How Firegrid Works

From agent install to policy deployment — here's exactly what happens with your data.

Your Network

Firewall

syslog + config
approved changes

Agent

HTTPS
syslog + config
approved changes
Firegrid Cloud

Firegrid Cloud

Ingest
Analyze
Recommend

Step by Step

Collection
1

Install the Agent

Deploy the Firegrid collector agent on a Windows host with network access to your firewall. Enroll the agent using a one-time provisioning code from the Firegrid portal.

2

Configure Log Forwarding

Point your firewall's syslog output to the collector agent. The agent receives raw syslog and streams traffic metadata to Firegrid cloud over HTTPS. Just standard syslog. No proprietary protocol, no firewall-side plugin.

3

Connect Your Firewall

Add your firewall's management credentials to the agent. The agent uses them locally to pull policy rules, address objects, and interface definitions. Credentials are stored encrypted on the agent host and never leave your network.

Analysis
4

Compare Policies Against Real Traffic

Firegrid brings your firewall configuration and traffic logs together. For each policy rule, you can see exactly which sources, destinations, and services are actually hitting it. You decide what needs tightening based on the evidence.

Deployment
5

Build Your Changes

For each rule, narrow the scope to match what your traffic actually requires. Tighten source and destination ranges, remove unused ports, reduce service scope. You build the changes, Firegrid shows you the data.

6

Deploy to Your Firewall

When you are ready, approve the changes and Firegrid sends them to the agent. The agent applies them directly to your firewall. Every change is logged with a full audit trail.

What Data Leaves Your Network

Sent to Firegrid Cloud

  • Traffic flow logs (source/destination IPs, ports, protocols, actions)
  • UTM logs (DNS, web filtering, IPS)
  • Firewall configuration (policy rules, address objects, service objects, interfaces)
  • Agent health telemetry

Never Leaves Your Network

  • Firewall management credentials
  • Packet payloads or application content

Security by Design

Agent is the only bridge

Firegrid cloud never connects to your firewall directly. All communication flows through the agent which you control.

Credentials stay local

Firewall credentials are stored encrypted on the agent host and used locally. They are never transmitted to or stored in the cloud.

You control every change

Recommendations are suggestions. Nothing deploys to your firewall without your explicit approval.

Encrypted in transit

Communication between the agent and Firegrid cloud is always encrypted.

See full security details →

Ready to see it in your environment?

Start free. No credit card required. Set up in under 30 minutes.

Get Started Free

Have questions? Contact us