• Solutions
• Products
• Download
• Partners
• News
• Company
• Buy

What is FireMon?

FireMon® is software that helps you manage your firewalls. FireMon will plan and report on any changes to the firewall policy, increasing visibility and reducing the cost of making changes. It will show you which of your rules are unused and how traffic flows through each rule, letting you clean up unnecessary access and tighten down existing rules. And, with continued, automated analysis of things like PCI and NSA guidelines, FireMon will greatly improve your compliance posture. It'll even help you with security management on other devices in the Enterprise, like routers and load balancers.

The bottom line? FireMon is software that will help you manage your security devices better so you can provide better service to your users at a lower cost to you.

Try FireMon on your own network.

Software That Monitors

FireMon monitors network devices, collecting the configurations, audit trail information, and logs when changes happen. You can install it in minutes and quickly configure your devices to communicate with it.

The architecture scales to monitor thousands of devices and it has built-in redundancy to ensure monitoring is always available.

Control Change

Configuration changes are going to happen. And to be in control of them, you need a change management process that works, immediate access to change justification, and clear communication channels. Let FireMon help you take control.

Policy Planner is a work flow tool designed just for firewall changes. Policy Planner will test the current configuration and tell you if changes are necessary and where they should be made. It will capture the justification information from the business and it can integrate into corporate change systems. Finally, it will tie together change requests with their technical implementation to create a “paper trail” for auditing.

The Change Report is exactly what you'd expect: it's a detailed, graphical report that is produced every time the firewalls change. It can be emailed automatically, so the entire team knows what's changing in real time.

Change tickets are a firewall management necessity. They capture what access should be allowed and why the business needs it – information that PCI, NERC and other regulations tell us to capture. The problem is that there is no system-level relationship between the ticket and the firewall that is changed in response to it. At best, we put change ticket numbers in the comments field of firewall policy as a reference, and leave the critical justification information in its own database, wholly unassociated with the rule, the policy, or even the firewall.

FireMon does it better. The Rule Documentation feature can parse the comments field, recognize change tickets and pull in the business justification, business owner and other information from the change ticket system. The result? A complete rule history within a single report.

Learn More...

Improve Your Firewall Policies

Rules and objects are added to firewall policies by the thousands. Never-ending streams of new access requests ask that more be created. And what happens? Policies grow large, they become complex (see the study), and complexity makes your job even harder. FireMon offers several tools that address policy size and complexity so that you can clean up your policies.

The first step to cleaning up your policy is understanding how it's being used. FireMon's Rule and Object Usage report gives you the information to take action. See which rules and objects are unused over a long period of time and safely remove them. Then, move your highly used rules to the top of the rule base to increase performance.

It seems so simple: you receive an access request; you create a new rule to meet it. But inside of large, complex policies, how can you be sure that the new rule is the right one?

FireMon shows you how the firewall is currently handling the traffic and finds rules that could be modified to meet your access request. This same analysis logic is implemented in Policy Planner as the Rule Recommender, and it can greatly improve the efficiency of responding to new access requests. More broadly, Policy Test models packets through the firewall so that you can quickly — and without impact — test many variations of traffic to see what the firewall is doing.

Sometimes firewall rules are just erroneous and are blocked by another rule. FireMon can find those issues as well as stop them from happening in the future. The Redundant and Shadowed Rules report is a great way to find access that can be cleaned up quickly and without impact.

Learn More...

Enforce Compliance

Ensuring compliance for the firewall is difficult and costly. Most regulations and frameworks require timely auditing for an optimal security posture, as well as justification that all access is necessary — all while you plan and make changes to the firewall. These are tedious, ongoing tasks. And the key to enforcing compliance, is to automate them.

Change Management: it's the best practice that is recommended by almost all of the management frameworks (like ITIL and COBIT) and regulations (like PCI and NERC). To be a truly effective process, the business requirements should be engineered and approved in a repeatable, documented process, and a change trail should be available for auditing. FireMon's Policy Planner and Change Monitoring are great tools for quickly and efficiently meeting these compliance challenges.

Rule Justification: knowing what the access policy looks like and who has changed it is a good start. However, at the time of the audit, the real key is to know why the access is there at all. A good change management process provides these answers, but often, the answers disappear inside of the change ticket once it's closed. FireMon's Rule Documentation feature links the technical implementation (the rule base) with the change ticket, and you can show why the access exists with a single report.

Security Auditing: some access implementations are against almost every security policy. For example: using the Any object in the service column of "accept" rules; allowing unencrypted protocols to access assets in the PCI zone, where cardholder data is stored; or, allowing TFTP anywhere. FireMon's Compliance solution can detect and measure all of these scenarios so that you can score your firewalls against your standards and correct implementations that are out of bounds. And, FireMon's auditing framework is completely open, enabling you to tailor scenarios to the unique requirements of your network.

Learn More...

Why FireMon?