FireMon has launched FireMon Insights 2.0, alongside new analysis of policy risks across hybrid enterprise networks.
Covering 9.2 million policy checks, the analysis points to persistent weaknesses in firewall governance. It found that 58% of firewalls fail high-severity compliance checks, while 48% fail critical-severity checks.
The findings also suggest many organisations are carrying large volumes of policy clutter. FireMon reported that 69% of firewall rules are unused, while 45% have no owner or documentation, creating audit gaps and operational blind spots.
A further 17% of rules were found to be redundant or shadowed, adding operational complexity and potentially hiding misconfigurations.
The figures reflect a broader problem for security teams managing a mix of on-premise and cloud environments. Firewalls, segmentation tools, and access controls often sit across different parts of a network, and policy oversight can become harder as those estates grow.
The latest version is intended to move beyond periodic reporting by giving security teams a continuous view of policy behaviour. It combines policy data with operational context to show where risk is building, which issues persist over time, and where automation could reduce manual effort.
One of the clearest contrasts in the data was between automated and manual workflows. According to the analysis, automated policy workflows showed a 67% lower change-related risk delta than manual changes.
That finding goes to the centre of a long-running debate in cybersecurity operations over whether manual change processes can still keep pace with complex environments. As rule sets expand and teams face pressure to respond quickly, documenting ownership, reviewing old rules, and removing duplication can become inconsistent.
In FireMon's view, the issue is no longer just operational inefficiency. "Firewall complexity is no longer just an operational problem. It is a control problem," said Jody Brazil, Chief Executive Officer, FireMon.
"Security teams have massive investments in firewalls, cloud, and segmentation platforms, but without control of policy those environments become difficult to manage securely. The problem is no longer lack of tools. It is lack of operational control," Brazil said.
Product changes
The updated version includes several new analytical functions focused on policy operations. These include policy change analysis intended to replace manual exports and spreadsheet tracking, workflow analysis to show where requests are rejected or delayed, and measures designed to identify repetitive manual work.
The release also adds control failure analysis and trend reporting over time. These features are designed to help teams identify which controls fail most often and where policy problems recur across managed devices.
Another addition is domain-based pass/fail visibility at the control level, intended to show where policy and compliance issues sit across different parts of a managed environment.
FireMon also said customers using FireMon Policy Manager reduced control failures by up to 31% in the first six months. It did not disclose how many customers were covered by that figure.
Wider pressures
The launch comes as companies face tighter scrutiny over how security controls are governed across hybrid estates. Network segmentation and microsegmentation have become more common as businesses try to limit the spread of attacks, but these tools also depend on well-managed policies to work as intended.
Brazil linked that pressure to the wider rise in AI-linked threats and the exposure of connected systems. "Technologies like Mythos are shining a bright light on a reality security teams can no longer ignore: any connected system is vulnerable," Brazil said.
"As AI accelerates the speed and scale of attacks, firewalls, segmentation, and policy governance become more important than ever. Our Insights data shows most organizations still lack the operational control needed to consistently manage policy across hybrid environments. That is why network segmentation, microsegmentation, and continuous policy governance are becoming foundational to reducing attack surface and limiting blast radius," Brazil said.