cannot be remediated through the Veriti platform (as opposed to actionable insights, which can). For each one, you’ll need to access the relevant external product and make any necessary adjustments there.
Below, we explain the different types of informational insights that may be triggered by Veriti.
Security products are typically deployed incrementally, and as a result, administrators may forget to enable all of the products they purchase.
The “Product Disabled” insight notifies you when a security product is licensed but not enabled on one or more of your firewalls, thus compromising your security. Veriti will provide you with a recommendation of how to remediate this insight.
As a security administrator, you always want to be sure your products are running the latest versions and patches. This requires you to update security products regularly, even multiple times per week.
The “Product Update” insight notifies you when a product’s configurations are not up to date on one or more of your firewalls, thus compromising your security. Veriti will provide you with a recommendation of how to remediate this insight.
Boosting your security posture requires your products to be fully licensed and enabled. If a security product’s license is expired, you will not be able to use it – thus leaving you unprotected.
The “License Expired” insight notifies you when a product connected to one or more of your firewalls has an expired license. Veriti will provide you with a recommendation of how to remediate this insight.
Note that a security product, even if it has an expired license, can be considered “enabled”. If its license is expired and it is also disabled, you will receive two insights: a “License Expired” insight and a “Product Disabled” insight.
Security software providers regularly release new features to address new security flaws and vulnerabilities. Failure to run the most up-to-date software version will compromise your security.
The “Software Update” insight notifies you when the software is out of date for one or more of your firewalls, and highlights the new features and fixes for each version. Veriti will provide you with a recommendation of how to remediate this insight.
Note that this insight pertains to the operating system of a firewall, whereas the “Product Update” insight pertains to specific products connected to a firewall (e.g. anti-virus, anti-bot).
Modern security products are complex to configure and maintain, which increases the likelihood of a security administrator creating configuration mismatches that prevent them from enforcing the security level they intended. Veriti will detect this mismatch by analyzing your policy configurations.
The “Configuration Mismatch” insight notifies you when a security product is not configured properly on one or more of your firewalls, thus compromising your security. This insight will only be triggered for products that are enabled.
As an example, your organization’s security policy may dictate the use of a CDR (Content Disarm and Reconstruct) for all employees. If a security administrator creates an exception that removes the enforcement for all employees, this would create a configuration mismatch that could be detected by Veriti.