facebook logolinkedin logoyoutube logo

Important information for former Skybox customers. Please click here to learn about FireMon’s migration programs

Learn More
Security Hygiene
MANAGE THE ATTACK SURFACE

Security Hygiene

Reduce the risk of breaches and unplanned outages by cleaning out unused and redundant
rules in your environment

Security Assessments and Cleanup with FireMon

After years of use, policies that control access become unwieldy. It grows increasingly difficult to manage and audit multi-vendor security devices across your hybrid enterprise. Your outdated controls can potentially compromise compliance and increase risk. For the best performance, stronger security, and strict adherence to compliance, you need to clean and maintain your existing base of security policies.​

Eliminate Redundant Rules
CLEAR OUT THE CLUTTER

Eliminate Redundant Rules

Redundant or shadowed security rules can never match network traffic because a prior rule or a combination of earlier rules prevents traffic from ever hitting them. FireMon allows you to:

  • Find and remove duplicate and shadowed rules
  • Speed network performance
  • Reduce complexity
Remove Unused Rules and Objects
REDUCE RISK AND INCREASE PERFORMANCE

Remove Unused Rules and Objects

Unused rules have not matched any packet during a specified time and are typically caused by applications that have been decommissioned or relocated. Many unused rules that are active on your devices can significantly degrade their performance and can potentially introduce risk into your environment. FireMon offers:

  • Unlimited analysis and real-time rule usage history
  • Network device optimization for peak efficiency
  • Tools to find risks lurking in unused rules
Minimize Excessive Access
CONTAIN TRAFFIC WITH PRECISE ROUTING

Minimize Excessive Access

Overly permissive rules typically contain large network ranges or ANY’s in the rule statements. Primary causes for excessive access include ineffective change management, lack of business requirements definition, and lack of a rule “aging” strategy. FireMon’s traffic flow analysis tools give you the ability to:

  • Identify unique traffic patterns in broadly defined rules
  • See the types of data flowing across the network
  • Narrowly define rules to correctly to enhance your security posture
Automate Rule Recertification
AUTOMATE REVIEW WORKFLOWS

Automate Rule Recertification

Analyzing and recertifying rules can be a time-intensive effort as you attempt to verify rules are still needed and to maintain compliance. Through automated, event-driven review and verification, FireMon can help:

  • Review rules to ensure you keep what you need
  • Identify rules that need to be changed or removed
  • Document rule recertification and justification to enhance audit efforts