FireMon Security Manager Reviews

We use Security Manager for firewall changes, monitoring, and audits. 

FireMon makes it much easier for us to track firewall changes and perform audits. It has made our compliance process more efficient. Before we implemented FireMon we had to go into each individual firewall and check the rules. Now, we pull a report, and that's it. 

We can monitor and implement changes across different firewall vendors. It lets us clean up our firewall rules regularly, which we do as part of our audit. It helps us save time managing firewall policies. We don't make changes to our firewall policies through FireMon, but we use it to track changes across various firewalls. It makes our internal processes more efficient and improves our visibility. 

It reduces risks. Better visibility and cross-vendor integration give us more control and context about potential changes. Having a product for monitoring critical changes is crucial for our security posture. 

I like the Security Manager console where we can see any changes that have been made or pull the results of an assessment and control the policies that we implement. That's useful for regular audits and monitoring some critical events we want to know about. We can configure alerts that notify us about policy changes. This is pretty beneficial for monitoring and helps us track changes in the projects. 

We've had recurring issues managing FireMon's internal backups. Sometimes, the space allocated for the backup is full, and there is no process where it deletes files that are older than I certain date. It's just waiting for the storage to get full and then it's cleaned up. It isn't something that creates serious issues for us.

We have used FireMon for about two and a half years. 

FireMon is more or less stable. We've had some issues with backups failing. 

I believe that FireMon is scalable. 

I rate FireMon support seven out of 10. It varies depending on who you get. We sometimes get a highly knowledgeable agent, but other times, it seems like we just go in circles. It sometimes takes them a while to understand what we want. 

FireMon professional services helped us during deployment, and it was relatively straightforward. Deployment took us around two months. 

FireMon is working on our project scope. We save some labor power on our side. 

I rate FireMon Security Manager eight out of 10. It has many more features than we use, but we have a limited scope. I think we could've done more had we used that momentum when we were implementing it. 

Even if you think having a firewall management solution isn't a priority, the FireMon can provide more visibility and make some tasks easier, faster, and more efficient.

We were excited in the beginning about this solution because we have multiple firewalls in different regions, and so many rules. We wanted to find a solution that could organize our firewalls and remove the unused rules and redundant rules.

We use FireMon Security Manager. We don't use the Policy Planner or Policy Optimizer. We don't have a license for them. We started with a limited license and said, "If things go well with this, we'll go to the next step."

The solution has helped when it comes to the time and effort required to create compliance reports.

It has also given me some confidence in the changes I make. Before, I was very hesitant to make changes or remove rules. Now, FireMon has decreased the time I spend on that by 50 percent.

FireMon has also helped us when it comes to misconfigurations that increased risk in our environment. That is something that I have just discovered recently, when using it.

Compared to other applications, it is user-friendly. The appearance of the menus and titles is clear and they are easy to follow. Of course, it requires some experience through using it, to go through everything, but it is not very difficult. It is an easy application to use.

During the first year of use we mostly reviewed the results FireMon gave us and used that time to learn about it. We did not go with the recommended changes in-depth, and we did not have many problems. But this year, we tried to go into the details and follow the recommendations. It helped us to remove and clean up a lot of our redundant rules, historically. But in the meantime, especially when we tried to do some advanced rule consolidation or cleanup of historically unused rules, we encountered problems.

The solution does not detect traffic or activities that come and go through our local or site-to-site VPNs. So when we cleaned up some of those rules and encountered issues, we actually had to put them back.

It's not just the VPN, but it also misses some of the rules. Two weeks ago, I cleaned some rules with the FireMon. I ran a report and FireMon suggested that certain tools were not used. When I removed them, while it didn't bring our environment down completely, a lot of our environment started malfunctioning. Our backup system did not work, nor did other things that involve internal and external communication. We are not comfortable with what it did. Since then, I have been busy the whole time just reviewing all those rules and restoring some of them.

FireMon also does not detect the rules with UDP. That's another problem.

Another issue is that our compliance team wants to do some consolidation but that is also a problem because FireMon recommends consolidation based on the ports that we open. We have a grouping system with multiple groups. Under the consolidation grouping, FireMon suggests only based on the port. For example, if we use port 22, we have to share it across the board. It disorganizes the groupings that we have. So the consolidation is not working very well.

Our compliance team also creates reports using FireMon, reports that they send to me. Sometimes I can follow those reports, but most of the time I cannot. In the last two days, I received two huge reports on unused rules and I cannot really use them. At the same time, I'm using my own judgment and my own due diligence. When I doubt a rule, I go back to the firewall and run the history and compare things to help me decide. The problem is that if I always do that, it will take me a lot of time and the solution ends up being 50 percent useful and 50 percent not useful.

I have been using FireMon for roughly two years.

I guess it is scalable, but there is room for improvement. 

I was not involved in the setup of FireMon but, later on, when I became involved working with it, I approached FireMon personnel through remote conferences and remote meetings. They helped over the course of several sessions and that was helpful.

Their technical support is very good, very responsive, and very helpful. They follow up on issues.

Positive

We did not have a previous solution. We just relied on regular reviews of our firewalls and rules by looking at the history.

The pricing was very good during our initial year, but they increased it this year a little bit. The price is okay. It is not cheap, but it is still average.

It is not a bad tool. I still recommend it and I'm not against it. I recommend it because, overall, it has helped us to remove and clean 15,000 to 20,000 redundant unused rules. When we cleaned those, we were confident that they were not usable. They were very old. But we didn't just rely on FireMon's report. At the same time, we used our own judgment. When we blindly relied on the FireMon report, it created issues.

It's a good solution, but it is not something that you can 100 percent rely upon. It is a useful tool. At least it will help you up to a certain percentage.

We work according to the risks FireMon warns us about, but some of those recommendations are false alarms and others are valid. If it gives us 100 warnings, about 10 of them are valid.

Despite all the shortcomings, we still prefer to use it. At least we get some good recommendations and suggestions in the reports. We like it, despite the drawbacks.

We have a single server and we're a small group. We use FireMon to track all of our firewall rule changes.

The security section lets you see where your unused rules are and it lets us go in there, optimize it, and make the firewall more secure.

FireMon saves us a lot of time and it's nice because if you're adding a rule that's similar to another rule, it'll tell you so sometimes you can just edit the one and add another source or destination in there without creating a duplicate rule. It enables us to consolidate and have fewer, more meaningful rules. We're saving around 30% of our time.

I like the dashboard for the security section of it. It helps you identify the higher risk rules on your firewall so you can mitigate the ones that you were not aware of.

When it comes to real-time compliance management, we can use it to push out rules. We do that manually. But it's a great thing to be able to track and do everything because we were doing all that manually in the past and trying to go back and find something that we had done in the past the manual way was not working well.

FireMon decreased errors and misconfigurations that increased risk in our environment.

It also helped us to identify risks in our environment and helped to prioritize fixes. It does that through the security dashboard. It lists recommendations, zero-hit rules, and things that you just have out there that aren't being used.

It's been great for our security posture. Every hole we button-up is one less out there.

It comes as a Linux appliance on a server and we're not a Linux shop, we're more of a Windows shop. It would be great if they could automate or integrate the backups into it and other things through their GUI interface, just to make the management of Linux a little more transparent.

I have been using FireMon for two to three years. 

The stability has been great. We have not had any problems whatsoever. It's very reliable and always available.

We're a small shop. We have everything on a single server, but I know you can put it across multiple servers for larger organizations. We're just not one of them.

There is one network engineer who uses it. But we have about a dozen people on there all together who are system admins that add rules.

We have our main site and a remote site, so it's two firewalls.

It's at 100% of the implementation.

Technical support has been very good. They always answer my questions. They'll stay on with you until they resolve the issue.

FireMon is a totally new implementation. We previously did everything manually.

We chose FireMon because it was recommended to us by the auditors and it was time to automate it as much as we could.

The initial setup was straightforward. We sat back and they installed it for the most part.

I don't remember anything bad about our FireMon consultant so I'm sure everything went smooth. We set up the servers, they set up a backup server and they had everything working when we got off the phone. They also had some additional training online for me, which I found helpful.

Our ROI is that it saves time and helps us improve security. 

Other than the initial purchase, we just put in for the renewals every year and somebody else worries about budgeting and everything. 

We haven't been using it for compliance at this point. The auditors use a different application for compliance. So we've been running that to check with security compliance.

I would rate FireMon a ten out of ten. 

We only have security management. 

It was deployed on-prem. It used to be on the hardware, and there used to be an appliance, but we have switched to a virtual server. We are now on a VM.

It is a good product. Previously, we were using only spreadsheets to compare the usage, but now with FireMon, we are able to clean up or review the policies to some extent. It is still a work in progress, but we are at a good stage now.

Its reporting can be improved. I am the only one who works a lot with it, and I am having problems in terms of reporting. In the case of Palo Alto, I'm okay with it, but with some of the Cisco devices, such as routers, when I provide the reports to other teams for review, they always say that the hit count is incorrect. So, I was struggling for a long time to work with them. When working with other teams, they have a lot of questions about reporting, such as how it reports, and we are still struggling with that.

I have been using this solution for more than five years.

It has been stable until this year when we had three weeks of downtime. We had an issue with data collectors, and they couldn't figure out what the issue was. They were troubleshooting for more than two weeks. It was up and down. It was probably related to the hardware because since we have moved to the virtual machine, we haven't had that issue.

It is a capable solution. We are in the process of buying more licenses and adding more virtual machines. We started with 20 licenses, and now, we have more than 60 licenses.

Their support is nice. They are very good.

I am not aware of any previous solution.

I wasn't there when they installed it.

It is a very good product. I always tell others to have FireMon people come and give a demo. I encourage people to try it out. We only have security management, but it is really a good product. I have attended a couple of their webinars, and they have a lot more features for more usage and value. It is a capable product. If our company had sent us for training and we had got to know more about the product, it wouldn't have been so hard.

To a colleague at another company who says that firewall policy rule clean-up and management is important, but it is just not a priority compared to other more urgent items, I would say that it is very important. Sometimes, a firewall is created temporarily, and if you don't know, you will forget. So, the usage and hit count information is very important.

In terms of compliance reporting, we have set it up for compliance reports such as PCI, but we didn't use it that much. Similarly, in terms of identifying the risks in our environment, it does show the changes, but we aren't yet able to prioritize them.

It is helpful in automating firewall policy changes across large multi-vendor enterprise environments, but we only have two vendors. We were earlier using it only for the Cisco environment, and now, we are using it for Cisco and Palo Alto. We will probably use it for the core environment. Overall, it notifies you, but we are still not using it that much.

In terms of the clean-up of firewall rules in a large enterprise environment, it didn't affect us, and that's because we are not doing it in the right way. We probably need somebody to help us on that one because we gave them the report, but they haven't cleaned it up. For Panorama, they use their own reporting, and we have to correlate them. One thing about Panorama is that if you have a rule from 20 years ago, and somebody is still modifying it, it doesn't update the new person's name. It doesn't ask you to put any change number. I know FireMon is only pulling the data, and it is not pushing the data, but I wish that it was pulling the changed data. The last time when I talked to FireMon, they said that they are just pulling the data. They don't go and push any data. For that reason, we don't have that much data. So, we have a report, but we haven't used it much for clean-up. We should use it in the future more. We also haven't used it to create a lot of policies.

I would rate it a seven out of 10.

We act as a business partner for our clients. We're implementors. Each client has a different use case. 

The solution is very stable. We haven't found there are any issues with its reliability.

The product scales well. You can really expand it if you need to.

This product is very simple to use. In that sense, it's one of the best on the market.

The technical support is very good. They've always been helpful.

I personally have started using it recently, therefore it's hard to pinpoint if anything is lacking. I need more time with the product.

The cost of the solution is pretty expensive. It would be ideal if they could work on their pricing.

My company has been using the solution for around five years or so. It's been a while at this point.

The solution is very stable. We've found it to be reliable. It doesn't crash or freeze. It's not buggy or glitchy.

If a company needs to expand the solution they can. The product is very scalable. We've been satisfied with it.

We've currently applied for 20 users.

We occasionally need the assistance of technical support. We've always found them to be helpful and responsive. We're satisfied with the level of support we get.

The installation is pretty straightforward. It didn't take much time to install. It will take around 10 days of time to install in an environment similar to ours.

We have 30 people that deploy the solution to different organizations.

We're the deployment team. We implement this solution for clients.

The solution is expensive. It's not the cheapest option.

We've pre-paid for the license. We don't have to pay for it on a monthly basis.

We're using the latest version of the solution currently. 

I'd rate the solution ten out of ten. I've been very happy with the product overall. 

I'd recommend the solution as it's so easy to use. Clients are very happy with it.

Our main use case is the monitoring of changes on our firewalls. Another of our use cases is keeping firewall rules in good shape by doing regular rule reviews, using FireMon's built-in categories for rules and even deploying our own. Additionally, we used FireMon when we did internal firewall migration, meaning we were switching to a new generation of firewalls.

The solution has decreased errors and misconfigurations that would otherwise increase risk in our environment.

In addition, when we migrated to a new generation of firewalls, FireMon was of help when doing a first benchmark of the new solution and the initial setup.

It also identifies risks in our environment and helps prioritize fixes for them. The compliance module in Security Manager does that by watching overall rules and any changes, and benchmarking them against a pre-setup set of controls. It notifies us if any control has failed. That's how we monitor whether our firewall rules are compliant with a pre-set benchmark.

Firewall policy rule cleanup doesn't need to be a priority for a company to justify using FireMon, given that it makes that job much easier and faster. That means you don't need to allocate as many resources to do that work. It's now incomparably easier to do things like a rule review.

Overall, our monitoring and compliance are on much higher levels. The visibility we have into our firewall rules is much better now than it was prior to having FireMon.

One of the most valuable features is the compliance feature, which is something that we really utilize in Security Manager. It has a set of controls that we tuned a little bit from the way they came out-of-the-box, and created a custom set of rules that we are monitoring and that we want to have inline in our environment. It's a very good solution for real-time compliance management.

And for the cleanup of firewall rules, it performs really well for us. We utilize it in our regular rule cleanup tasks, several times a year. FireMon is our primary tool when doing that, either by going through its out-of-the-box compliance rules or using it to search for certain things in our rules that we want to prune from our firewalls.

When it comes to real-time compliance management, something that is missing is alerting on certain, predefined controls. It would be good to have a predefined set of controls which, if not complied with in a newly set up rule, would create an alert for us. That is something that is missing, out-of-the-box. We have tried to work around it by setting up email notifications, but it would be nice if it came with the product. That would really turn it into real-time monitoring for us. 

The workaround works for us, and the out-of-the-box setup is also good, but it expects you to be constantly watching and monitoring the solution itself. That's a bit hard when you have more than one solution to work on. You cannot just watch one and keep an eye on it for something that's non-compliant. Having an alert would be much easier for us. Still, it's a good tool for that kind of monitoring, for us.

I have been using FireMon for about two years.

FireMon is quite stable. We haven't had any stability issues with it so far.

It's quite scalable. The process of adding modules has gone quite well. Anytime we have needed to increase it, there hasn't been a problem.

We use it extensively; if not on a daily basis then on a weekly basis. There are periods when we use it even more intensely when doing reviews.

They really give us great support. When thinking of the level of support that we get from some other vendors, FireMon's support is really good. They have a good, knowledgeable support team around the world. We have offices in Europe and California. Whenever we have had any type of issue and have needed their support, whether the issue is in Europe or California, we have had really great support from them.

We did not have a previous solution.

We had a FireMon support engineer for the initial setup and it looked fairly straightforward, but it definitely needed some FireMon knowledge. Since then, we have onboarded a number of new devices in FireMon on our own, and that part is quite straightforward. But setting up the system itself is something that requires the knowledge of a FireMon engineer.

For the deployment, there was a month of weekly sessions with the engineer to get it working.

We have three people, within our security staff, who are using FireMon regularly. The three of us were involved in deploying and we work on maintaining it. It's a shared effort. None of us is working full-time on FireMon.

There are no costs in addition to the standard licensing fees.

We talked about other solutions with different partners, and based on that we decided to go with FireMon. We did have a proof of concept with them before going live, and we liked it and the options it had, so we decided to go forward.

The most valuable feature is the Firewall reviews for our company compliance.

The review process is an area that needs improvement. We would like to review the rules and be able to make comments.

The advanced features are complex in setting up the rules.

I would like to see level mapping available with other products improved, to allow other products to build the level mapping. It does not have an export in Visio.

I have been working with FireMon for half a year.

We are using version 8.

This solution is stable.

It's a scalable product. We have five to eight people who are using this solution in our company.

Technical support is fine. I don't have any other issues.

I have not worked with any product that is similar previously.

Most of the setup was easy for us, but the advanced features are more complex.

Pricing is reasonable.

Licensing fees are paid every year.

It's a good solution that is stable, I would recommend this solution to others.

I would rate FireMon an eight out of ten.

We are resellers. All of our clients are enterprise companies. 

The firewall assessment feature is great.

FireMon could be easier to use and flexibility regarding reporting could be improved. 

I have been using FireMon for six months.

FireMon is both scalable and stable. 

I've never had to contact technical support. 

I used to work with AlgoSec. They are both very good products but they target different customers in our market. One is more expensive than the other. One is more simple than the other to use. For this reason, we decided to go with FireMon. The profile of our customers is more related to FireMon than AlgoSec.

The initial setup was very easy.

FireMon is cheaper than AlgoSec.

My advice is to make sure you choose the right reseller because it's not a product you should use by itself.

Overall, on a scale from one to ten, I would give FireMon a rating of eight.