Firewall Policy Optimizer - Firewall Policy Change Management
FireMon Policy Optimizer automates the management, audit, and modification of network security policies by dynamically adapting network access as your business and IT requirements change, even after policies have been deployed – so you can enable business agility in the face of change.
About Policy Optimizer
Policy Optimizer automates the policy change review process and streamlines rule justification and clean-up efforts to optimize performance and ensure continuous compliance with industry regulations and best practices.
Continuous Compliance with Automated Rule Review, Recertification, and Decommissioning
Network security policy management becomes increasingly complex as rules are added to support changing business demands. Rules are rarely reviewed or removed, ultimately resulting in too many policies in too many places. The time-consuming, error-prone processes of manually managing policies results in outdated, redundant, and overly permissive rules. This can lead to audit failures, unplanned outages, and more vulnerable attack surfaces–all which increase risk. Without automating your policies, your time-to-market, as well as your enterprise speed and agility will be adversely impacted.
FireMon Policy Optimizer empowers you to adapt to changes in your business and IT environment while remaining secure and compliant. Unlike other solutions, Policy Optimizer intelligently automates the lifecycle of network security policies with flexible workflows for firewall rule review, recertification, modification, and removal and facilitates agility through policy recommendations you can quickly validate with stakeholders and act upon.
FireMon enables organizations to transform network security policy management and obtain real results, with customers achieving a 40% reduction in unneeded rules.
- Automate policy review
- Review event-driven rules
- Customize workflows
- Maintain continuous compliance
- Improve performance and best practices
The FireMon Advantage
- Automate requests that conform to security goals and standards
- Reduce risk by ensuring the right firewall changes are made at the right time
- Improve speed and accuracy while reducing SLAs
- Deploy changes directly to devices
Automate Policy Review
Eliminate inefficient, error-prone processes
90% improved efficiency by automating firewall policy operations
Companies have well-defined processes to add rules, but often no process to review them. Policy Optimizer automates the change review process to help you tame out-of-control, outdated, or undocumented rules.
- Assign review tasks based on rule and policy properties
- Streamline workflows to document, recertify, modify, decommission, and report on every policy
- Leave nothing to chance with automatic rule documentation
Review Event-driven Rules
Automatically review rules based on specific details
83% of all unplanned network outages are caused by mistakes during an approved change – 70% of them are firewall related. Policy Optimizer automatically identifies rules demanding immediate analysis driven by real-world events – including severity and timing.
- Analyze event-driven rules based on time-frame expiration, compliance failure, periodic review, or ad-hoc query
- Queue critical security rules for severity and timing
- Coordinate reviews with security, application, and business teams and determine appropriate remediation
Customize Workflows
Easily integrate with existing processes
Typical customers average 400% faster policy change review time. Policy Optimizer enables you to customize the built-in workflow and integrate with your existing business management systems and tools to meet your unique requirements.
- Automate requests that conform to security goals and standards
- Automatically route decertified access through to Policy Planner to create change tickets for removable rules
- Enable stakeholders to invoke application-level recommendations
Improve Performance and Best Practices
Targeted intelligence for rule improvement
Sustainment tasks are 5x faster for typical customers
FireMon provides detailed information regarding each reviewed rule with the option to approve or reject current rule configuration.
- Adopt best practices by engaging stakeholders for removal of expired, undocumented, and hidden rules
- Reduce risk by removing rules that introduce control failures or have been modified from their original purpose
- Improve performance by removing rules that impede firewall performance and cause service interruptions
Maintain Continuous Compliance
Easily maintain compliance accountability
79% efficiency gain for report generation.
FireMon removes the need for tracking through third-party spreadsheets and makes it easy to ensure compliance with internal requirements and external regulatory standards, including PCI-DSS, NERC-CIP, HIPAA, and SOX.
- Be audit ready with sub-second reporting for every policy and rule
- Customize reports to suit specific requirements
- Maintain a repository of rule recertification details and change documentation over time
.
Policy Optimizer Resources
February 27, 2019
FireMon Policy Optimizer Datasheet
Rules get outdated. That’s just what they do. As networks change and access requirements shift, security controls have knock-on effects on other rules, policies and access controls. Security teams must...
Learn More
February 27, 2019
Intelligent Policy Automation Solution Brief
Firewall teams are under immense pressure to balance the needs of both the business and the security and compliance groups. If an access request is denied, even for security reasons...
Learn More
February 22, 2019
2018 State of the Firewall Survey Report
Firewalls remain critical to network security, despite the question “Are firewalls still relevant to security?” being asked on other surveys as far back as 2010. While firewalls remain relevant, shifts...
Learn More