The Value of Firewall Management: Half the Story Isn't Enough


There is a very solid operational business case for Network Security Policy Management (NSPM) solutions. The business case has various flavors but goes essentially like this:

# rule request changes X time to complete the change X hourly rate = business impact

If you change one of the three variables, you can compare to the original business impact and understand the ROI for your NSPM investment. FireMon has proven out this theory with more than a thousand customers. Each has their own unique environments, but the basic equation remains essentially the same.

And while that’s all very compelling, there is another half to the story that has an even greater impact, and FireMon is the only NSPM vendor that can deliver the second half of the story effectively. The second half of the story falls under the umbrella of intelligent security management and includes the operational metrics above as well as risk metrics.

A couple of months ago, I was talking with one of the top security research fellows at Aberdeen and floated the idea that as complexity increases in an organization, they are impacted with increased operational costs AND increased risk. The typical solution to the problem is to add human resources to address both. However, there is a practical limit (budget and management) to what additional human resources can do as well as a productivity limit (we can only hold so much context in our head, and you quickly scale past what we can manage intellectually). As we talked, we both became more and more interested in modeling the operational and security risks to give organizations the complete picture.

After a lot of discussion, interviews, surveys and analysis, I’m pleased to announce the availability of the first-ever study that quantifies the value of firewall management for both security posture and operations. The research entitled Quantifying the Value of Security Management [DOWNLOAD] was conducted by Derek Brink, vice president and research fellow at Aberdeen Group and illustrates the increasingly complex problem of firewall sprawl. It also quantifies the median savings after implementing a firewall management solution equating to more than three million dollars for a typical mid-size organization. That number increases for the typical Fortune 500 company and therefore the savings could be upwards of tens of millions of dollars.

In the report, Brink notes that the surprising complexity of enterprise network firewall infrastructure means that manual management of policies, rules and configurations is time-consuming and error-prone, adding operational cost and increased security-related risks. These are issues which FireMon is all too familiar with when speaking to companies facing the same problems. According to Aberdeen’s Monte Carlo model used in the report, compared to the status quo, the implementation of a firewall management solution corresponds to a median reduction in risk of about 3.6 times and a median annual return on investment of more than 200 times.

At FireMon, we know that there are very few constants in business, but two of them are environments will get more complex not less and intelligent security management means better security.