Policy Normalization & Network Security

Jody Brazil

To perform the breadth of analysis required within today’s complex, multivendor networks, FireMon Security Manager incorporates dynamic and adaptive policy normalization, allowing for consistent, conclusive analysis of firewall configurations.

With direct integration supported via partnerships with all leading firewall manufacturers, and customizable Device-Packs to foster use with any system, Security Manager interacts smoothly with everything from next-generation firewalls (NGFWs) to legacy systems.

As device OEMs advance their solutions to address applications awareness, virtualization, cloud services and software defined networking (SDN), FireMon normalization is evolved constantly updated to support newly created policy models.

Through analysis of any firewall tasked with enforcement of even the most unique security policies, FireMon Security Manager supports all the assessment capabilities that today’s enterprises require, including:

  • Support for all leading firewall devices, worldwide
  • Consistent analysis across all OEM policy formats
  • Assessment of next generation, app centric firewalls
  • Automated syntax and configuration translation
  • Analysis via common policy formatting and language

Behavior Normalization

Just as with Policy Normalization, FireMon Security Manager provides the ability to process, analyze and, normalize the full range of device behavior models found within today’s diverse enterprise environments.

Via partnerships with leading device manufacturers and generic collection and classification of any device or policy, Security Manager’s Behavior Normalization technology represents critically unique advantage.

By capturing and translating behaviors into a common format to ensure consistent analysis, Security Manager creates a singularly meaningful and actionable view of conclusive results.

Through the unique ability to combine all firewall device and policy interaction into a cohesive, “behavior chain,” FireMon Security Manager offers the strategic ability to perform standardized assessment including:

  • Normalization of any variety of firewall behavior models
  • Rapid assessment of even the most heterogeneous networks
  • Analysis regardless of NAT design, status or permissions
  • Use of a standardized behavior dataset for all configurations
  • Consistent processing of all features, across all devices