Firewall audit tools automate the otherwise all-but-impossible task of analyzing complex and bloated rule sets to verify and demonstrate enterprise access controls and configuration change-management processes.
Although the market has been driven by compliance--it was essentially created by PCI DSS--these tools can also allow organizations to improve network performance, reduce downtime, improve security and reassign staff from shooting down firewall issues and analyzing configurations to taking on tasks that help grow the business.

The problems are familiar to organizations of all sizes--from those with just one or two overtaxed and inefficient firewalls, to large, distributed enterprises with scores or hundreds of firewalls administered by many business units, often all following different policies that may have been written before the units' acquisitions.

The link for this article located at Network World is no longer available.