Firewall Policy Optimizer - Firewall Policy Change Management

FireMon Policy Optimizer automates the management, audit, and modification of network security policies by dynamically adapting network access as your business and IT requirements change, even after policies have been deployed – so you can enable business agility in the face of change.

About Policy Optimizer

Policy Optimizer automates the policy change review process and streamlines rule justification and clean-up efforts to optimize performance and ensure continuous compliance with industry regulations and best practices.

How Policy Optimizer Helps You

Continuous Compliance with Automated Rule Review, Recertification, and Decommissioning

Network security policy management becomes increasingly complex as rules are added to support changing business demands. Rules are rarely reviewed or removed, ultimately resulting in too many policies in too many places. The time-consuming, error-prone processes of manually managing policies results in outdated, redundant, and overly permissive rules. This can lead to audit failures, unplanned outages, and more vulnerable attack surfaces–all which increase risk. Without automating your policies, your time-to-market, as well as your enterprise speed and agility will be adversely impacted.

FireMon Policy Optimizer empowers you to adapt to changes in your business and IT environment while remaining secure and compliant. Unlike other solutions, Policy Optimizer intelligently automates the lifecycle of network security policies with flexible workflows for firewall rule review, recertification, modification, and removal and facilitates agility through policy recommendations you can quickly validate with stakeholders and act upon.

FireMon enables organizations to transform network security policy management and obtain real results, with customers achieving a 40% reduction in unneeded rules.

Automate policy review
Review event-driven rules
Customize workflows
Maintain continuous compliance
Improve performance and best practices

The FireMon Advantage

Automate requests that conform to security goals and standards
Reduce risk by ensuring the right firewall changes are made at the right time
Improve speed and accuracy while reducing SLAs
Deploy changes directly to devices

Policy Optimizer Automated Policy Review

Automate Policy Review

Eliminate inefficient, error-prone processes

90% improved efficiency by automating firewall policy operations

Companies have well-defined processes to add rules, but often no process to review them. Policy Optimizer automates the change review process to help you tame out-of-control, outdated, or undocumented rules.

Assign review tasks based on rule and policy properties
Streamline workflows to document, recertify, modify, decommission, and report on every policy
Leave nothing to chance with automatic rule documentation

Review Event-driven Rules

Automatically review rules based on specific details

83% of all unplanned network outages are caused by mistakes during an approved change – 70% of them are firewall related. Policy Optimizer automatically identifies rules demanding immediate analysis driven by real-world events – including severity and timing.

Analyze event-driven rules based on time-frame expiration, compliance failure, periodic review, or ad-hoc query
Queue critical security rules for severity and timing
Coordinate reviews with security, application, and business teams and determine appropriate remediation

Automatically review rules based on specific details

Eliminate inefficient, error-prone processes

Customize Workflows

Easily integrate with existing processes

Typical customers average 400% faster policy change review time. Policy Optimizer enables you to customize the built-in workflow and integrate with your existing business management systems and tools to meet your unique requirements.

Automate requests that conform to security goals and standards
Automatically route decertified access through to Policy Planner to create change tickets for removable rules
Enable stakeholders to invoke application-level recommendations

Improve Performance and Best Practices

Targeted intelligence for rule improvement

Sustainment tasks are 5x faster for typical customers

FireMon provides detailed information regarding each reviewed rule with the option to approve or reject current rule configuration.

Adopt best practices by engaging stakeholders for removal of expired, undocumented, and hidden rules
Reduce risk by removing rules that introduce control failures or have been modified from their original purpose
Improve performance by removing rules that impede firewall performance and cause service interruptions

Policy Optimizer Maintains Continuous Compliance

Maintain Continuous Compliance

Easily maintain compliance accountability

79% efficiency gain for report generation.

FireMon removes the need for tracking through third-party spreadsheets and makes it easy to ensure compliance with internal requirements and external regulatory standards, including PCI-DSS, NERC-CIP, HIPAA, and SOX.

Be audit ready with sub-second reporting for every policy and rule
Customize reports to suit specific requirements
Maintain a repository of rule recertification details and change documentation over time

.