One of the neat things about my role as a consultant to the security industry is that I get to interact with lots of smart people and companies. One of the companies I occasionally consult for is Firemon. Their President/CEO Jody Brazil is one of the sharper people in the infosec space. Last week was a big week for Firemon, as they made two very significant announcements.
The first announcement was an entirely new product that they are calling Policy Optimizer. Firemon is big on descriptive names. But even being descriptive here does not totally cut it. Policy Optimizer is really an automation tool for the rat’s nest that is firewall compliance rules.
Over time, it is very easy for firewall and other access control rules to build up into a tangled plaque that prevents the smooth operation of the network. Very quickly, the original reasons behind these rules (which were valid at the time they were written) are forgotten. From an audit/compliance viewpoint, ensuring which rules are effective and which are no longer required or even beneficial has been a labor-intensive endeavor.
That is where Policy Optimizer comes in. It automates untangling the mess that is security device rules. It can tell you what compliance mandates a particular rule is associated with and make recommendations as to whether or not it is still necessary or even viable. It also looks to see if the existing rules are too permissive.
Policy Optimizer uses a workflow approach to compliance rule automation. It is another tool that is following the trend of getting more than security admins involved in security. Using the workflow allows line-of-business owners, developers and operations people insight and say into what rules are in place and why.
This is part of a broader theme I have advocated for some time. In order for security to be more successful, we need to get more people involved in security. Security - and yes, even compliance - is part of everyone’s job responsibility.
Keep in mind that it doesn’t automatically delete any rules, it only makes recommendations on what should be changed or kept. But this is enough to bring order to the chaos.
One large financial institution customer of Firemon had 15 audit/security admins dedicated to reviewing access and compliance rules. Using Policy Optimizer they were able to reduce that number to five. The other 10 members were able to be reassigned to higher-level duties.
Policy Optimizer is a standalone module of what the company is calling the Firemon Security Intelligence Platform. The other modules of the platform are Policy Planner and Risk Analyzer.
The other big news from Firemon last week was in the M&A space. Firemon announced that it had sold a majority stake in the firm to PE firm Insight Venture Partners. With the sale, it was announced that the present management team will remain in place. Firemon was originally spun out of Fishnet and Gary Fish himself will remain as executive chairman of the company. Former Fishnet CTO and Firemon CEO/President Jody Brazil will stay on in the same role, as will the rest of the management team. This is a very similar strategy to what Gary Fish did with Fishnet itself. In the meantime, it gives Firemon a healthy balance sheet to pursue acquisitions and other strategic alternatives while continuing its strong growth path that it has been on.
This will probably also set off a round of consolidation/acquisitions in this space. Tufin, Algo Sec, Red Seal, and Skybox Technologies all could be in play.
Terms of the sale were not announced. But with Firemon consistently posting strong quarter-over-quarter revenue growth, you have to assume the sale was at a healthy multiple of revenues. Congrats to Jody, Gary, Jerry Skurla, Matt Dean and the rest of my friends at Firemon.