You are on page 1of 2

FireMon for Juniper Networks

Manage change, clean up legacy policies and achieve ongoing compliance on your Juniper Networks devices.

Juniper Networks’ line of security devices and software consolidate your most important network security components into do-it-all solutions. When you deploy a unified solution from Juniper Networks, your enterprise realizes lowered operational costs and improved management efficiency. Your enterprise also realizes a much narrower margin for error. Through the normal course of business, device configurations and firewall policies grow more complex and less understandable, increasing the likelihood of incorrect administrative change. When those changes are made on a multi-purpose device, where discrete security functionality is unified into a single point of management, it is imperative that the changes are correct. For enterprises with Juniper Networks security devices and software, FireMon offers a complete configuration management solution. With FireMon, organizations have the capabilities to: ƒƒ Analyze Zone-Based Policies: As the scope of control increases, so does the necessity to understand current policy behavior at all times. With policy testing tools and risk analysis, FireMon helps you understand the current policy so you can make better management decisions. ƒƒ Plan Configuration Changes: The best time to make sure that configuration changes are correct and won’t have unintended consequences is before they are made. FireMon Policy Planner helps engineers make the correct change more efficiently. ƒƒ Clean Up Policies: A simple firewall policy is best. Simplify overly complex policies with FireMon’s suite of cleanup tools. ƒƒ Comply: Access requirements are central to the review of most compliance programs. In addition to understanding what access is allowed, knowing why that access is in place is critical. FireMon tracks business justification alongside your configuration elements for easy entry and reporting.

Firewall Management
Change Management

Configuration Cleanup


NERC and Best Practice Compliance Assess the configuration of your firewalls against the common standards. I PC EST PRACTICE COM C B PLI AN NER CE EST PRACTICE COM C B PLI AN NER CE EST PRACTICE COM C B PLI AN NER CE I PC I PC Rule Usage Analysis Learn which policies are the most-used and least-used. 110th destination and service.firemon. Security Manager automates the analysis of configurations. not HTTPS. expiration date and justification for access. and get a list of unused policies that can be removed. Capture business owner. EST PRACTICE COM C B PLI AN NER I CE PC EST PRACTICE COM C B PLI AN NER I CE PC I PC EST PRACTICE COM C B PLI AN NER CE Policy Behavior Modeling Define traffic scenarios as source. Hidden Rules Report Analyze the policies controlling traffic between two zones to determine which of them are hidden and can be removed. and keep a record of when and what changed for a complete audit • www. policies and best practices is challenging when there are many FireMon® and the FireMon logo are registered trademarks of FireMon.948. All other products or company names mentioned herein are trademarks or registered trademarks of their respective owners. Automate the process.Contact us today for a FREE evaluation. test critical business continuity scenarios after every configuration change Zone-Based Risk Analysis Define the risk of services between two zones of the network. or e-mail info@firemon. Additionally. is allowed into the PCI zone. Removing the policies that are not in use or are hidden by other policies is a great way to simplify and prevent future errors. find all instances where HTTP. for policies defined too broadly (like an Any object in the service column of an “accept” rule). Firewall Cleanup and Optimization Firewall configurations grow in size and complexity.9570 • E-mail: info@firemon. EST PRACTICE COM C B PLI AN NER CE Firewall Compliance and Security Analysis I PC I PC EST PRACTICE COM C B PLI AN NER CE I PC Knowing how firewalls are configured with respect to regulations. PCI. Configuration Change Management Firewall change management can be difficult and costly. approver. including which individual security rules are non-compliant. Then. let Security Manager automatically determine if a new policy is necessary and recommend the correct change. hundreds of policies and thousands of objects. send immediate change reports to the team and capture critical business needs with Security Manager’s suite of change management features. For instance. KS 66210 USA • Phone: 1. LLC. EST PRACTICE COM C B PLI AN NER CE Traffic Flow Analysis Target broadly defined rules to determine the actual usage and see recommended ways to improve the policy definition. Audit Log and Change Report Get notified every time the firewall changes. Security Manager can recommend ways to narrow down the definition. Suite 400 • Overland Park. and determine the firewall’s current behavior. and find all policies that pose risk. Get actionable results. continuously finding compliance failures and high-risk configurations. Change Process w/ Rule Recommendation Let your users submit firewall changes. Firewall Rule Documentation Capture the reason for access and overlay it on the firewall policies. Then. Visit http://www. 8400 W.firemon.