Managing enterprise
network security.

Security Manager is a network security policy and risk management solution that improves your security posture by making daily operations more efficient, providing powerful configuration analysis and proactively reducing risk.

See all the features of Security Manager.

Visualize, Analyze, and Comply

Find and Reduce Risk

Operations and Change Management

Firewall Cleanup

Monitoring and Data Collection

Visualize, Analyze and Comply Making sense out of very complex data sets can be difficult. The configurations and events of large network security infrastructures are indeed complex, but Security Manager has a number of capabilities to help users better understand their posture so they are more aware of their risks and can analyze themselves for compliance. Visualization is a great technique for making sense of the complex. Security Manager provides a topology of the network, a map of a single security device, and a graphical representation of the rules in a firewall, all aimed at helping to quickly understand the current posture of the network. Access analysis is the holy grail of network security management. Understanding who has access to what and which controls are granting that access are key to limiting risk. Understanding why other access is not available is necessary to engineering new requirements. All of these analysis capabilities make compliance and compliance reporting much faster and easier. Learn how Security Manager can help with PCI. See the full details on access analysis.

Find and Reduce Risk Ultimately, we'd all like to manage our network security from a risk-based perspective. To balance the need for access with the potential harm from compromise. Security Manager provides that risk picture and integrates it into security operations, enabling risk to drive your daily decisions. There isn't risk in every vulnerability. Those that aren't accessible, don't increase risk. The key is finding those that are accessible and understanding how that access may put other assets at risk. With Security Manager, your risk becomes apparent. It can measure the risk potential from any source, provide prioritized recommendations on how to reduce your exposure and build risk into your change process to know risk before implementation. Learn more about how to reduce risk in your network. See how Security Manager measures risk. How is risk available before access implementation?

Operations and Change Management The volatility of most large networks is on the rise. Virtual data centers, mobility and cloud computing have drastically increased the speed at which the requirements for network security are changing. The impact to daily security operations centers mostly around configuration change management. How do you plan, engineer, and implement hundreds of changes a week across many network security devices while making sure those new changes aren't risky? Security Manager can help. Start with better planning using our state of the art operations tool, Policy Planner. Reduce time and effort while making better changes with our analysis features. Capture and record all changes for compliance. And ensure every change isn't risky even before implementation. Learn more about Policy Planner. See more results from improving operations.

Firewall Cleanup Cleanup is a special kind of analysis for firewall rule sets. Security Manager enables accurate, complete and ongoing identification of the configuration elements that can be removed from your firewalls. Cleanup makes a complex security configuration more understandable, improves device performance, and reduces the risk of unintended access. Learn more about the outcomes of firewall cleanup. See how Security Manager enables cleanup activities.

Monitoring and Data Collection To accomplish its amazing results, Security Manager must monitor your network security devices. It's just as challenging as it sounds. The larger and more complex the network, the more difficult it becomes to monitor. The number of devices, the diverse locations, and the amount of data that is generated are all obstacles that the management platform must navigate. FireMon's tiered architecture was designed to monitor the security devices on the largest networks in the world. No matter how many devices are being monitored, FireMon provides a single point of user entry with a robust and sustainable Application Server. Device monitoring is accomplished by the Data Collectors, which can be physically separate components and can scale with your network deployment. View all the devices we can monitor. Learn more about the FireMon Architecture. See the results: CSC case study.