FireMon, a network security policy management company, launched what it is calling the industry's first agile network security policy management (NSPM) platform, to enable cloud and digital transformation initiatives.

According to Gartner's Hype Cycle for Network Security published in June of this year, "Network security technologies, such as enterprise firewalls, have been a foundational component of an organization's security strategy for many years. However, hybrid IT architectures that include both on-premises and cloud are becoming far more widely adopted; at the same time, attackers becoming more sophisticated and attacks more frequent. Because of these factors, the need for preventive security technologies that are highly agile and are compatible with a wide spectrum of the enterprises' IT infrastructure models is greater than ever before."

FireMon's agile solutions for managing network security and compliance were developed in response to these tectonic shifts in the enterprise technology landscape. Digital transformation, cloud migration, SD-WAN, and DevOps are driving new requirements for security organizations, including the ability to respond to change with intelligent automation and to support deeply complex hybrid-cloud environments. FireMon customers are reported to routinely experience up to 90 percent improvements in network security policy efficiency while eliminating common misconfigurations which lead to breaches and compliance violations. 

According to FireMon, demonstrable customer results include:

• 90% efficiency gain by automating firewall support operations
• 80% reduction in firewall and cloud security group misconfigurations
• 90% faster compliance reporting
• Reduction from hours to minutes in blocking malicious actors across a globally distributed network.

"Digital transformation is accelerating your business - and also the complexity of your business-critical network infrastructure. Organizations need to rethink their approach to managing their network security policies, not only to gain the operational efficiencies of automation but also to address the rapidly changing security threat landscape. FireMon's Agile NSPM is designed to help IT security teams achieve both of these benefits, in addition to enabling the business" said Derek E. Brink, vice president and research fellow, Aberdeen Group.

To drive agility across hybrid networks, FireMon solutions leverage its headless orchestration API which allows customers to integrate with any existing system or process including IT Service Management platforms like ServiceNow, Security Orchestration Automation and Response (SOAR) tools like Splunk Phantom and Palo Alto Cortex SOAR, and DevOps platforms like Red Hat Ansible and HashiCorp Terraform. This allows customers to easily inject security and compliance into any process. To drive security efficiency and eliminate misconfigurations caused by complexity and manual processes, the platform addresses inefficient rule creation and change processes, delivers risk assessment of change through pre-change simulation and provides policy change recommendation. To meet scale and heterogeneity requirements, FireMon normalizes policy across thousands of firewalls, devices, and cloud security groups through a single interface. 

Key features of FireMon's Agile NSPM platform include:

Unified View for Cloud Security Policies: Because firewall and cloud constructs are fundamentally different, traditional NSPM solutions have treated these environments separately.  FireMon has solved this complicated problem and now offers a single, unified interface. Cloud constructs such as security groups are presented natively, even as policy is managed holistically across both cloud and on-prem environments.

Headless Orchestration APIs: Offers the most robust and flexible API on the market and allows integrations with any system or process.    Unlike manual processes or competitive alternatives, the FireMon orchestration API gives enterprises the flexibility to inject security or compliance policies at any point in their workflow and to change integration points quickly and easily.  The API may be called through code or through the Swagger UI. 

Most Extensive Support for SD-WAN and SASE: Customers extend policy and traffic routing definition visibility and management into their SD-WAN enabled devices to track changes, assure agility and reduce risk. With support for Zscaler, Palo Alto CloudGenix, and Cisco Viptela, FireMon provides the most extensive SD-WAN and SASE support on the market.

Customizable Workflows: Simple and clear visual representation of workflows, combined with workflow change features, admins can modify workflows quickly and without the need for extensive professional services, resulting in improved flexibility and agility. 

SIQL with Elasticsearch: Customers store and maintain contextual data for customizable and granular search capabilities on any network object for trend analysis, point in time comparisons, or simulations. 

FireMon Tags: Customers associate meaningful metadata to their rules and objects and later use this metadata to identify matching rules or objects. FireMon Tags manage network security policies more efficiently, simplifies rule management and reduces the risk that something will be missed when making network or policy changes.

"This launch is about giving our customers greater agility and responsiveness at a time when they absolutely need it," said Jim Birmingham, SVP of Engineering at FireMon. "The new features we're delivering are to support digital transformation and cloud initiatives while giving our customers the security and compliance assurance that they need."