Security Manager for Firewall Management


Policy Test

FireMon® Security Manager is software that helps you manage your firewalls. Security Manager will plan and report on any changes to the firewall policy, increasing visibility and reducing the cost of making changes. It will show you which of your rules are unused and how traffic flows through each rule, letting you clean up unnecessary access and tighten down existing rules. And, with continued, automated analysis of things like PCI and NSA guidelines, Security Manager will greatly improve your compliance posture. It'll even help you with security management on other devices in the Enterprise, like routers and load balancers.

The bottom line? Security Manager is software that will help you manage your security devices better so you can provide better service to your users at a lower cost to you.


Software That Monitors

Security Manager Architecture

Security Manager monitors network devices, collecting the configurations, audit trail information, and logs when changes happen. You can install it in minutes and quickly configure your devices to communicate with it.

The architecture scales to monitor thousands of devices and it has built-in redundancy to ensure monitoring is always available.

See the Security Manager Demo


Control Change

Configuration changes are going to happen. And to be in control of them, you need a change management process that works, immediate access to change justification, and clear communication channels. Let Security Manager help you take control.

Control Change

Policy Planner is a work flow tool designed just for firewall changes. Policy Planner will test the current configuration and tell you if changes are necessary and where they should be made. It will capture the justification information from the business and it can integrate into corporate change systems. Finally, it will tie together change requests with their technical implementation to create a “paper trail” for auditing.

The Change Report is exactly what you'd expect: it's a detailed, graphical report that is produced every time the firewalls change. It can be emailed automatically, so the entire team knows what's changing in real time.

Change tickets are a firewall management necessity. They capture what access should be allowed and why the business needs it – information that PCI, NERC and other regulations tell us to capture. The problem is that there is no system-level relationship between the ticket and the firewall that is changed in response to it. At best, we put change ticket numbers in the comments field of firewall policy as a reference, and leave the critical justification information in its own database, wholly unassociated with the rule, the policy, or even the firewall.

Security Manager does it better. The Rule Documentation feature can parse the comments field, recognize change tickets and pull in the business justification, business owner and other information from the change ticket system. The result? A complete rule history within a single report.

Learn More...

Improve Your Firewall Policies

Improve Policies

Rules and objects are added to firewall policies by the thousands. Never-ending streams of new access requests ask that more be created. And what happens? Policies grow large, they become complex (see the study), and complexity makes your job even harder. Security Manager offers several tools that address policy size and complexity so that you can clean up your policies.

The first step to cleaning up your policy is understanding how it's being used. Security Manager's Rule and Object Usage report gives you the information to take action. See which rules and objects are unused over a long period of time and safely remove them. Then, move your highly used rules to the top of the rule base to increase performance.

It seems so simple: you receive an access request; you create a new rule to meet it. But inside of large, complex policies, how can you be sure that the new rule is the right one?

Security Manager shows you how the firewall is currently handling the traffic and finds rules that could be modified to meet your access request. This same analysis logic is implemented in Policy Planner as the Rule Recommender, and it can greatly improve the efficiency of responding to new access requests. More broadly, Policy Test models packets through the firewall so that you can quickly — and without impact — test many variations of traffic to see what the firewall is doing.

Sometimes firewall rules are just erroneous and are blocked by another rule. Security Manager can find those issues as well as stop them from happening in the future. The Redundant and Shadowed Rules report is a great way to find access that can be cleaned up quickly and without impact.

Learn More...

Enforce Compliance

Ensuring compliance for the firewall is difficult and costly. Most regulations and frameworks require timely auditing for an optimal security posture, as well as justification that all access is necessary — all while you plan and make changes to the firewall. These are tedious, ongoing tasks. And the key to enforcing compliance, is to automate them.

Enforce Compliance

Change Management: it's the best practice that is recommended by almost all of the management frameworks (like ITIL and COBIT) and regulations (like PCI and NERC). To be a truly effective process, the business requirements should be engineered and approved in a repeatable, documented process, and a change trail should be available for auditing. Policy Planner and Change Monitoring are great tools for quickly and efficiently meeting these compliance challenges.

Rule Justification: knowing what the access policy looks like and who has changed it is a good start. However, at the time of the audit, the real key is to know why the access is there at all. A good change management process provides these answers, but often, the answers disappear inside of the change ticket once it's closed. Security Manager's Rule Documentation feature links the technical implementation (the rule base) with the change ticket, and you can show why the access exists with a single report.

Security Auditing: some access implementations are against almost every security policy. For example: using the Any object in the service column of "accept" rules; allowing unencrypted protocols to access assets in the PCI zone, where cardholder data is stored; or, allowing TFTP anywhere. Security Manager's Compliance solution can detect and measure all of these scenarios so that you can score your firewalls against your standards and correct implementations that are out of bounds. And, Security Manager's auditing framework is completely open, enabling you to tailor scenarios to the unique requirements of your network.

Learn More...

Why Security Manager?

It makes your job easier.
FireMon Security Manager is a technology that makes security organizations more efficient. Automating the change process, capturing justification of access and making compliance repeatable are tasks that are necessary, usually too time-consuming, and often impossible to do. Security Manager does them for you, and you get more done with less effort.

It can monitor all your devices.
A single location for all your devices is important. Security Manager scales with additional Data Collectors to support thousands of devices in a single instance. It also monitors many types of devices from several different vendors, and more are added with most major releases.

Compliance is unique.
All networks are different and usually require different standards for compliance. Security Manager's compliance framework is open and extendable by all users, with customizable tools (Extensions) to help you measure and enforce firewall compliance with your unique requirements.

We get it.
FireMon invented the firewall management space. We were the first to introduce a graphical change report, rule usage information, policy test, traffic flow analysis, and many more features that are now the staple of the industry. Our innovation continues today with Security Manager leading the way in solving firewall and security management challenges.

Communicate with your peers.
FireMon Nexus is a community of firewall engineers and security managers. It is an online location for sharing knowledge, ideas, and Security Manager Extensions.

It keeps all your data.
When you install Security Manager, we size your deployment to keep data for as long as you'd like. Most of our customers keep configuration history and rule statistics going back for years. It provides valuable historical trending information and is a reliable repository for audit information.