Continuous PCI-DSS Compliance
After years of enduring painful manual processes to produce compliance audit reports and manage multi-vendor firewall rules, FireMon’s Agile NSPM solutions reduced operational costs and enhanced a leading international retailer’s security and compliance posture.
A rapid growth in online sales put pressure on the company’s security and network teams to build a state-of-the-art IT infrastructure that could meet the needs of the business and ensure they were accurately meeting compliance requirements. They needed to reduce the number of firewall vendors used while migrating new and replacement devices to cloud-based services in their hybrid environment. Their mix of manual processes and spreadsheet-based tools couldn’t keep pace with these new demands.
- Complexity of current processes was unable to handle the migration from 9 firewall vendors down to 4
- Lack of visibility and consistency hindered the deployment of cloud-based services to replace end-of-life firewalls
- Manual compliance reporting was taking more time, with more errors, and was cutting it close to deadlines
- New applications were regularly delayed due to firewall rule set up across various firewall platforms
About the Company
A US-based Fortune 500 footwear retailer with thousands of retail stores in nearly 30 countries, along with numerous e-commerce websites and mobile apps. The company operates a portfolio of well-known athletic footwear and other athletic-related brands.
FireMon’s Agile NSPM solution provided a combination of network security policy orchestration and risk management tools that delivered a comprehensive solution that pulled their existing firewall platforms together with their cloud services into a single management console. This unified view delivered visibility across their entire infrastructure and gave them control to instantly deploy policy changes accurately and uniformly across every device in use.
- Standardized firewall rule policy management across the company’s data centers and Azure cloud environments
- Preconfigured control sets and scheduling for ad hoc and automated PCI-DSS compliance reporting
- Automated policy audits that validate internal control compliance monthly
- Compliance and security impact assessments of proposed rule changes
- Workflows automatically route rule requests to approvers based on internal and compliance policies