EN 
False Positive Rate Eliminated From Manual Compliance Reporting
Firewalls and Switches Across Cisco, Fortinet, and Juniper
Multi-Vendor Environments Unified in a Single Platform
The Challenge
This global travel marketing and reservations company managed a multi-vendor network of more than 100 firewalls and switches across Cisco, Fortinet, and Juniper, plus AWS and Azure security groups. Compliance scanning relied on a single-user, manual tool reviewed one device at a time, generating a ~20% false positive rate and constant manual investigation. When PCI audit requirements shifted from annual to quarterly, the process couldn’t keep pace — and with no real-time change tracking or topology visibility, unauthorized firewall modifications went undetected.
- Replace manual, config-by-config compliance scanning with continuous, automated assessments against PCI, NIST, and CIS benchmarks
- Eliminate the high false-positive rate driving unnecessary investigation and vendor ticketing
- Gain real-time change tracking and alerting for unauthorized firewall modifications
- Establish full network topology visibility across a complex, multi-vendor estate
- Support legacy device versions that the existing scanning tool could not read
The Solution
FireMon Security Manager and Policy Optimizer gave the organization a single platform for continuous, multi-vendor compliance automation. Security Manager replaced the prior manual process with always-on scanning across every Cisco, Fortinet, and Juniper device, including legacy versions the previous tool couldn’t support, while delivering real-time change tracking and alerting on out-of-process modifications. Policy Optimizer automated the quarterly PCI, NIST, and CIS recertification workflow that had previously consumed significant manual effort, while shadow and unused rule identification gave the security team a clearer view of policy bloat across the environment.
- Continuous, automated compliance scanning across Cisco, Fortinet, and Juniper devices, plus AWS and Azure environments
- Real-time change detection and alerting for unauthorized firewall modifications
- Automated quarterly PCI, NIST, and CIS recertification workflows
- Full network topology visibility across the multi-vendor estate
- A foundation for future ITSM integration to automate ticket creation from compliance findings
Before FireMon, I was exporting configs one by one and chasing down false positives that turned out to be nothing. Now that whole process runs in the background, and I can actually trust what the platform is telling me.
Results
- Eliminated the need for manual, config-by-config compliance scanning across 100+ devices
- Replaced a ~20% false-positive rate with higher-accuracy automated compliance assessments
- Gained real-time visibility into firewall changes for the first time
- Closed a legacy device support gap that had left a portion of the environment unscanned
- Built a scalable compliance foundation to support quarterly audit cycles going forward