Security Intelligence Platform

Security Manager

The FireMon Security Intelligence Platform provides continuous, real-time visibility into network security infrastructure, policy effectiveness and underlying IT risk, allowing organizations to optimize existing defenses, remediate exposed vulnerabilities and prevent today’s multi-staged attacks.

Built around a patented intelligence engine and delivered to large organizations worldwide with a broad range of integrated capabilities, the FireMon Security Intelligence Platform is the market’s only truly scalable, comprehensive and context-aware source of real time Network Security Intelligence.

Unlike security analysis tools that provide information on historic conditions or events, or assess risks using static threat or vulnerability data, the FireMon Security Intelligence Platform generates predictive analytics that empower today’s IT security teams to proactively address pervasive issues of complexity and change, reducing their overall attack surface.


  • Network Security Infrastructure Device Optimization
  • Enterprise Network Security Enforcement Analysis
  • Automated Policy Workflow and Compliance Validation
  • Predictive Policy and Configuration Change Management
  • Context-Aware IT Risk Exposure Analysis and Prioritization


Security Manager

Built around a patented, scalable Network Security Intelligence engine, with a distributed architecture and local data-collection, FireMon Security Manager provides conclusive, real-time visibility across the entire network security device infrastructure, isolating unseen gaps in protection, improving operational efficiency and eliminating the need to integrate multiple, disparate management tools.

Designed from the bottom up to support continuous assessment of today’s sprawling enterprise, government, and MSSP security architectures and featuring direct integration with thousands of firewalls, routers, switches and devices from the leading industry vendors, Security Manager delivers real-time, consistent analysis of today’s complex, ever-changing, multi-vendor network security environments.


  • Device Rules Analysis, Cleanup and Optimization
  • Real-Time Change Detection, Alerting and Auditing
  • Detailed Cross-Infrastructure Access Path Analysis
  • Continuous, Automated Policy Compliance Auditing
  • Graphic, Customizable Network Security Visualization

Policy Planner Workflow

FireMon Policy Planner Module significantly extends the capabilities of Security Manager, adding continuous, closed-loop oversight of network security device policy workflow, providing automated policy optimization and change execution, with standards-based business process management integration.

Designed to provide proactive “what-if” policy change impact assessment, comparative policy complexity and compliance scoring, and documentation of every network access policy change, including business owner and justification, Policy Planner substantially reduces the time and resources necessary to research and execute security device infrastructure changes, increasing efficiency and ensuring that network defenses haven’t been compromised.


  • Device Policy Change Workflow Management
  • Automated Change Engineering Recommendation
  • Integrated Change Request Redundancy Analysis
  • Predictive Policy Change Impact Analysis
  • BPMN 2.0 Business Process Management Integration

Risk Analyzer

FireMon Risk Analyzer dramatically extends the capabilities of Security Manager, providing detailed visibility into access-based exposure of known network vulnerabilities, with cross-infrastructure mapping of all external attack paths, location-based scoring of exploitable IT-risks, and critical understanding of available routes that facilitate internal, post-breach threat escalation.

Designed to offer proactive, context-aware intelligence regarding the real-world likelihood of vulnerability exploitation and identify every existing route of potential attack exposure, with direct knowledge of underlying hosts and business assets, Risk Analyzer allows practitioners to faster and more efficiently translate network scanner results to prioritized mitigation actions.


  • Network Attack Path Analysis and Visualization
  • Continuous Infrastructure Attack Surface Monitoring
  • Network Access Enforcement Gap Identification
  • Security/IT Risk Operations Effectiveness Measurement
  • Network Vulnerability Remediation Prioritization