FireMon Bolsters Channel Investment, Funds Head Count For Growth

Firewall policy and risk management platform maker FireMon is getting more aggressive, doubling its investment in the channel in 2014 and fully funding head count with some partners in an effort to bolster sales.

FireMon is seeing strong momentum in its firewall policy management and network security analysis platform as businesses race to rip out legacy security appliances in favor of new gear with modern threat detection capabilities, the company's Channel Chief, Todd DeBell, told CRN. The company is funding 100 percent head count at about half a dozen of its partners to provide support and look at areas where potential opportunities exist, he said.

"We've made an investment to stay relevant and to have a strategic role within their organization. When they are thinking about vendors, we are in a position where FireMon comes to the top of their list," DeBell said.

[Related: Breach Stats Prompt Need For Vulnerability, Configuration Assessment ]

Sponsored post

Some top-tier partners have been brought in for hands-on training to be more knowledgeable beyond installation, DeBell said. The company bolstered an investment in marketing that helped establish and execute on event plans with regional partners. Meanwhile, an aggressive deal-registration program adds 20 points to the standard 10 percent to 15 percent discount, giving the partner that registers a deal first to gain up to a 35 percent discount on products.

"From a discount standpoint and protection standpoint, we've been very aggressive to help partners maintain margin, maintain account control and be in a situation where they are rewarded for activities where they are doing business on our behalf," DeBell said. "Our goal is to help them be excited to go out and do business on a day-to-day basis without worrying about being in a bid or direct-purchasing situation."

The company's multitiered Ignite Partner Program consists of an Authorized level for pure resellers, and Gold and Platinum levels that include additional sales, marketing and implementation support. FireMon has been focused on more structured lead-generation activities that have a regional focus. Market development funds also are available to certain partners that are more actively engaged with trained and certified sales and support engineers, DeBell said.

FireMon's business is roughly 90 percent channel, said DeBell, who is committed to seeing the number get closer to 100 percent. The company has some named accounts that work with a few clients directly, but the firm has been transitioning those accounts out to partners, he said.

DeBell said partners can establish a strong security practice by selling the company's management platform. It not only addresses device policies and change management, but the software increases visibility over configuration weaknesses and other potential problems that could be used by an attacker, and it helps businesses meet compliance initiatives.

NEXT: Partner Praises FireMon Channel Focus

FireMon consistently has been improving its channel program. It has added technical capabilities to distinguish it from a field of about three or four other vendors, said Joe Luciano, CEO of Access It Group, Mountain Lakes, N.J. FireMon competes against Tufin Technologies and AlgoSec, which share similar capabilities. The company also has added a risk engine that pits it against some risk and compliance platforms. FireMon bolstered its brand awareness, increased advertising and made businesses aware of the complex problem of managing policies across multiple devices and brands. The company also has placed key executives to support its channel approach, Luciano said.

"In the past couple of years, we've seen a huge leap in terms of partnership support as well as technology direction," Luciano told CRN.

Access It Group was recently named Top Eastern Region Partner for Growth and Revenue by FireMon. Access It Group caters to Fortune 2000-level enterprises that have a decentralized infrastructure with multiple firewalls and other devices that stand to improve operational efficiency and security through centralized management. Some firms had thousands of rules in their firewalls and no way to account for whether they were ultimately applicable anymore. Environments were becoming too complex and needed some simplification to increase visibility, Luciano said.

"By having so many people create rules, move rules and change rules, these firms understand that it becomes unsafe and insecure over time," Luciano said.

FireMon has been aggressively recruiting partners over the past two years and has seen significant growth in attracting new partners that have network security expertise. Many of the firm's biggest partners have a Cisco install base, DeBell said, but newly recruited partners typically have a network firewall background and can work with a variety of network products, including Palo Alto, Check Point, Fortinet, Juniper Networks and McAfee appliances. The company also integrates with Rapid7, Qualys and Tenable for vulnerability management, DeBell said.

"We hit the traditional firewall ecosystem where partners know the security space, and has a strong relationship with one of the brands we support. The other side is the risk piece helping customers on the vulnerability side," DeBell said.

The company also is conducting outreach to attract managed service providers, DeBell said. The platform appeals to MSPs because, beyond migrating customers from legacy to next-generation firewalls where rules cleanup typically takes place, partners and MSPs see value-add consulting services due to the visibility the platform provides. The reporting capabilities are also an eye-opener for businesses that have compliance mandates to meet.

"We're in a spot where we can look at all those networking, routing and load-balancing devices," DeBell said." People get excited about [next-generation firewalls], but once they're deployed, they often find that they are not delivering what they expected, and it's not because of the technology -- it's how the appliance was configured, how the network was partitioned and designed."