Secure Passage Announces FireMon eVolution, a Comprehensive Firewall Management Application That Turns Firewalls Back Into Network Security Devices

OVERLAND PARK, KS--(Marketwire - July 14, 2009) - Pressures to keep network traffic flowing through firewalls combined with fear and anxiety over causing interruptions to business processes has created a situation where firewall administrators are quick to add rules but hesitant to remove any. As a result, in many cases firewalls have gone from being security and compliance devices to nothing more than access devices, bloated with permissive policies that grant access more often than they deny it. This situation has left organizations exposed to security risks, compliance violations and performance issues.

In response to this problem, Secure Passage today announced availability of FireMon eVolution (version 5.0). FireMon eVolution is the industry's first firewall management solution to provide a comprehensive and integrated set of features that now includes three industry firsts, Rule Lifecycle Documentation, Traffic Flow Analysis and a PCI-DSS Compliance Reporting Framework. With FireMon eVolution firewall managers have control, constant visibility, and a history of the entire firewall rule lifecycle which enables them to reduce risk and compliance costs while eliminating their fear and anxiety over configuration change decisions. FireMon provides the level of information needed to make confident decisions that turn firewalls back into high performance, risk reducing security devices that facilitate the smooth flow of network traffic and ensure compliance with major industry regulations such as the Payment Card Industry Data Security Standard (PCI DSS).

"As a leading financial services firm, Raymond James Financial requires its network security, compliance and performance to operate at the highest level," said Samuele Ghelfi, Raymond James Financial, Chief Security and Privacy Officer. "Our firewalls contribute to these stipulations, but configurations can get complex and present management challenges to even the most experienced of security practitioners. FireMon's powerful tool set allows us to cost effectively manage our firewalls so that risk can be kept to a minimum, compliance can be easily maintained and performance can be maximized."

Unlike other products that provide incomplete and non-integrated lifecycle management, FireMon's integrated and comprehensive management over the entire firewall rule lifecycle starts at creation, continues through every change made to the rule, and does not end until it is deleted. Beginning at rule creation, FireMon documents all information related to it including which business unit requested the rule and who approved it. As a rule progresses through its lifecycle, the documented history travels with it capturing any additional information related to when and why changes were made and who made the change including engineering, operations, security and audit. With this documented history for every rule, a firewall administrator can confidently make decisions to delete rules to raise security and compliance postures without the fear of disrupting business. In addition, this history enables auditors to easily and cost-effectively prove compliance.

"No firewall manager wants to hear that a firewall has caused a network interruption, enabled a breach or caused a compliance violation. Unfortunately, pressures to add rules that grant access and fear over removing any that might cause an interruption has led to an alarming number of instances where firewalls have been the cause of all three," said Jody Brazil, Secure Passage president and CTO. "FireMon eVolution represents the new evolution in firewall management and the solution the industry has been waiting for. It returns security, compliance and performance to the firewall while removing fear and doubt surrounding configuration change decisions. Now is the time for firewall managers to return security to the firewall and FireMon eVolution is the solution that will allow them to do just that."

Features and Benefits

FireMon eVolution Industry Firsts:

--  Rule Documentation:  In many compliance situations, including PCI DSS
    1.1.3, rules that allow "risky" access to an organization's sensitive
    network segments and systems must be justified through documentation. The
    documentation must provide context regarding why a rule exists, a roadmap
    that links it back to the business unit that it was created to support and
    historical data that shows who has taken any actions on it and why. This
    feature serves as the documentation repository and provides the industry's
    most comprehensive audit reports. Comprehensive audit reports that provide
    justification are needed to prove compliance and reduce the amount of time
    that internal security and audit personnel are required to spend justifying
    policies to external auditors.
    
--  Traffic Flow Analysis: Provides analysis that understands the complete
    flow of traffic including source, destination and service. This enables
    FireMon to start with an existing policy, analyze the traffic through the
    firewall, and automatically define the necessary rules to enable
    appropriate access to meet the existing network traffic needs. This
    revolutionary level of analysis enables firewall managers to improve
    firewall performance and build better security policies. With this feature,
    firewall managers can eliminate broad permissive rules, such as an "Any,
    Any, Any, Accept," and use detailed analysis of heavily utilized rules to
    make policy modifications that enhance performance.
    
--  PCI-DSS Compliance Reporting Framework: Provides integrated
    visibility, documentation and analysis of rules. When used in conjunction
    with Rule Documentation, this feature provides firewall administrators with
    a comprehensive PCI DSS solution, as it not only provides visibility and
    analysis functionality but also rule justification that PCI DSS requires.
    Included is a PCI DSS Compliance Report that enables organizations to
    evaluate their security posture as it relates to PCI DSS 1.2 and to test
    policies currently installed on a firewall against 15 specific PCI
    standards. This feature significantly improves audit efficiency and reduces
    the time and cost associated with rule justification as it automates the
    rule-to-business unit mapping process.
    

Additional FireMon eVolution New Features Include

--  Audit Logging: This feature automates the capturing and recording of
    details of every change event in context of the firewall policy. Audit Log
    appears in the GUI as a collection of incremental policy comparisons at the
    rule, object and policy level and is updated in real time as revisions are
    retrieved. The detail offered in the Audit Log enables users to view,
    report and document individual change items in addition to reporting on
    chronological change history of a policy. This feature provides significant
    ROI by reducing the amount of resources required to produce comprehensive
    reports for internal and external auditors.
    
--  Rule Usage Consolidation: FireMon collects detailed usage data to
    support Rule Usage Analysis features. Over time, this data can take up
    needed system resources and affect performance. To ensure that FireMon can
    continue processing usage requests at an optimum level, users can now
    consolidate their rule usage data. This feature improves firewall
    performance and creates more efficient policies.
    
--  Policy Planning:  Enables firewall administrators to manage changes to
    the firewall, from the initial access request to solution design, through
    implementation and verification. Because it integrates directly with
    FireMon, Policy Planner incorporates FireMon features that help users make
    correct, effective changes and to verify that changes were correctly
    implemented. Accurate visibility and analysis of all changes provides
    firewall managers with confidence in their ability to make effective and
    secure change decisions.
    
--  Cisco ACL support: Cisco IOS ACLs enable Cisco routers to perform
    basic packet filtering and to take action on the traffic if it meets
    specific criteria. FireMon eVolution monitors and analyzes Cisco IOS ACLs.
    This feature extends the same level of comprehensive visibility and
    absolute control over Cisco network devices that monitor and regulate
    network traffic.
    
--  Juniper NSM support: Using FireMon's new NSM Device Wizard, users can
    easily add all of their NetScreen devices managed by an NSM at one time.
    With this feature, organizations can represent relationships between their
    Juniper NetScreen firewalls and the NSM that they use to manage them. By
    merging firewall configuration information and endpoint security monitoring
    into a single view on the NSM platform, IT security managers are able to
    greatly improve security and better understand the relationship between the
    two different computing segments.
    

Support

FireMon supports Check Point, Cisco, Juniper and McAfee firewalls. In addition to firewall management, it also provides policy management for routers and switches.

Availability

FireMon 5.0 is now available. For more information visit Secure Passage at, email info@securepassage.com or call 1.913.948.9570.

Secure Passage Social Media Links

-- Twitter: @SecurePassage

-- Facebook: http://www.facebook.com/home.php?ref=home#/pages/Secure-Passage/144180106280?ref=nf

-- LinkedIn: http://www.linkedin.com/companies/secure-passage?trk=co_search_results&goback=.cps_1243381578298_1

About Secure Passage

Secure Passage, the leading provider of firewall and network device policy management solutions, is dedicated to providing better security through better management. Secure Passage solutions empower Information Security teams, enabling them to reduce policy complexity, maximize security and achieve compliance. Hundreds of global enterprises and government agencies with thousands of firewalls and network devices rely on FireMon -- Secure Passage's customizable, scalable flagship product -- to ensure their networks remain free from interruption and available for secure business transactions at all times. FireMon supports all major firewall and network devices, including those from Cisco, Juniper, Check Point, and McAfee. For more information, visit www.securepassage.com.

FireMon and the FireMon logo are registered trademarks of Secure Passage, LLC. All other products or company names mentioned herein are trademarks or registered trademarks to their respective owners.

Contact Information: Contact: Joe Franscella Trainer Communications 510-206-1243