FireMon Security Manager Reviews

I have been using FireMon Security Manager for around two years in a production environment, mainly for firewall policy review, compliance report, rule cleanup, and change tracking across multiple firewall platforms such as Palo Alto, Fortinet, and SonicWall, in addition to Check Point. Over this time, it has become part of the regular operations for audit and policy governance rather than just a one-time tool.

A very common day-to-day use case for us with FireMon Security Manager is policy review and cleanup before an audit. For example, recently, we had to prepare for an internal security audit, and we used FireMon Security Manager to run a policy analysis across multiple firewalls such as Palo Alto, Fortinet, SonicWall, and Check Point. FireMon Security Manager quickly highlights unused, over-permissive rules, as well as shadow and duplicate rules, allowing us to generate a risk and compliance report from FireMon Security Manager, review the findings with the application owner, and use that output to clean up and optimize the rule base. It also helps us track changes and document what was modified and why, making audit evidence much easier. FireMon Security Manager plays a key role in reducing risk, speeding up audit preparations, and making policy cleanup structured instead of manual and error-prone.

Based on my experience and operational uses, some of the best features FireMon Security Manager offers include centralized policy visibility, which provides a single pane of glass view across all firewall vendors and devices without needing to log into each firewall to understand rules. Another important feature is risk and rule analysis, which highlights risky, unused, shadow, duplicate, and overly permissive rules automatically, saving huge time on manual audits and helping reduce the attack surface. Compliance reporting is also a key feature, with built-in reports for standards such as PCI DSS, ISO 27001, and NIST, ready for auditors and saving weeks of work generating and validating evidence. Additionally, rule cleanup or recertification workflows allow assignment of rules to owners for validation and enforcement of governance. Multi-vendor support is significant as FireMon Security Manager works across various firewalls such as Palo Alto, Fortinet, Cisco, Check Point, and SonicWall. Policy automation is one of the most critical features, as it automates repetitive tasks such as rule assessment, reporting, and compliance snapshots, reducing manual work weekly or monthly.

I rely the most on the policy risk and rule analysis feature of FireMon Security Manager, as this is the most practical and high-impact feature on a day-to-day basis. It quickly shows unused rules, overly permissive rules, shadow rules, and duplicate rules across all firewalls. Instead of manually reviewing thousands of rules, FireMon Security Manager gives a clear prioritized view of what is actually risky or unnecessary, which directly helps in reducing the attack surface, preparing for audits, and keeping the rule base clean without spending days on manual checks. The risk and rule analysis feature is the most valuable, saving time, reducing human errors, and continuously improving the security posture.

One thing that stands out about FireMon Security Manager is how much visibility and control it provides over complex multi-vendor firewall environments, which really changes policy management from a reactive task to a more proactive and governed process.

I wish to see deeper and more customizable reporting and dashboards, as while the standard reports are useful for audits, operational teams sometimes need real-time, flexible views without exporting data. Tighter integrations with ticketing and change management tools would also enhance the workflow from request to implementation. FireMon Security Manager is excellent for policy governance and risk reduction, but better real-time dashboards and stronger workflow integrations would make it even more powerful for daily operations.

There are one or two areas where FireMon Security Manager could be improved to make it even stronger. While FireMon Security Manager overall delivers solid governance and risk insight, it would benefit from more flexible dashboards and deeper integrations to reduce manual steps and improve visibility without relying on external tools.

I rate FireMon Security Manager an 8 out of 10. It is a strong tool for firewall policy management, risk analysis, and compliance, clearly improving our audit process and policy governance. The reason I do not give it a 9 out of 10 is mainly because the dashboard could be more flexible and integration with the firewalls could be smoother. FireMon Security Manager is a reliable and high-value platform for managing and governing firewall policies, especially in a multi-vendor environment, though a few areas can still be improved.

I have been in my current field for more than six years.

FireMon Security Manager has been stable and reliable in our experience. We have not experienced any major crashes, data losses, or serious outages. It runs consistently during day-to-day operations, including policy analysis, reporting, and change tracking. While we do regular maintenance and upgrades during planned windows as any enterprise tool would require, there has been no major technical issues or unplanned downtimes. FireMon Security Manager has maintained steady performance even when scanning multiple firewalls and large rule pages.

FireMon Security Manager's scalability is good and practical for most enterprise environments. It handles increasing workloads and growing numbers of firewalls quite well, provided the underlying infrastructure such as CPU, memory, and database is sized correctly. We started with a moderate number of firewalls and added more over time without any performance degradation. Reports, risk scans, and compliance checks continue to run reliably as the device count increases. The key to scalability is the platform's sizing and how we use it in our environment; larger rule bases and more frequent scans may benefit from additional resources. Proper database maintenance and archiving also help maintain consistent performance. We have successfully scaled from dozens to a couple of hundred firewall devices, and FireMon Security Manager has kept up well through that growth.

The customer support for FireMon Security Manager has been outstanding in our experience. We have interacted with their support team a few times for setup questions and minor tuning issues, with responses being quick, knowledgeable, and very helpful. Issues were understood quickly and resolved without unnecessary back and forth.

We did not use a different and dedicated solution before FireMon Security Manager. Most of our work was done manually using native firewall management tools and spreadsheets for reviews and audits, which was time-consuming and error-prone. We adopted FireMon Security Manager to centralize policy management, automate analysis, and improve audit readiness, shifting from a manual process to FireMon Security Manager for saving time, reducing risk, and establishing proper governance in firewall policy management.

Our experience with FireMon Security Manager pricing, setup cost, and licensing has been reliable but not impressive or inexpensive. FireMon Security Manager is typically licensed based on the number of devices or policy targets you connect, such as firewalls and routers, rather than by the seat. This model makes sense for a multi-vendor environment, but costs can scale up quickly if you have hundreds of firewalls. The subscription pricing includes access to the platform and updates, but advanced modules or plugins, such as compliance packs or integrations, may require additional licensing. The initial setup is not trivial; it takes a few days to onboard all firewalls, configure connectors, and tune rule analysis baseline. Initial consulting or professional services can help speed this up, but that adds to startup cost. Once setup and baseline are done, ongoing effort is low and valuable. The cost for us is justified by the audit time saving and policy cleanup efficiency FireMon Security Manager delivers.

We have seen a major return on investment with FireMon Security Manager, especially concerning time saved and risk reductions, though this is not always captured in hard dollar figures. Before FireMon Security Manager, preparing for quarterly or annual audits meant manual reviews, cross-checking rules in spreadsheets, and building documentation, typically involving 30 to 40 engineers per audit cycle. After implementing FireMon Security Manager, policy risk reports, compliance reports, and anomalies are generated automatically, which reduces audit preparation down to 15 to 18 hours per cycle, saving about 40 to 50% of time just on audit-related efforts. Additionally, FireMon Security Manager's risk analysis helps us identify and remove hundreds of unused or risky rules within a week instead of months, thereby minimizing misconfiguration risk, lowering troubleshooting efforts, and strengthening overall security posture. While it is challenging to quantify risk reductions in monetary terms, the improvements in audit and compliance review are direct and visible. The same team now accomplishes more with less manual effort focusing on policy optimization, impact analysis, and governance flow instead of manual rule validation. In one audit cycle, preparation used to take 36 hours, which FireMon Security Manager has reduced to 16 hours, saving 20 hours for one cycle. With four audits per year, that leads to up to 80 hours saved annually, which might even exceed 100 hours. Assuming an engineer's cost per hour, this easily covers a portion of the FireMon Security Manager subscription over time. FireMon Security Manager delivers ROI through significant time savings, cleaner rule bases, and improved risk visibility, especially for organizations with complex multi-vendor firewalls.

We compare total engineer hours spent before versus after FireMon Security Manager and the number of days needed to get audit-ready reports, which explains the 40 to 50% time reductions based on practical ops-based measurement, not just a theoretical number. FireMon Security Manager clearly cuts audit preparation efforts almost in half by automating analysis and reporting.

The 40 to 50% reduction in audit preparation time was mainly based on hours spent by the team. Before FireMon Security Manager, audit preparation involved manually logging into multiple firewalls, exporting rules, checking them in spreadsheets, and building reports, with typically two to three engineers spending several days on this. After FireMon Security Manager, most of this work is automated; risk analysis, compliance checks, and reports are generated directly from the tool. The same preparation now usually takes about half an hour, sometimes even less.

We did a quick market scan before choosing FireMon Security Manager, but we did not find any other solution that met our requirements as effectively for multi-vendor firewall policy management and compliance. Hence, we did not seriously evaluate or shortlist another product.

My main advice for others looking into using FireMon Security Manager is to clearly define your policy management and compliance goals before deployment. This tool is powerful, and you will get the most value from it if you plan its use for risk analysis, rule cleanup, and audit workflows from day one. It is also important to size the platform properly based on the number of devices and rule base size, investing some time in initial tuning and baseline—this upfront effort pays off later with accurate reports and meaningful risk insights. Finally, involve both security and network teams early, ensuring FireMon Security Manager becomes a part of the regular change and governance process rather than just an audit tool.

One thing that stands out about FireMon Security Manager is how much visibility and control it provides over complex multi-vendor firewall environments, which really changes policy management from a reactive task to a more proactive and governed process. I rate this product an 8 out of 10.

Private Cloud

Other

Our main use case for FireMon Security Manager is centralized firewall policies, visibility, and risk management in a large environment with close to 200 firewalls. FireMon Security Manager helps us identify risky or unused rules, maintain compliance, and support audit without manual policy review.

On a day-to-day basis, we use FireMon Security Manager to review firewall rules, changes, and identify unused or risky rules. For example, before or after a change window, we run policy analysis to check overly permissive access and confirm whether the rule is still required. This helps us reduce risk and stay audit-ready in the large environment. We use FireMon Security Manager daily to analyze rule changes, spot unused rules, and prepare clean reports for audit without manual checks.

FireMon Security Manager helps standardize firewall policies and review access. Instead of relying on individual firewall expertise, we use FireMon Security Manager as a single source of truth to consistently assess risk, track changes, and support compliance in large, regulated environments.

The best features of FireMon Security Manager are centralized firewall visibility, policy risk analysis, and compliance reporting. It provides a single view across all firewalls, helps quickly identify risks and unused rules, and generates audit-ready reports, which is extremely useful in large, regulated environments. Change tracking is also very helpful, as it shows who changed what and when, reducing the risk of misconfiguration.

The change tracking feature has helped our team by giving clear visibility into what rule was changed, when it was changed, and whether it introduced any risk. This has reduced troubleshooting time and helped us quickly validate changes during audit and incident review. Policy risk analysis and unused rule identification are also very valuable, especially in large environments, as they have helped us continuously reduce risk and keep firewall policies clean.

The reporting and dashboard visibility are worth highlighting. FireMon Security Manager makes it easy to share clear, understandable reports with auditors and management, which saves time and reduces back-and-forth during review.

FireMon Security Manager has had a very positive impact on our organization by reducing manual effort and improving overall security posture. It helped us gain centralized visibility across a large firewall environment, reduce risk and unused rules, and significantly shorten the time required for audit and policy reviews. It has also improved change control and accountability, which reduced configuration errors and operational risk.

FireMon Security Manager is a strong platform. However, it could be improved with a more intuitive user interface and faster initial onboarding for new users. Simplifying some workflows and dashboards would help teams get value more quickly, especially in large environments. More guided recommendations for rule cleanup would also make day-to-day operations even easier.

I have been using FireMon Security Manager for the last 1.5 years.

I have not faced any issues with FireMon Security Manager. It has been more than one year and the solution is still running perfectly fine.

We are managing a large number of firewalls with the client where the solution is installed. As the environment grew, FireMon Security Manager continued to handle policy analysis, reporting, and change tracking reliably without performance issues. Even with the increased workload, the platform remained stable and consistent, which is critical in large, regulated environments.

The customer support is outstanding.

We have seen a clear return on investment with FireMon Security Manager. It significantly reduced the time spent on manual firewall policy review and audit preparation. Tasks that earlier required multiple team members and several days can now be handled by fewer people in a much shorter time. The biggest ROI has been time savings and operational efficiency rather than direct cost savings. It allows the same team to manage a much larger firewall environment without increasing headcount.

Since using FireMon Security Manager, we have seen a clear reduction in manual effort. Firewall policy reviews and audit preparation that earlier took days now take a few hours, especially when dealing with a large number of firewalls. This has helped the team focus more on analysis and decision-making instead of manual rule checking. It significantly reduced the time spent on manual policy reviews and audit preparation, making the process faster and more efficient.

Our experience with FireMon Security Manager's pricing and licensing is that it is on the higher side, but justified for a large, regulated environment. The setup cost and licensing made sense given the scale, compliance requirements, and the value it delivers in reducing manual effort and audit risk.

I evaluated several solutions available in the market, including Tufin and AlgoSec. However, I would not recommend any other solution besides FireMon Security Manager.

My advice would be to clearly understand your firewall scale and compliance requirements before deployment. FireMon Security Manager delivers the most value in large or regulated environments, so proper planning, clean onboarding, and stakeholder alignment will help you get benefits faster. It works best at scale, so plan the deployment properly and align it with audit and compliance goals. FireMon Security Manager is a strong choice for large environments, especially where compliance and audit readiness are critical. I rate this solution an 8 overall.

On-premises

The main case of FireMon Security Manager is firewall policy management and compliance.

For an example, an application team requested access from a vendor network to an internal server. Before approving it, I used FireMon Security Manager to simulate the rule and analyze the risk. It showed that the requested access was too broad and would violate our internal policy. Using FireMon Security Manager, I identified the overly permissive access, narrowed the rule to a specific source, destination, and the port, checked the rule conflict and the redundancy, verified it met compliance requirements. Then I approved the least privilege rule instead of the original one. This prevented unnecessary exposure and kept the firewall policy clean.

Here are the best features which are offered by FireMon Security Manager: firewall policy analysis and optimization, risk impact and analysis, change management automation, compliance monitoring and reporting, and visibility across multiple firewalls.

Policy analysis and risk impact made the biggest difference for my team. It quickly identifies overly permissive or unused firewall rules, helping us reduce risk, clean up policies, and save time on manual reviews.

FireMon Security Manager has improved our organization by reducing risk, saving time, and improving compliance. It helps us quickly identify overly permissive rules, automate policy reviews, and maintain audit-ready reports. As a result, firewall changes are safer, manual effort is lower, and the overall visibility across the network is much better.

We saw about a forty to fifty percent reduction in the time spent on manual firewall rules reviews after using FireMon Security Manager. Compliance also improved. Audit preparation time dropped by sixty percent. Additionally, we reduced overly permissive or unused rules by roughly twenty-five to thirty percent.

The UI can be improved, including UI performance and navigation, and faster data refresh. Easier initial setup would be beneficial for new users. These areas can be improved by FireMon Security Manager.

I have been working in my current field for almost five years.

FireMon Security Manager is very stable.

Scalability is very good.

Customer support is moderate.

I chose eight out of ten because FireMon Security Manager delivers strong value in the policy analysis, risk visibility, and the compliance automation. It significantly reduced manual efforts, improves firewall rules, and makes audits much easier.

I have a partner business relationship with this vendor.

My experience with pricing and licensing for FireMon Security Manager was generally positive, but on the higher side. The cost is typically subscription-based and depends on the number of devices or firewalls being managed. It was on the higher side.

My advice is that if you are not an enterprise customer, then this solution is particularly not for a small customer because it is a use case for the enterprise customer, such as Bajaj, banks, and similar organizations. FireMon Security Manager is not the right fit for smaller organizations. I would rate FireMon Security Manager eight out of ten.

On-premises

My main use case for FireMon Security Manager is continuous firewall policy monitoring and compliance management, and I typically use this solution for analyzing firewall rules across multiple firewalls such as FortiGate or Palo Alto, identifying risky or non-compliant configurations and maintaining a clean and optimized rule base.

A specific example of how I use FireMon Security Manager for firewall policy monitoring or compliance management is that I regularly audit firewall rules. FireMon scans policies across devices, highlights unused rules, overly permissive access, and any rule that violates compliance, allowing me to review and clean up rules based on its recommendations.

The best feature FireMon Security Manager offers is the policy analysis feature, as it deeply inspects the firewall rules, and it also works with different firewall brands, making these two things very useful.

FireMon's deep inspection of firewall rules helps me in my daily work by deeply analyzing the firewall rules of all the firewalls integrated with the solution, evaluating the logic and behavior of the rule base, including rule usage, such as rule relationships and whether any shadow or redundant or overlapping rules are present, and it provides the risk level of open ports defined by any rule or exposure, making its compatibility with different firewall brands significantly beneficial for my team.

FireMon Security Manager has positively impacted my organization by being helpful in analyzing firewall policies, better controlling risks, reducing risky configurations, and improving the compliance readiness environment.

It improved compliance readiness as I have seen a better environment and found the solution enables faster policy reviews, typically involving less time in this solution because it works automatically, meaning I do not have to do anything manually.

FireMon Security Manager is working well and providing great features with full visibility across all firewalls, so I do not see any improvement needed at this time.

I have two years of experience using FireMon Security Manager.

FireMon Security Manager is stable.

FireMon Security Manager's scalability is excellent, as it can handle multiple firewalls at a time.

Customer support is excellent in their technical knowledge, and they are able to solve complex technical issues.

I would rate customer support a nine out of ten.

I have not switched from a different solution, as I have been using FireMon Security Manager since the beginning.

I purchased FireMon Security Manager through the AWS Marketplace.

I have seen a great return on investment, as I am able to save time for my team along with money savings.

I have seen that audit preparation has been reduced to a few hours compared to previously taking days or weeks, resulting in almost 60 to 70% time savings, and it has reduced the efforts in rule analysis and cleanup by 40 to 50%.

I have not evaluated other options before choosing FireMon Security Manager.

My advice to others looking into using FireMon Security Manager is that any mid-sized organization with a hybrid environment, especially those with multi-vendor firewalls, should consider this solution as a game changer, as it helps in compliance readiness, policy analysis, or policy cleanup, so I highly recommend considering this solution as one of the best options. I would rate this solution an eight out of ten overall.

Public Cloud

Amazon Web Services (AWS)

My main use case for FireMon Security Manager is Firewall Policy Management and Compliance Monitoring. We mainly use it to do our review, identify risky rules, and unused rules.

The best features that FireMon Security Manager offers are Risk Analysis and Rule Validation, Continuous Compliance and Monitoring, Policy Change Automation, Rule Usage and Traffic Visibility, and Centralized Multi-Firewall Management.

I find myself using the Risk Analysis and Rule Review feature the most. It automatically flags over-permissive, unused, or conflicting firewall rules and prioritizes them so I can quickly fix high-risk policies. This brings the most value because it continuously evaluates the policies and highlights vulnerabilities in real-time, helping reduce misconfiguration and maintain compliance without manual reviews.

FireMon Security Manager positively impacts our organization by improving visibility, reducing risk, and simplifying compliance. It continuously analyzes the firewall policies, identifies high-risk or unused rules, and helps fix misconfiguration before they cause issues. It also improves audit readiness and operational efficiency by automating compliance checks, generating reports, and reducing manual review work, which helps us maintain a stronger security posture.

As of now, I am satisfied with FireMon Security Manager, and there is nothing to add at this time. However, in the future, if I identify something that needs to be added, I will update my review and let others know who are considering purchasing this solution.

Customer support for FireMon Security Manager is neither good nor bad, but they can improve.

I have been using FireMon Security Manager for almost a year.

FireMon Security Manager is very stable.

FireMon Security Manager is a highly scalable solution.

Customer support for FireMon Security Manager is neither good nor bad, but they can improve.

We have not used any solution previously.

My experience with pricing, setup cost, and licensing for FireMon Security Manager is that these three parameters are very smooth and straightforward since this particular FireMon solution is used by enterprise customers, so it is very straightforward and quite simple.

I am not the right person from a technical background regarding return on investment metrics. I will say that time saving is a major factor in this case, as I mentioned in my review.

My experience with pricing, setup cost, and licensing for FireMon Security Manager is that these three parameters are very smooth and straightforward since this particular FireMon solution is used by enterprise customers, so it is very straightforward and quite simple.

We have not evaluated any other options before choosing FireMon Security Manager.

For example, I ran a daily task and a daily risk report in FireMon Security Manager that flagged a rule allowing any source to a service subnet. I reviewed the usage, confirmed it was too broad, and tightened it to the specific IPs and ports to reduce the risk.

FireMon Security Manager has saved our team a significant amount of manual review time. For example, rule reviews that used to take three to four hours manually are now done in thirty to forty-five minutes or less using automated risk and usage analysis. We also reduced unused firewall rules during cleanup, which improved policy clarity and lowered risk. Overall, it helps speed up audits, reduce manual efforts, and improves firewall hygiene.

If you are looking for a good solution such as FireMon Security Manager, then you should improve or increase your budget. I would rate this product an eight out of ten.

On-premises

FireMon Security Manager is a highly intelligent and useful device that consolidates all our security policies, including those for Zscaler proxies, into a single console. This centralized view eliminates gaps and inconsistencies between policies, simplifying policy review and analysis.

FireMon Security Manager is excellent for real-time compliance management. It allows us to quickly retrieve any policy needed for testing and easily analyze it for loopholes. If a loophole exists, FireMon provides comprehensive details within the policy manager.

It alerts us to firewall rule additions or changes that violate compliance policies. It supports various firewall platforms, including Checkpoint, Zscaler, Fortinet, Cisco, and AWS, and provides centralized management for all configured policies through a single console.

FireMon Security Manager provides many features, like whether my firewall is compatible with required standards such as NTP and SNMP. Each compliance included in our RFPs is shown in the UI of FireMon. It gives robust and clear dashboards, making it easier to understand risks because the policies have ratings showing usage, and the number of hit attacks.

It streamlines our compliance reporting processes by providing comprehensive risk and compliance assessments. It offers a range of features, including verification of firewall compatibility with protocols like NTP and SNMP, and detection of signal charges. FireMon effectively addresses all compliance requirements outlined in our RFPs. For instance, it can determine if firewalls or proxies within a stack are configured in Secure Mode or Active-Active mode. FireMon Security Manager enables us to generate reports on all these aspects, ensuring thorough compliance monitoring and documentation.

FireMon Security Manager is robust and can help automate firewall policy changes across large multi-vendor enterprise environments.

FireMon Security Manager helps automate firewall policy changes across various environments, including on-premises, cloud, hybrid, SASE, and SD-WAN. It also simplifies cleaning up firewall rules in our environment.

The time required to accurately create, approve, and deploy firewall policy rules has been reduced. Tasks that took 30 minutes can now be completed in just five minutes using FireMon.

FireMon provides immediate visibility into our policies through a robust and clear dashboard, making it easy to identify errors or misconfigurations based on the policy rating.

FireMon Security Manager is a fast and intelligent device that delivers results in under ten seconds, even with thousands of policies. Its user-friendly interface allows for easy viewing and searching of network policies, including proxies, all on one console. By eliminating loopholes between policies, it simplifies review and analysis, while also automating policy changes and supporting multiple vendors. The system provides alerts and notifications for streamlined implementation and features a robust dashboard for clear risk assessment.

Although configuration is not the most difficult aspect of FireMon, a basic understanding of cloud computing and firewall principles is necessary for successful implementation. Therefore, simplifying the configuration process would be a significant improvement.

The support response time has room for improvement.

I have been using FireMon Security Manager in the testing phase for six to seven months.

I would rate the stability of FireMon Security Manager nine out of ten. It provides a stable environment with excellent scalability.

I rate the scalability of FireMon Security Manager a nine out of ten. It offers extensive scalability options, providing more flexibility than other vendors.

The technical support is good, but sometimes it takes some time.

Positive

The deployment required some additional knowledge and took eight to nine days, but my team handled it efficiently.

My team, consisting of around 20 people, handled the deployment because not everyone had access to the firewall policy manager.

Other vendors have policy managers, but they are not as fast as FireMon Security Manager.

I would rate FireMon Security Manager nine out of ten.

I recommend FireMon Security Manager because it consolidates all devices into a structured serial and single port.

On-premises

I use FireMon in my work. I work in security and compliance, so I use it to monitor security and compliance within the firewalls.

The most effective feature is the general reporting on compliance. It has helped me bring all the firewalls into better alignment with the compliance requirements in my environment. The general long-term compliance monitoring has been the most beneficial aspect to me.

For one company I work with, I use Fortinet, and FireMon is not able to understand the zones that Fortinet uses. Part of that compliance piece does not provide me with the necessary information. Another company I work with uses Meraki as a firewall system, and in this case, FireMon can see everything much better and provides me with a fuller report.

I have used the solution for two years.

In terms of stability, FireMon has been stable. I have not had any problems in that regard.

I think the capabilities are good and potentially useful. The issue for me started with Fortinet not being able to see things correctly. It lost its appeal in terms of what it could do for me from a security standpoint, so I do not pay as much attention to it. I use other tools to focus more on the security side of things. If I have the time to look at Meraki, it might handle that better and be much more useful. I understand the concepts behind FireMon and what it does. If it can see and interpret everything correctly, it would do exactly what I want, and it would be very helpful.

Their technical support is an eight out of ten. It is not perfect, but I have high standards because I provide so much technical support within my enterprise. An average or no real appeal would be a five. An eight signifies they are doing a good job. They do not always have the answer, but I cannot expect everyone to always have the answer. As long as they eventually provide the answer, I am happy.

Positive

The setup was not complicated. It was pretty straightforward.

There were not any challenges. It was just straightforward.

Comparatively, FireMon has a very good price and is below the general competition in cost. I have not seen any additional fees beyond the general contract fees for the usage I have. So, I have not encountered any hidden costs.

I rate FireMon a seven out of ten. It is good, but I have not found it as useful as I hoped when I first evaluated it. This is generally because it does not interpret the Fortinet zones correctly, which diminishes its appeal. That is why I rate it a seven. However, looking at the Meraki side, it may do exactly what I expected initially.

Hybrid Cloud

Other

Whenever I have a project or implementation, I use FireMon Security Manager for firewall cleanup or reporting. When I have an assessment project, I need to ensure the complexity of the firewall rules and identify unused rules from my side. It helps me to generate these reports and clean up the firewall itself.

It automatically warns us when new firewall rules, and changes to existing ones, violate compliance policies before they are deployed. This is important because I need to know who made the changes or when a change was made. It helps with tracking.

It has helped with the compliance reporting processes in an effective way.

It has helped to clean up firewall rules to some extent. It is not 100% percent but meets the needs.

It has decreased errors and misconfigurations that increase risk in an environment. There has been about a 90% reduction.

The most valuable feature for me is its capability for cleanup and managing the complexity of security products. It provides me with performance indicators like the complexity of the device itself and also identifies unused rules. In time, it helps in an effective way.

A feature that could be improved is support for more devices, not just the firewall. It would be beneficial if they expanded to other devices like switches, routers, and other security devices, perhaps including proxies. Although I know it supports F5 LTM, supporting more products would be advantageous.

I have been working with it since 2015, but I do not use it frequently. I sometimes implement it for a customer and use it when needed.

Sometimes, there is a problem related to the sizing itself. If we have many devices added or if the firewall complexity is huge, we might experience some lag in processing. It may relate to the hardware specifications.

If we need to add more devices or more FireMon instances, I believe scalability is good from their side.

I have contacted customer service, but it was a long time ago.

Neutral

I have worked with alternatives such as AlgoSec. FireMon is more user-friendly and has better reporting.

The setup is easy. I do not remember the exact details, but it does not take too much time, one or two days maximum.

Its pricing is good. Compared to others, it is not so expensive.

For those looking to buy this solution, it is important to study the devices to be added to ensure correct specifications or hardware. This will satisfy their needs and expectations from FireMon. If there are many devices to be added, they should consider the appropriate hardware specs and VM.

Overall, I would rate this solution a nine out of ten.

On-premises

We have a two-server system for web applications, and we utilize FireMon to manage our Palo Alto firewalls. We log in to FireMon for reporting and creating rules. Currently, I am working on a project that involves using FireMon to clean up some of our open rules.

FireMon is deployed on-premises.

The real-time compliance management is excellent. It's something we prioritize in our efforts to comply in real-time. We have established some rules following the PCI guidelines as we are currently working towards achieving PCI compliance. These rules serve as metrics for us to assess our progress. We believe that real-time capabilities are essential and exciting for our organization.

FireMon alerts us whenever there are new rules or changes to existing ones. I have set up some reports that arrive in my inbox daily, providing me with a summary. So, if there are any changes within the environment, I am notified. I believe that FireMon can also notify us before a change is made in our environment.

The compliance reporting process does not require much time or effort, as long as we know what we are doing.

FireMon helps automate firewall policy changes across large and multi-vendor enterprise environments.

FireMon provides us with a dashboard view that shows an overhead view of all our redundant rules, along with our own user rules. With this information, we can generate reports and focus on specific criteria we are interested in. By doing so, we can easily identify rules that are actively in use, while also being able to spot duplicates and other elements that aid in cleanup efforts.

FireMon helps us save time when creating, approving, and deploying firewall policies. For instance, when we deployed certain rules, they resembled penetration testing scenarios. The reports provided us with the capability to monitor activities in our network and effectively save time. Consequently, we could easily share these reports with the networking team, enabling them to promptly remove the identified rules, rather than having to conduct extensive and time-consuming investigations.

FireMon helps to reduce misconfiguration, which can increase risks in our environment by at least ten percent. For example, it achieves this by not deploying specific rules that are overly permissive.

FireMon assists in identifying risks within our environment and prioritizing fixes for those risks. This is an essential feature of our organization.

What I like about FireMon is the ability to track changes made by network engineers on the network. This allows us to run reports based on those changes. We can also track new rules to see if they comply with our standards. Additionally, we can identify rules that haven't been used or those that duplicate others excessively. FireMon enables us to create reports that provide valuable information for making changes within the system.

The dashboard in FireMon is excellent, offering an overview of our network's compliance and security index database, among other things. I have also used FireMon for risk analysis of policies, exploring the possibilities and findings. While primarily focused on cleaning up files for a project, I have utilized many features for removing redundant and unused rules.

However, I am aware that FireMon has even more to offer, such as understanding our network topology and conducting a comprehensive risk analysis. My current work mostly revolves around compliance, change management, and reviewing the alterations made.

FireMon could be made more user-friendly when it comes to creating filters or conducting traffic analysis.

I have been using FireMon for eight months. 

FireMon is quite stable overall. However, there is one issue I encounter when attempting to run reports. Occasionally, it indicates that I do not have to report the web services. I'm uncertain if this problem is unique to our system or not, as it seems to be an ongoing concern. I have submitted several tickets, with five more related to this particular issue. Aside from that, FireMon remains stable and does not experience frequent downtimes. The only inconvenience arises when running reports, as it occasionally prompts an error, leading to a need for a web server restart.

The technical support is generally good, but they can sometimes be slow in responding.

Positive

I would rate FireMon a seven out of ten. There's a lot more I can gain from FireMon, as opposed to just running reports. I am particularly interested in automation and similar functionalities, but I haven't dedicated enough time to fully take advantage of all the features it offers.

There are ten of us using FireMon within our organization.

The maintenance we undergo for FireMon primarily involves upgrades. We have dedicated networking personnel and a development manager who oversees the maintenance.

I suggest spending a significant amount of time watching the videos; there are some beneficial training videos available. Additionally, it would be beneficial to arrange some sessions with their contact. I have an account and have been having sessions with my contact for five months.

Firewall policy clean-up management is undoubtedly a priority. If we have rules that are not correctly configured or overly encrypted, we expose our environment to numerous serious compromises, making it imperative to address this promptly.

On-premises

We're an MSSP, so we put FireMon on our customer sites to monitor their security devices.

It's so quick at finding redundant and shadowed rules. I used to have to do that and I would have to yell at people to stop bothering me because I needed my complete concentration to do it. And there was still human error. FireMon saves all that time and eliminates that human error.

Also, in terms of our compliance reporting process, they would give us a week and we'd pull all the configurations of all the firewalls and send them off to someone like me who would go through them and say, "Hey, this is not good. Take a close look at this. Why is it any-any?" People would have to go back and look at the firewalls to see if that was a business risk or not and, if it was, have the company sign off on it as a business risk. That would actually take up to about six months of going back and forth, giving people weeks at a time to respond.

With FireMon Security Manager, I can create a report and send it off to the customer and say, "Here are the 98 rules that put you at high risk. Are these needed?" They look at them and say, "Oh no, that application is gone, you can get rid of that." Or they say, "Yep, this is an acceptable risk." I then say, "Okay, I'm going to be back in a year," and I mark it as "acceptable risk, by so and so." A year later I can go back and say, "Is this still an acceptable risk to you?" It makes our compliance so much easier when compared to having to do it manually. I would recommend everybody get this tool just for that aspect.

A module that we have to pay for, because we're using FireMon Security Manager, helps automate firewall policy changes across large, multi-vendor enterprise environments, and it's the only solution that does that. The rest of them are so labor-intensive that this would probably save 70 percent of that work time. It enables us to make changes company-wide. Suppose one of our clients has 60 firewalls. We can do a company-wide firewall update within about two hours if they have multiple brands of firewalls. We can do it in about 30 minutes if they only have one brand. When we had a person logging in to manually do it, it would take them at least a day for 60 firewalls. Now, if it's Palo Alto, we can do it in half an hour. If it's Fortinet, it can take us an hour and a half.

We have about 20 customers and we're saving at least a day of time for each one of those customers. Within one day, we can do what we used to do in two weeks. That's very significant because we were looking at hiring more people. FireMon has reduced the need for that. As our people become more and more efficient, we can actually have more and more customers without having to increase our labor force.

The solution can also talk across on-premises, cloud, hybrid, SASE, and SD-WAN environments. You need the path. Once you have the path, which most of the time is going to be a VPN tunnel if it's over an untrusted area, you can do anything. That makes it one pane of glass. For example, in the past, if it was on-prem and in the cloud, I would have to do an on-prem pane of glass and a cloud pane of glass. Now I can do it in one pane of glass and it's less labor-intensive and much faster.

You can even automate the cleanup of firewall rules in a large, enterprise environment. That's the nice part about it. You can say, "Here are 100 rules I want you to disable," put in the IP addresses, hit enter, and it pushes that out to the 60 firewalls. It takes time, but you walk away. You've saved tons of time while it's doing the process for you through automation. I can't see working on more than one firewall without having this tool.

If you make a mistake on one IP address, and you push it out to 60 firewalls, instead of bringing one down, you could bring them all down. You measure twice and cut once. You verify, you make sure you have the stuff in there. Then you have a second person to look at it and, when you both agree, you hit enter and you know you're not going to bring the system down. That actually takes a little bit more time because it's a two-person activity where it used to be just one. We used to bring down a firewall once a month and now we don't do that. We're saving at least one outage day and then another day of apologizing.

People have a tendency to just add rules to firewalls, but they don't go back and take rules away. Some of our customers have thousands of unused rules that have been sitting out there for over a year. In one report, FireMon tells us there are, say, 1,000 rules that can be taken out and it gives us the ability to disable those for a year and to track when we made our changes. After a year, we can go back and eliminate the rules, to bring the configuration down to an almost human-readable level.

It also identifies risks in your environment and helps to prioritize fixes. It actually rates the risk level, meaning you look for the red and try to bring everything to green.

When it comes to documentation, they need to start putting together a basic command manual. With Cisco, you can look up a command and it gives you examples of three or four different ways that command can be used. It tells you how to put it into the GUI and the CLI. FireMon does need to start doing that. Right now, I use their tech support for that. They give me a command and I create my own book.

I have been using FireMon for four years.

I have use cases where it's been running for two and a half years, and I've never had a problem with it. They're smaller companies where there aren't a lot of changes going on, but FireMon is just clicking away the whole time. It's stable.

Once it's put in, you pretty much walk away from it. You come back every morning to see if anything is going on and, if not, keep moving. It has made life a whole lot easier for us.

It's very easy to scale up or down.

Every time we get a new customer, we put it in. The customer has to have a VM set up for the hardware requirements of FireMon, or we won't monitor their systems.

They're very quick. They usually have the answer in a short period of time, and the maximum is no more than a day. Most of the time I just need a command and I can put it in on my side to verify, and that's it. I need to see what's going on. I'm a hands-on person. I don't like to sit back and watch other people do things.

Positive

We started with another solution called ManageEngine Firewall Analyzer, and we had that throughout our customers' sites. We recently started moving things over to FireMon for our old customers. If you run into Firewall Analyzer, run, don't walk, to the nearest exit.

Firewall Analyzer was so labor intensive just to do a report. You would tell it to look up an IP address and create the report, it would create a 20-page report, but you'd end up having to do that 20 times until you got the entire report. It could take six to eight hours to do a report. With FireMon, I hit "report," walk away, and it says, "Hey, your report's ready."

The initial setup is pretty easy. I have three engineers who work on setups, and it took about 20 minutes, walking through it twice in the sandbox. It's pretty easy to set up.

There are two aspects to the setup. There's the basic setup of getting the application working, and there is the advanced setup of putting firewalls into the application. The basic is so basic that it's ridiculous. I could probably answer all the questions a customer might have and send it off to them and they could do it by themselves the first time. The advanced is a little bit more hairy because you have to make sure everything is in place.

At each of our customers, we assign at least two people to do the reports.

The maintenance is lightweight. The only trouble is in the upgrades. They take a little bit of effort, but they only come out once or twice a year. Sometimes, you don't need to do the upgrade because the change isn't applied to whatever site you're working on. Sometimes an upgrade is easy, and sometimes it's reformatting a database and that takes a little bit more effort. But you don't do it. FireMon has a script all set up. It's just that it takes a little bit longer to watch it do the upgrades, as compared to doing it ourselves.

Our ROI is the FTEs a year that we're saving. The solution is not even close to the cost of an employee. It might cost that employee's health benefits. We're saving double the amount of money we would pay a person.

There is sticker shock on Firemon's pricing because it is done per device, but I'll guarantee you that it's well worth it. For each of our customers, we save at least one FTE a year. We would have needed 20 more people in our organization without the FireMon application.

When it comes to real-time compliance management, FireMon is much better. I've looked at Tufin and one other competitor, but FireMon has the most accurate best-practice reports. Tufin was our least favorite of the three. The other one was pretty good, but it looked a little bit immature. You had to create all the stuff you needed to do, while FireMon had everything already created, so it was the logical choice.

My advice would be to get familiar with UNIX commands and the VI. Those two are very helpful when you're working on the CLI. Otherwise, the GUI is so easy.

Security Manager, which is what we're using, doesn't automatically warn you when new firewall rules and changes to existing ones violate compliance policies, before they are deployed. However, there is another licensed aspect to Security Manager that does have that ability. What I have will tell me that somebody has made a change, what it was, and when it was made, but for the solution to make it a judgment call, I'd have to license another portion of Security Manager. It will even tell you where to put something. You put the entire enterprise in, with 60 firewalls, and you say, "I want to do this." It will say, "Okay, put it over here on this firewall, on this interface." You don't even have to think about the design. It does all the work for you.

If a colleague at another company said that firewall policy cleanup and management is important, but it's just not a priority, I would tell them that's a misconception. Any rule out there that hasn't been looked at, at least yearly, can become a security problem. Leaving that open, someone else can put another server in its place and now have open ports because you didn't remove a rule that's no longer in use. That's a very big security hazard. You do not want to leave rules in that aren't being used.

I've seen that happen in many companies that I've worked in, where a server had a lot of ports open because it needed to have them open for that application. The server then went away and then someone put another server in there and it automatically had all those rights. You didn't even know that it was changed. All you saw was a name change, and didn't realize that all those open ports are now a security violation because they applied to the old server and not the new one.

Having used it for so long, I'm so inundated with it that I can't see much that needs to be improved without a major redesign, and I can't even see that. When we're putting in automated changes it takes effort, but you realize that if it was too easy you could mess things up pretty quickly. I prefer it the way it is. I really don't want it changing.

It's the only tool we use for our security area that is worth anything.

On-premises