Firewall Policy Builder

Next Generation Firewalls are now the de-facto security gateways across your enterprise network – protecting your perimeter, data center and extranet from cyber-attacks targeting your IT assets.

Deploying new next generation firewalls should result in better security posture with well-defined security policies, integration into active directory for role based access control along with application awareness and granularity. The reality is somewhat different – organizations are facing challenges in being able to translate the technical features and benefits of the next generation firewall into the real world.

In comes Firewall Policy Builder - we enable security teams to quickly and accurately lock down OPEN security firewall policies. Through real-time analysis, recommendation of firewall policies based on usage and generation of automated bulk configuration commands that are simply executed on the firewalls. Locking down open security policies on your next generation firewall deployment is now made easy with firewall policy builder –allowing you to lock down in weeks rather than months or even years.

Firewall Policy Builder

Firewall Policy Builder

The firewall policy builder comes in different form factors – physical appliance, virtual appliance or as a SaaS cloud service to suit the needs of the organization.

The appliance is installed at the organization’s management network.

The newly deployed next generation firewall sends traffic logs in the form of syslog to the firewall policy builder tool which performs real-time analysis and storing the communication flow matrix in a series of complex databases.


With custom developed advanced algorithms the tool populates the database with the communication flow as the firewall continues to send traffic syslog to the tool.

After sufficient time-span of a few weeks to capture sufficient traffic flow, that tool can then be instructed to group, coalesce and combine traffic flow of similar characteristics. For example ten source IP addresses communicating to the same destination IP address with five TCP and UDP ports are grouped into a single policy and single communication flow matrix.

Once grouped the firewall policy builder can then generate the CLI configuration commands of the grouped security policies in different formats.

Firewall policy builder supports various next generation firewall technology vendors. Once the configuration commands are generated the IT department can simply copy and paste the configuration to the firewalls and apply the changes resulting in open security policies on firewalls being locked down in a short period of time.

Open security policies on your enterprise firewalls is a common problem that many security practitioners can relate to. Whether it is deploying new cluster of NGFWs in your data center that never existed or you are inheriting a legacy firewall with OPEN security policies that has been the cause of audit failures. Firewall Policy Builder is here to assist your organization meet compliance requirements by helping you "lock down" your high-risk OPEN security policies in real-time.

Firewall Policy Builder Workflow

Firewall Policy Builder Dashboard

Firewall Policy Builder - Technical Overview

  • Works with major NGFW vendors - Juniper Networks SRX and Fortinet FortiGate platforms
  • REAL-TIME SYSLOG Engine parsing traffic logs for OPEN security policies
  • Pre-hardened Secure Database for SYSLOG data retention and normalization
  • Advanced Grouping Algorithm of traffic flow SYSLOG data that are of similar characteristics
  • Granular filtering of SYSLOG data to analyze interesting security policy IDs, security zones, ingress interface etc
  • Automated one-click generation of consolidated security firewall policies configuration commands
  • Automated configuration commands can be executed directly into the supported firewalls
  • Integration with SIEM solution as a secondary SYSLOG forwarding destination

Contact us to learn more about Firewall Policy Builder

Contact us