EN 
Automated PCI-DSS compliance
Devices currently managed
Room to grow for additional planned devices in the future
The Challenge
The international company lacked the visibility and consistent policy management within its expansive infrastructure necessary to detect and clean up redundant and non-compliant rules, leading to PCI compliance uncertainty for their thousands of worldwide locations.
The company sought to:
- Become proactively PCI-compliant through detection and cleanup of redundant, outdated and non compliant rules
- Gain comprehensive and centralized policy management of all devices including Cisco, Juniper, WatchGuard, Palo Alto Networks, Checkpoint, and SonicWall
- Increase visibility and streamline management of their mixed-vendor environment
- Scale from 100 licenses devices to over 3,000
The Solution
With NSPM from FireMon, the company implemented proactive compliance and gained real-time visibility, control, and management capabilities for all network security devices across its multi-vendor environment.
- Unified management console for their entire mix of firewalls
- Policy standardization and optimization identified and cleaned redundant rules
- Proactive compliance checks and auto-denial of changes that violate PCI-DSS compliance standards
- A flexible framework that will encompass an additional 6,500 firewalls across their environment in the coming years
Because of our recent acquisition and the large number of new rules we had to review, we knew we had to move fast to become PCI compliant. Thanks to FireMon, rule cleanup was a breeze. Our quarterly audits are now about verifying compliance, rather than discovering violations.”
Results
- 100% automated PCI-DSS compliance reports across a growing multi-vendor environment
- 3,500 devices currently managed with a plan to scale up to 10,000
- Improved firewall management and reduced security risk through proactive, automated rule validation
- Well-positioned to embrace future enterprise-wide security policy automation