IP Fabric 7.2 launches firewall filtering simulation, transparent firewall discovery, and improved compliance tools to provide enterprises with deeper visibility into their network security infrastructure.

Figure 1. IP Fabric Enhances Network Assurance with Advanced Firewall Discovery.

Managing network security and firewalls accurately is highly complex, and organizations still face two major challenges: discovering firewalls and ensuring configurations perform as intended. IP Fabric’s 7.2 platform update directly addresses these challenges. This release builds on the company’s February 7.0 update, which emphasized automation. Figure 1 shows IP Fabric Enhances Network Assurance with Advanced Firewall Discovery.

With version 7.2, IP Fabric enhances the discovery, configuration, and control of network security by focusing on four key areas:

• Firewall filtering simulation that models how traffic is processed through security devices
• Transparent firewall discovery that uncovers previously hidden Layer 2 firewalls
• Improved compliance checks aligned with standards like NIST and ISO 27001
• Granular access controls to prevent unauthorized changes in the network

The Core Challenge: Network Complexity

Today's enterprise networks are more complex than ever, extending across multiple cloud environments, overlay networks, and a wide variety of infrastructure components.

IP Fabric was founded by CEO Pavel Bykov, who drew on his firsthand experience with the shortcomings of traditional network management tools. After 15 years of building and managing global networks—including at Verizon—in 2015, he identified a significant gap in the market that needed to be addressed.

Confronting Complexity with a Digital Twin

“I started to notice that even with all of my tooling, all of my expertise, I was starting to become bad at my job,” said IP Fabric CEO and founder Pavel Bykov.

It wasn’t a matter of lacking resources—Bykov was leading projects with over 100 staff—but rather the overwhelming complexity of modern networks. That experience became the driving force behind IP Fabric: to give network professionals the tools they need to manage increasingly intricate environments effectively.

Bykov pointed out that some organizations still rely on spreadsheets or custom-built scripts to manage firewall rules—an approach ill-suited for today’s dynamic networks.

Digital Twin Approach to Network Simulation

At the heart of IP Fabric’s enhanced firewall capabilities is its advanced digital twin model of network infrastructure. This model replicates the complete operational state of the network, offering a live, interconnected view that extends down to individual electrical or optical signals.

• Validate firewall rule configurations
• Identify vulnerabilities in communication paths
• Simulate traffic flows across complex, hybrid environments

Transparent Firewall Discovery: A Major Breakthrough

One of the standout innovations in IP Fabric version 7.2 is its ability to detect and visualize transparent firewalls—security devices intentionally designed to operate invisibly within network paths. While these firewalls offer strategic benefits, they often introduce blind spots that hamper security monitoring and troubleshooting.

“Transparent firewalls have largely appeared invisible to other systems,” explained CEO Pavel Bykov. “We needed to update our model to support something that isn’t inherently visible from the troubleshooting perspective.”

To solve this, IP Fabric leveraged deep networking expertise. Despite being stealthy by design, transparent firewalls leave subtle traces, such as entries in ARP (Address Resolution Protocol) tables. By connecting to infrastructure devices via SSH and API credentials, IP Fabric gathers critical data—including interface states, bridge-group memberships, ACLs, and inspection rules.

The platform then analyzes this data to identify bridge group configurations and interfaces that pass traffic transparently. When users simulate end-to-end traffic paths, IP Fabric now factors in transparent firewall policy rules—whether they allow, deny, or inspect traffic—providing full visibility into how traffic flows through platforms such as Forcepoint, Cisco Firepower, Fortinet, and Palo Alto Networks.

Meeting the Rising Bar of Compliance

Version 7.2 also brings powerful enhancements to compliance monitoring—an increasingly urgent priority for organizations navigating strict security frameworks.

Key compliance features include:

• Complete device visibility along traffic paths
• CVE mapping to quickly associate vulnerabilities with affected assets
• Customizable misconfiguration checks for faster issue detection

Reference:

1. https://www.networkworld.com/article/3992173/ip-fabric-weaves-advanced-firewall-discovery-into-network-assurance-platform.html
2. https://www.globenewswire.com/news-release/2025/05/21/3085749/0/en/IP-Fabric-Advances-Security-Posture-Assurance-with-Firewall-Discovery-and-Simulation.html

Cite this article:

Priyadharshini S (2025), IP Fabric Integrates Advanced Firewall Discovery into Its Network Assurance Platform, AnaTechMaz, pp. 163