FireMon

Policy Optimizer

Automate workflows to review and recertify existing firewall and cloud security group rules

Rules Change. Maintaining Compliance Can’t.

Maintaining and removing policies rarely receives as much attention as their creation. Old policies clutter the network with expired, unused, and overly permissive rules expanding the threat surface. This sends security impacts rippling across the organization and makes meeting compliance standards nearly impossible.

Policy Optimizer for FireMon Security Manager

The Policy Optimizer module for Security Manager provides automatic workflow management to review then recertify or decertify existing firewall rules in accordance with compliance, business, or security policies. Using event-based triggers or search query results generated within Security Manager, Policy Optimizer automatically creates then sends tickets to policy owners to take action.

Continuous compliance by ensuring existing rules are reviewed regularly and when violations occur
Streamlined and accurate compliance audits with historical documentation on all rule certifications
Automated PCI DSS 3.2.1 compliance for requirement 1.1.7
Rapid and more accurate rule reviews with integration into existing business processes

There is a list of built-in compliance controls that are missing in the competition.

It's great for audit purposes when you need to show when changes were made, what was made, who made them, and with what change.

Gives you an enterprise dashboard with percentages that you can drill down to the devices - as the rules are constantly changing to fit business needs this helps reduce security flaws a human will miss.

With FireMon, we are able to continually audit our firewalls and flag any issues that would cause a problem with a security audit.

FireMon does a great job in validating firewall policies against our regulatory requirements and in the utility business there is a lot of regulation to comply to. I think this is a great strength because it's getting harder and harder to follow-up on all regulation that applies.

After identifying which firewalls and rulesets are in scope, producing a report artifact to satisfy PCI requirements on firewall reviews is literally a two-click operation

A flexible interface allows for granular information to be generated, exported, and manipulated. Want to export a list of expired rules? Done. Rules that allow traffic but don't have logging enabled? Done. Find a change that took place outside of your change window and identify who's manager to speak to? Done.

Previous

Next

Policy Optimizer Features

Add a header to begin generating the table of contents

Automatic Ticket Creation and Routing

Flexible workflows that can be adapted to nearly any business process.

Event-based triggers including policy violations, rule expiration dates, dormancy over time, control failures, and periodically scheduled reviews
Send rule search query results from Security Manager to create new workflows
Rules automatically assigned to owner by email with relevant attachments for review and treatment
Highly customizable workflows can be tailored to business or regulatory requirements

Rule Treatment Options

Allow each rule owner to select how each rule should be processed.

Certify rules to keep active
Decertify rules that need to be revised or decommissioned
Automate rule decommissioning when used with Policy Planner

Centralized Audit Tracking

A single source of truth for security policies across the entire environment.

Audit trails automatically register all actions performed on the rule over time
Details on review stage, reviewer, start/end dates, completion, and duration captured for each ticket
Tamper-proof audit data ensures accurate compliance reporting

Administration and Reporting

Complete suite of tools to manage the entire policy recertification process.

Easy-to-understand dashboard of all workflows in progress
Color-coded severity to prioritize mitigation
Find any Policy Optimizer ticket quickly using FireMon’s SIQL search tools
Role-based workflow permissions

Use
Cases

Data Sheet

FireMon Policy Optimizer Datasheet

Automate policy change review processes and streamline rule justification and clean-up efforts to optimize performance and ensure continuous compliance with industry regulations and best practices.

Trusted by the Global 2000

Deemed critical to National Security
by the United States Treasury

Learn more about Policy Optimizer

Video

Automate Rule Lifecycle Workflows

See how Policy Optimizer simplifies the process of review and recertification.

Policy Optimizer Customer Review

"FireMon - Bringing the Heat!"
Southwest Airlines

READ THE REVIEW

EBOOK

Debunking 4 Common Myths of Security Compliance

Dispel these common myths and create an aggressive compliance playbook.

Get 9X Better

See how to get:

90% Efficiency Gain by automating firewall support operations

90%+ Faster time to globally block malicious actors to a new line

90% Reduction in FTE hours to implement firewalls

Schedule a Demo

Business Email(Required)

First Name(Required)

Last Name(Required)

Company(Required)

Job Title(Required)

Phone(Required)

Country(Required)

State(Required)

recieve_updates

Yes, I would like to receive marketing communications regarding FireMon products, services and events.

terms_and_conditions(Required)

REQUIRED I accept the terms of FireMon’s privacy policy