Optimizing Firewall Policy Management

How effective are your firewall policies?

FireMon’s firewall policy change analysis and reporting capability provides a single, detailed view of every security device on the network to help you identify gaps and redundancies in firewall policy. The results are better defenses, faster response times and improved compliance.

Optimizing firewall policy management with FireMon enables you to:

  • Monitor the effectiveness of network security infrastructure.
  • Eliminate unnecessary access.
  • Respond to business-drive requests faster.
  • Comply with industry standards and regulations.
  • Perform targeted IT risk mitigation.

Find Unused Rules

Identify any unused rules and objects in existing policies to prevent unseen gaps in defense and reduce unnecessary complexity.

Locate Hidden Rules

Discover hidden and redundant rules that make your policies less effective – reducing complexity and informing proper documentation.

Policy Search

Quickly search all devices within the enterprise domain from a single place in the application.

Security Analysis

Gauge the efficacy of your existing firewall policies, including comparative scoring, to understand current access enforcement.

Risk Analysis

Isolate access-based risks based on your existing firewall policies, gaining the ability to rapidly mitigate problems by adapting rules.

Access Path Analysis

Map and analyze all access paths created by your existing firewall policies to ensure proper network defense and segmentation.

Service Risk Analysis

Calculate and assess the comparative level of security risk associated with your existing firewall policies to prioritize improvement.

Traffic Flow Analysis

Trace the source and destination of every rule in each of your existing firewall policies (including NAT) to understand traffic flow.

Change Detection & Reporting

Isolate, document and, when necessary, alert on every ongoing change implemented throughout your existing firewall policies.

Rule Recertification

Automate workflow and recertification of your existing firewall policies to validate ongoing standards compliance (PCI DSS).

Rule Review

Examine all rule sets applied within your existing firewall policies to continually assess and improve network enforcement.


Pre-approve existing firewall rules and policies specific to your environment to speed analysis and ongoing management.