Gartner Research

Tools for Network-Aware Firewall Policy Assessment and Operational Support

Published: 03 June 2011

ID: G00211985

Analyst(s): Phil Schacter

Summary

Network security operations get a much needed assist from a maturing class of tools that analyze firewall access rules and associated risk and compliance issues within the context of network topology.

Table Of Contents

Summary of Findings

Analysis

  • Policy Assessment, Risk, and Compliance
  • Policy Life Cycle Management, Change Tracking, and Workflow
  • Operational Support, Availability, and Problem Determination
  • Technology Trends
    • Virtualized Data Center Infrastructure
    • Cloud Computing and Cloud-Hosted Security Services
    • Device Support and Partner Programs
    • Network-Aware Tools
    • Next-Generation Firewalls
    • Automated Policy Provisioning
    • Network-Aware Vulnerability Triage
  • Maturing Market and Positioning
    • Firewall Analytics
    • Policy Management or Policy Life Cycle Management
    • Security Risk and Compliance Management
    • Security Posture Management
    • Future Market Development and Positioning
    • Market Consolidation Opportunities
    • Market Outlook

Comparison

  • Rule Cleanup and Optimization
  • Routing Path Analysis and Network Topology Awareness
  • Simulate and Assess Risk and Compliance Impact of Changes
  • PCI-DSS and Other Compliance Reports
  • Request Workflow and Ticketing Systems
  • Vulnerability Analysis
  • Push Rules
  • Platform Security Checks
  • Use Tools for Rule and Path Analysis in Complex Networks
  • Complement Device-Specific Configuration Management Interfaces
  • Shift to Proactive Change Monitoring and a Request Reconciliation Process
  • Prioritize Vulnerability Remediation Based on Network Context
  • Document and Manage the Life Cycle of Access Policies

The Details

  • AlgoSec's Firewall Analyzer and FireFlow v6.0
    • Supported Devices
    • Firewall Rule Assessment and Optimization
    • Network Topology Discovery and Path Analysis
    • Operational Support and Problem Determination
    • Workflow and Policy Life Cycle Management
    • Compliance Verification and Reporting
    • Push Rules
  • Athena Security's FirePAC and PathFinder
    • Supported Devices
    • Firewall Rule Assessment and Optimization
    • Network Topology Discovery and Path Analysis
    • Operational Support and Problem Determination
    • Documentation and Life Cycle Management
    • Compliance Verification and Reporting
  • FireMon's Security Manager and Policy Planner
    • Supported Devices
    • Firewall Rule Assessment and Optimization
    • Network Topology Discovery and Path Analysis
    • Operational Support and Problem Determination
    • Workflow and Life Cycle Management
    • Compliance Verification and Reporting
    • Platform Security Checking
  • Q1 Labs' QRadar Risk Manager
    • Supported Devices
    • Firewall Rule Assessment and Optimization
    • Network Topology Discovery and Path Analysis
    • Operational Support and Problem Determination
    • Compliance Verification and Reporting
    • Vulnerability Management
  • RedSeal's Network Advisor and Vulnerability Advisor
    • Supported Devices
    • Firewall Rule Assessment and Optimization
    • Network Topology Discovery and Path Analysis
    • Operational Support and Problem Determination
    • Workflow and Policy Life Cycle Management
    • Compliance Verification and Reporting
    • Vulnerability Management
    • Platform Security Checking
  • Skybox Security's Firewall Assurance, Network Assurance, Change Manager, and Risk Control
    • Supported Devices
    • Firewall Rule Assessment and Optimization
    • Network Topology Discovery and Path Analysis
    • Operational Support and Problem Determination
    • Workflow and Policy Life Cycle Management
    • Compliance Verification and Reporting
    • Vulnerability Management
    • Platform Security Checking
  • Tufin's SecureTrack and SecureChange Workflow v5.3
    • Supported Devices
    • Firewall Rule Assessment and Optimization
    • Network Topology Discovery and Path Analysis
    • Operational Support and Problem Determination
    • Workflow and Policy Life Cycle Management
    • Compliance Verification and Reporting
    • Platform Security Checking

Conclusion

©2019 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner’s prior written permission. It consists of the opinions of Gartner’s research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see Guiding Principles on Independence and Objectivity.

Already have a Gartner Account?

Become a client

Learn how to access this content as a Gartner client.