Secure Passage LLC is rolling out a new version of its firewall analysis and compliance-verification software that identifies unintentionally allowed risky behavior on business networks.
The latest software for the Overland Park, Kansas company’s FireMon platform looks at firewall policies for different zones of traffic — internal, external, DMZ — and calculates the dangers they may unwittingly allow by permitting traffic among the zones. FireMon is among a class of software that analyzes firewall policies with the aim of verifying what policies are in place, weeding out those that are unused and generating reports about what they find. The company says it finds that 30 per cent to 50 per cent of unmonitored firewall policies are unused.
It can be used to troubleshoot outages by identifying recent rules changes that might have unintended effects.
This data can be used to streamline rules so firewalls run more efficiently as well as to audit what protections are in place as part of industry and governmental regulatory compliance. Secure Passage competes against such vendors as AlgoSec, Skybox Security and Tufin Technologies.
The FireMon platform can perform is work on firewalls made by Check Point, Cisco and Juniper.
The software displays whether it is able to retrieve data from the devices it is monitoring, making it simpler to troubleshoot.
Manually checking and culling firewall rules is time-consuming and depending on the number of firewalls in a corporate network, could require a full-time staff. FireMon harvests firewall log data and analyzes it. It is intended for large corporations with many firewalls. Secure Passage is a privately held company and is an outgrowth of Fishnet Security, a security products reseller that developed FireMon as a tool to do its work. It is sold as software for Windows or Linux operating systems or as a PC-server-based hardened-Linux appliance.