Centralized Firewall Management and Compliance Framework

This document is a case study detailing how Convey Health Solutions implemented FireMon's NSPM to achieve compliance with the HITRUST Common Security Framework (CSF) and PCI-DSS standards. The case study outlines the challenges faced by Convey Health, which included managing over 40 decentralized firewalls and relying on manual processes that were prone to errors. The objectives included achieving HITRUST CSF certification, conducting a full rule cleanup, automating change management processes, and improving reporting accuracy. The solution provided by FireMon included centralized firewall management, real-time visibility, and customizable compliance assessments. The results highlighted a 100% compliance with PCI-DSS, a 66% reduction in the time required to produce compliance reports, and the identification and removal of over 150 shadow rules. The implementation significantly streamlined the compliance audit process, reducing the overall audit time by two-thirds, thus enhancing operational efficiency.