Introducing FireMon Policy Optimizer

FireMon’s Policy Optimizer Module automates key elements of the process necessary to adapt network security device policies to respond to changing conditions. Policy Optimizer dramatically advances the identification and improvement of troublesome firewall configurations in relation to emerging threats, evolving business demands and maturing compliance requirements, providing a centralized workflow allowing security teams to interact directly with other network access stakeholders, with integrated risk analysis.

Policy Optimizer supports complex, heterogeneous networks containing multiple firewall vendor technologies. The workflow is customizable to meet the needs of any organization. And with RESTful API’s exposed, integration into existing change management systems is natively supported.

Policy Optimization Process Management

Transform security infrastructure management by automating the change review process, from rule analysis to policy modification, as well as recertification and documentation.
FireMon Policy Optimizer

Rule Recertification & Review

Analyze firewall policies to clean-up and optimize firewall configurations to improve security, manageability and performance. Key features include:
Rule Review

Rule Review

Examine all rule sets applied within your existing firewall policies to continually assess and improve network enforcement.


Multi-Factor Rule Review

Multi-Factor Rule Review

Analyze every aspect of rule review, driven by real-world events, to identify control failures, understand usage and apply best practices for improving or removing access, when possible.

Rule Recertification

Rule Recertification

Utilize a closed-loop workflow to ensure that network security compliance requirements are being met and advance the process of periodic rules recertification for standards including PCI DSS.


Continuous monitoring of all devices for any change to the configuration or policy. Understand what changed, when it changed, why it changed and the impacts of the change. Full change management solution including:
Rule Review

Intelligent Policy Editing

Leverage a wide array of powerful tools to automate policy identification, analysis and editing, including dynamic search capabilities built around the proprietary FireMon Security Intelligence Query Language (SIQL) enabling full-scope evaluation, review and testing of device configurations.

Multi-Factor Rule Review

Event-Driven Rule Analysis

Automatically identify those policies and rules that demand immediate analysis driven by real-world events, including time-frame expiration, critical security control failure, periodic review or ad-hoc query; complemented by manual routing.

Rule Recertification

Customized Workflow

Easily change the built-in workflow to meet your custom needs. Because it is built on BPMN 2.0 task types, including forks, parallel paths, timers and notifications, you can build a workflow specific to your environment.


Review effectiveness and correctness of enforced policies on firewalls to identify gaps in protection and inconsistencies in configurations as well as enforce internal access controls.

3rd-Party Integration

Integrate with existing change management systems seamlessly. Policy Planner supports many integration options and connection points throughout the change process. Supported change management systems include:

  • HP Service Manager
  • BMC Remedy
  • Service Now
  • Proprietary Systems

To learn more about Policy Optimizer, participate in an in-depth demonstration or sign up for a free 30-day trial to test its capabilities in your own unique environment, click here.