Secure Passage and other third-party firewall management vendors are playing in a small but growing market. Some analysts say third-party firewall auditing and management tools will have a place in the market until Cisco, Juniper Networks and other firewall vendors build out their capabilities.Five years after spinning out of FishNet Security, officials at Secure
Passage say they have watched the challenge of managing firewall policies
mushroom.
In a space where larger vendors such as Cisco, Juniper Networks and Check
Point Software Technologies loom large, third-party vendors like Secure Passage
are finding a niche by offering enterprises deeper
visibility into their firewall policies.
The company announced the availability of a new version of its flagship
FireMon product Feb. 24. Designed to augment existing firewall administration
tools from the Junipers of the world, the product competes against offerings from
companies such as AlgoSec, Exaprotect and Tufin Technologies.
Some analysts say these companies are capitalizing on a small but
growing market due to a lack of solid management and auditing tools from
traditional firewall vendors.
Generally, firewall vendors dont have an advantage here, said Forrester
Research analyst John Kindervag. They dont have the rules correlation engines
in their products. Cisco has zero ability here. They have failed in
the firewall management area, let alone the firewall auditing space.
Gartner analyst Greg Young agreed that many of the consoles and reporting
tools from the firewall vendors are found lacking.
As long as the firewall vendors continue to hold back on these features,
third-party companies will help enterprises manage firewalls from multiple
vendors, and stretch out the lifespan of firewalls by improving inefficient
rule sets, he said.
To hear Secure Passage tell it, enterprises today are challenged by rising
complexity in their firewall policies due to outdated and redundant rules. The
complexity, Secure Passage CTO Jody Brazil
noted, has long-term implications on firewall policy management.
At some point, it becomes too difficult to simply manage what exists; that
clean-up becomes overwhelming, he said. Rules that are now obsolete become
difficult to identify and simply remain in operation beyond their productive
life.
The result is decreased performance and unnecessary security risk [such
as] open access that is not needed for legitimate business purpose, Brazil
concluded.
To augment the management capabilities of the firewall vendors themselves,
Secure Passage provides analysis tools that evaluate how firewall policies
process specific traffic, what rule will be used, and how and when rules are
triggered. In addition, the company provides reports that can be used to
determine regulatory compliance.
Compliance with the Payment Card Industry Data Security Standard (PCI DSS)
is the biggest driver of the market, Kindervag said, adding that the rule
requires enterprises to review firewall and router configurations.
It is nearly impossible to manually audit firewall and router rules and
policies, Kindervag said. To do it properly, you need to correlate the
rule base to the log files to see what rules are being fired and which are just
open holes into the network. Most companies are not even addressing this
issue. I regularly see companies who have never reviewed their firewall
rule sets.
Network Security & Hardware 
