I am very pleased and excited to announce the release of FireMon eVolution, version 5.0 (Press Release).  Dating back to 2001, when FireMon v1 was first released, FireMon has been a clear innovator in the space of Security Management.  This release is no different, bringing several very impressive innovations to market.  But, FireMon eVolution is more than just a technological advancement; this release represents a true evolution in firewall management.

Before I discuss what eVolution means to the market and to Secure Passage, let me first provide a brief history of what we have accomplished over the previous 8 years.

For years, FireMon has helped administrators deal with many of the complexities of managing firewalls.  Initially we helped address a business continuity and security issue of incorrect changes.  Introducing side-by-side change reporting, FireMon provided an understandable visual representation of the change permitting a control point for security verification and a restore point for restoration of operation.  Several years later, FireMon introduced business continuity analysis with auditing capabilities to ensure consistent policy enforcement.

By 2004, FireMon revolutionized firewall policy management with two of the most important operational tools ever introduced in this space with Policy Test and Rule Usage analysis.  Even to this day, policy test is one of the most powerful policy management features providing search, test, compliance, risk, and analysis capabilities to ease management of even the most complex policies deployed in enterprises today.  Similarly Rule Usage revolutionized policy clean-up tasks, providing a clear indication of unused rules.  Although we were excited about this feature when we first created it, we didn’t fully appreciate how necessary it was.  Over time, it became apparent how desperate enterprises were for this capability.  Even to this day, it is one of the most sought after capabilities in FireMon.

Recognizing the potential opportunity of FireMon, Secure Passage undertook a substantial architecture project to enable support for more devices and enterprise scalability.  Although it was a long road, we achieved our objective to create an extensive, scalable and stable framework on which we could build our next generation of FireMon.  On this platform, we have seen the creation of an extensible analysis and reporting solution which we have used to create some very creative custom reports for large enterprises.  We have added support for an ever-growing list of firewalls.  We have extended our rule usage to analyze object usage.  Policy test has been extended to enable more refined analysis.

And through all this, FireMon has been sold to nearly 300 enterprise customers with more than 25,000 devices are under management.

So what’s next….

FireMon eVolution builds on this 8 years of technology innovation and takes giant steps beyond just a collection of powerful tools towards a comprehensive management and governance solution.

If you evaluate all our previous capabilities, you will see a very common theme; to address many symptoms of poor firewall management.  Firewalls devolve over time permitting too much access through years of mis-management.  We provided post-change comparison reports that isolated otherwise obscured changes.  Policy test is a powerful tool to investigate overly complicated policies.  Rule usage was necessary to identify long-forgotten rules that were no longer needed.  Powerful analysis functions helped make sense of complicated configurations.  Service Risk Analysis helped identify low-hanging fruit of excessively risky rule definitions.  These are extremely powerful and certainly innovative solutions to address the many shortcomings of the vendor-provided tools.  But every one of them was the equivalent to giving a firewall admin an aspirin to deal with the pain he was inflicting with the hammer he was using to hit a nail, but instead kept hitting his thumb.  What is needed is a remedy for the cause…we need to ensure the hammer hits the nail!

FireMon eVolution changes the role of FireMon in the enterprise.  The goal of every firewall is to control access.  The policy is the implementation of that goal.  And the rule is the building block of the policy that controls the access.  If every rule is correct and permits (or denies) the appropriate access, the firewall will effectively implement the access control policy of the enterprise.  Effective management of all rules results in effective firewall management (Better Security through Better Management!).  What is needed is better firewall rule management.  FireMon eVolution is the answer to this challenge.

I look forward to sharing more how FireMon eVolution addresses these challenges.