Firewall Assurance Replacement Service

The agency seeks a commercial off-the-shelf solution for comprehensive firewall security policy management and assurance. The chosen platform must support enhanced integration with modern DevOps workflows, Git-based version control, and enterprise service management platforms, meeting or exceeding current operational capabilities.

Key requirements include policy and rule analysis—collecting and analyzing firewall and security policy configurations across multi-vendor firewalls, routers, and cloud security groups. The solution should provide automated rule cleanup, impact analysis, and verification of safe rule removals. End-to-end network access path mapping across firewalls, routers, ACLs, and cloud security groups is required, along with automated compliance checks against internal policies and industry standards. Risk context should be delivered with correlation to known vulnerabilities and threat intelligence.

Change management features must integrate with existing firewall change workflows and ticketing systems, offering simulations of proposed changes, compliance re-validation, rollback recommendations, and verification post-change. The solution should support hybrid environments and deployment across on-premises, cloud-hosted, and hybrid infrastructures, with high availability, disaster recovery, and secure credential storage. Reporting must be robust, including role-based dashboards, scheduled and ad hoc reporting, multi-factor authentication, RBAC, audit logging, and support for technical account management with 24x7x365 technical support, SLAs, and software updates.