FireMon Security Manager Reviews

The primary use case is for compliance and monitoring of firewall changes. This solution allows us to secure our firewalls.

It is the single place where we go to review all of our firewall changes. The solution makes it easier for us to track all the changes made. It is a central place where we can look at all the firewall rules, because we have three different firewall vendors. It saves us time and creates efficiencies by looking at the general picture. 

This solution has helped to clean up rules that had not been reviewed in several years. It is used for all of our firewall changes. At the moment, we are not looking to do more than use it for that.

This solution has helped to reduce our overall audit time. We are under PCI, so it was a requirement. We had to do something like this, and it just made it easier. The solution was prebuilt to do that, and we didn't have to build our own spreadsheet.

The most valuable feature is being able to review all the firewall changes in the Policy Planner, and then in the policy review feature.

This solution provide us with comprehensive visibility of all our devices in a hybrid network.

It is fairly straightforward to use.

We had a few minor issues with it. However, it's worked pretty well for us overall.

The stability has been fairly decent, but there have been a few issues. My coworker has had some issues in the past where he has had to work with support.

It seems fairly scalable.

There are not a whole lot of users. It is mainly just my team. Every once in a while, one of my users will submit a request for it, but that doesn't happen very often. It is primarily just my team.

From what I have heard, the technical support is fairly good. However, I have not used them in a few years.

I didn't really have another solution that I was using before it.

We had it when I started here five years ago.

We had another guy who primarily worked on the setup because he actually used to work at FireMon. So, I haven't really done the setup on it in quite a few years.

The deployment was fairly straightforward.

We did the implementation in-house.

We have one guy, who previously worked for FireMon, managing the solution right now. 

We pay for it yearly.

We might have looked at Tufin.

It is fairly straightforward to use, and I haven't really had a whole lot of issues with it.

This solution provide us with end-to-end change automation for the entire rule lifecycle of firewalls. It does it from the request, then all the way through the approval cycle.

We really haven't done much with this solution’s cloud support automation for public cloud platforms. We are just doing on-premise.

We use it to go through unused rules, for cleaning up stuff. We have a bi-weekly meeting where we go through firewalls and look for any unused rules or any rules that are redundant and any high ports that are being used that we're not supposed to use. 

We want to eliminate all firewall rules that have FTP access on them. We don't want to use FTP any longer. With the help of FireMon, we were able to go in and check all the firewalls that have rules with FTP on them and we opened up a project with the network team so we could eliminate all those rules.

FireMon has been very helpful with closing visibility gaps we previously had. Since I got here, it has helped us dig into stuff. And whatever help we need, any projects we have that we haven't been able to figure out by ourselves, they have gone in and helped us out.

I called them once because I wanted to see if they had a report that I could run for rules that have not been used in 365 days. With their help, I was able to run that report and provide it to the network team so they could eliminate those rules that had not been hit in a year. The list I gave to the network team had 7,917 rules.

Finally, the solution has helped to reduce our overall audit time by about 50 percent. That's awesome.

I'm working mostly with the Security Manager part of FireMon. It gives me an eye on everything that's out there, everything that I cannot see. Because I'm not a network admin, I cannot go to a firewall itself, but at least I have FireMon so that I can go in and view everything that I want to view. And I can eliminate whatever I see that is wrong.

We also use FireMon to conduct a full inventory of our assets so that we can secure everything. For example, our parent company has three retail brands. The other day, my director asked me for an inventory of all brands: every firewall, Cisco device, whatever we are using, and to give him a break down. I was able to go to FireMon, grab everything, put it in an Excel sheet, and break it down by brand and by DMZ and PCI environment as well.

In addition, it's very easy to navigate. Very easy.

We're working on implementing FireMon with our ticketing system service now. Having that would be an improvement. I believe they said that they are working on that for the future. That would help us out a lot. For example, when somebody wants to open a request for a firewall change, we'll go through ServiceNow, and then go through FireMon, make the changes, and make sure everything is recorded, who did it, etc.

The stability is very good.

The scalability is great.

Technical support is very helpful. On a scale from one to ten, I give them a high ten. You can either use their User Center and open up a ticket via the web, they're pretty quick about it, or you can call them directly. They have a number to call their Help Desk and they pretty much pick up right away. 

They'll go into your machine right away if you need help. I have hardly escalated anything to a Level 2 or Level 3 because right away, whoever picks up the phone is knowledgeable and will resolve it.

I'm not sure if FireMon has saved us money, but I know it has saved time in cleaning up the whole company and has helped reduce all that ugliness that we had.

We pay on a yearly basis but my manager takes care of it. Regarding additional costs, if you want things like Policy Optimizer, extra features, that's extra.

Before the parent company bought us, we used to have another product - I don't want to say its name - but it wasn't like FireMon. FireMon is way out there. It has all these features. I'm still learning it and I have almost a year-and-a-half of experience using it. It just has a lot of stuff that my other tool did not have at all. There's so much visibility in it and stuff to play with that my other tool did not have. I really like FireMon.

One of the products I used was Tufin. It wasn't like anything like FireMon. You couldn't do the stuff you can do with FireMon, in terms of the Policy Planner option and the Policy Optimizer. All you could do in Tufin was view the rules, how many hits; basic stuff.

In terms of what I've used so far in my career, FireMon is one of the best. Try it out, it won't hurt. Give it a shot. It's the best, for me. It has everything that any company would need. It's easy to navigate, there is a lot of helpful stuff in their User Center, in their Knowledge Base. Everything's there. You don't really need to bother them a lot. If you want to know something, they have documents in their User Center. It's a very good product.

In terms of FireMon's cloud support automation for public cloud platforms, we did ask for that. We are actually going to the cloud in a few months. We just asked that question last week. They did say that they do support that, but that's all we've talked about in terms of cloud.

We use FireMon every day. And we have plans to increase usage. Where I came from, we only have regular firewalls in there right now. We're looking to implement our retail stores' firewall devices as well, which is about 200 stores. We're definitely going to implement that so we can see our retail stores' environments in it.

We do have Policy Planner, but I haven't started playing with it yet. We're also looking to get Policy Optimizer, but we still haven't gotten the license for it. Security Manager is the one I mostly play with.

When I came to this company, I have to say, they were very sloppy. That's why they gave me this role, to focus on stuff like this.  We have cleaned out a lot in a year-and-a-half and we're still cleaning. It's so big, so many firewalls out there.

We have the network team as read-only users. There are about six of them on that team. The network team members are the ones who handle the firewall; they're the ones that make the actual changes. So sometimes they go into FireMon and run reports to view things. I don't know what types of reports they run, but we gave them the read-only access for that. In addition, there are three admins: me, as an InfoSec ops technician, my coworker, and my manager. My director is also a user. For deployment and maintenance of FireMon, it's just me and my coworker.

I rate FireMon at ten out of ten. I am very happy with the tool.

We use it for firewall cleanup, redundant rule removal, and unused rule removal.

We are using the solution to identify anything that might have overly permissive rules or things outside of PCI compliance. We use it to proactively find those kinds of issues. There's more we could be doing with it for sure, we just haven't had the time yet.

We currently have it covering every single firewall we have, which is a lot. There are potential plans to add routers and switches into it again, or even start adding in hybrid cloud solutions, things like that, that we won't be able to see. Honestly, we won't have a single pane of glass without FireMon, so we do have intentions of deploying it at a larger scale, and actually turning on some of those features which we don't use today.

We have some really complex firewalls out there, a lot of rules - too many rules. It's to the point where the firewalls become physically unhealthy. The config is so large that the hardware can't keep up. FireMon allows us not only to very easily identify those firewalls that might be getting overly complicated, but it also allows us to easily remediate those complications. It's probably saved us a lot of downtime that could have resulted from firewall issues caused by the config.

It helps close a visibility gap we previously had. For example, Cisco's primary firewall management tool, either using command-line or GUI, does not cover all the appliances at once. You have to go in one-by-one. FireMon is able to see across every appliance, in a single view and that makes it easier to manage things.

In addition, it reduces our overall audit time. I don't deal enough with the audit side of the house to know by how much it has been reduced.

I have found the reporting on unused rules and redundant rules to be the most useful to me. We run those reports and then we can come back and fix things that are bad.

And overall, the reporting mechanism for anything is pretty good. We use it to baseline, to make sure our configs are accurate across all of our devices.

It provides us with a single pane of glass for our on-prem environment, to see configuration. We have not implemented into the cloud yet. We can search for an object group and see where it lives on any firewall in the enterprise, or find security rules no matter what firewall they're on. We don't use the automation feature, which means we don't do a deployment of any changes, so we don't yet have a single pane for deploying all policies. We know it's capable, it's just that we don't have that function on.

Some of the core functionality in our environment doesn't seem to work. We will get buggy code releases. They need to work on their Q&A of every code release. Too many bugs pop up between releases, and that's where I would like to see the most improvement.

It's recently become much more stable. We had an undersized box, and FireMon actually gave us a very much bigger server for free, which was very good of them to do. It brought our stability to about 99-percent-up.

It's highly scalable, as long as you have servers. You can scale it to pretty much anything. We've had thousands of devices in it.

There front-end technical support is really good, very responsive. To me, it takes a little bit too much time to resolve some issues, but that's to do with their development team, so I don't know if that should get lumped in with support or not. But the time to resolve problems that we identify is something of an issue. I'd give tech support a six out of ten.

We did not have a previous solution.

The initial setup was on version 7, which is a totally different ballgame, but the setup of both versions 7 and 8 were straightforward enough for me. I can't imagine something being much easier. It required minimal configuration and the documentation was excellent on how to set it up on your own. It's just easy.

A single-server deployment wouldn't have taken more than a day or two. We did multiple virtuals so we got slowed down by our virtual team building the servers. As a result, it probably took a few weeks. But that was not because of the product, it was because of our own internal teams.

Our implementation strategy was just to get the system up and running and onboard all of our firewalls into it.

I deployed it mostly by myself.

In my opinion, we have seen ROI. We're able to share data that other groups need, by harvesting it out of FireMon, which is extremely powerful. Another group can look up their own NAT, for instance, even if they're not very savvy. It has helped reduce a lot of casework that was coming into our queue, that was along the lines of, "Hey, what NAT does this belong to?" 

Going back to the complex rules, it has literally prevented devices from falling over and dying. It's maintained uptime, which is invaluable when you're dealing with millions of customers connecting through one firewall.

Our licensing is done yearly. There are different levels of support to pay for, but there are no hidden fees. The pricing is very good, very straightforward. It also came in cheaper than AlgoSec and Tufin.

We demoed and looked at other solutions but we did not implement any. AlgoSec and Tufin were the two main solutions that we checked first.

In the end, it really came down to the support. FireMon is more attentive than these very large companies, and we needed that attention. Their attention to our needs is what sold us on the product.

Make sure that you get the correct hardware for whatever size environment you have.

End-to-end change automation for the entire rule lifecycle is not something we're using yet. It's something that I'm looking to get a beta for.

There are about 20 people currently using the solution. However, the functionality allows us to extend the information that FireMon can gather out to hundreds of people, if not more. In some ways, there are hundreds consuming the information that FireMon gathers, and using it in some way. Network security engineers are the primary consumers, and network engineers are another consumer. In addition, anything related to our audit teams means those guys consume the data.

Two people could do deployment and maintenance, although I tend to do it by myself.

I'd put FireMon at an eight out of ten right now. To me, ten is something you only get if have no bugs or have very few bugs, and everything works perfectly. If you want a ten you've got to be perfect. I don't think any product would get a ten from me.

Optimizing and cleaning firewall rules and objects to maintain the security of the firewall and other devices.

Not experienced yet with the product. We are still doing our evaluations and having other discussions with different vendors to understand product capabilities.

The Policy Optimizer and Firewall Manager for different brands of firewall. 

Continuous firewall policy improvement should available out-of-the-box for firewall operation. We are also looking for more integration with SIEM and other tools.

The version is an important choice for the product.

• Vendor agnostic when it comes to integrating with other product.
• Reliable
• Excellent customer support

This product has enabled Kaiser Permanente Clinical Technology technicians with proactive/remote monitoring of highly critical systems.

A phone app would be nice. This is the reason why it is not perfect yet.

12 months.

No problems.

No problems.

A 10 out of 10.

No previous solutions were used.

Since a non-IT person like me was able to setup the system from scratch, I would say that it is not complex at all.

Relative to what it offers, the price is fair.

FireMon Immediate Insight was the only product that would work for us, due to the limitations that the Clinical Technology Department has at KP.

It is a very versatile and sustainable product.

Policy test, access path analysis, and change reports.

Policy test and access path analysis tools in Security Manager enable me to find existing firewall policies quickly across the enterprise, troubleshoot, or to help choose the optimal path for proposed rules. Change reports on the device dashboard show us at a glance what was changed in a particular firewall config, by date, so we can easily troubleshoot problems with implementation.

It streamlined the firewall policy change management process by having all firewalls managed in one tool, and a workflow customized to our needs.

Policy Planner requirements section is good, but could use some improvement to allow flexibility to enter different types of requests (modifying an existing policy, object or service group, for example) in a structured task format that can be auto-verified.

4 years

No issues with stability.

No…we easily added a second data collector when needed.

Excellent.

Excellent--tech support engineers go above and beyond to answer questions and resolve issues.

We previously used separate database applications to route change requests for approval, and did not have a tool likeSecurity Managerwith visibility into all the firewall configs and activity.

Infrastructure was simple to set up, but custom workflow was complex, due to customer regulatory environment necessitating a lot of customization. FireMon Professional Services was able to accommodate, though.

In-house project management and equipment configuration; vendor install in the data centers; Firemon Professional Services for extensive custom workflow development.

Pricing model seems fair. Make sure to separate active versus inactive devices, and primary versus standby in HA pairs, as there is a significant cost savings for licensing; licenses on the applications are perpetual.

Customer evaluated other products, but chose FireMon due to its features and rating on Gartner.

Review your current operational requirements and processes well, and determine what can change, internally, to take full advantage of the standard FireMon processes.

It was used for firewall change review. For our company, it became an invaluable tool for auditing purposes.

It allowed us to track every change made to the firewall. We were able to see who made the changes, when the changes were made, and exactly what was modified.

We monitored multiple firewalls. In the version we used, we had to check the changes made on each firewall individually. We didn’t see a condensed list of changes across our environment.

I used it for 1.5 yrs.

We encountered minor issues with FireMon and its collection of data from Palo Alto firewalls. It required a small amount of additional time with system engineers on our side and on FireMon’s side to complete the deployment.

The customer service was excellent.

At the time we were using the product, it did seem like the tech support staff was very limited in size. I am sure they have grown more since we used this product.

We used another product (Tufin). For us, we needed to make a change because they lacked the ability to support Palo Alto (at that time). FireMon was a better fit with that firewall.

The initial setup was straightforward. Minimal support was required to complete it.

We implemented it through an in-house team. We required minimal assistance from the vendor.

There are very few products that can do what FireMon can. I would definitely recommend it if there is a need to review firewall changes.

The ability to audit our firewall rule base is my favorite feature. It allows us to determine which rules can be removed and it helps us reduce our security footprint.

Over the past two years, we have been able to identify a bunch of rules that were orphaned and no longer have any need.

These rules were exposing our organization to undue risk associated with devices being exposed to the internet that shouldn’t have been exposed.

We use the feature to identify some rules that were no longer needed. That helps us reduce our overall, organizational risk profile.

What's funny is that if I had been asked eight months ago about areas with room for improvement, I would have said the product in general needed to be improved. It wasn't web-based. It was client-based and it was just kind of clunky.

In the last eight months since we upgraded to the web version, there isn't a lot of need for improvement. I feel like it is pretty good. Things have been a lot better for us since we upgraded to the web version. I'm happy with it right now and I don't have any complaints.

We’ve been using this solution for just over two years.

We haven’t had any stability problems. I had one or two minor issues since the upgrade, such as upgrade failures. I couldn’t get the system to accept a maintenance release. Those issues were resolved pretty quickly. There have been no stability issues, nor long-term outage issues.

We have a fairly limited amount of systems that are monitored by FireMon. Our box can support up to 20-25 devices. We only have eight devices to monitor. We still have a lot of overhead. We haven’t noticed any slowdown issues or any problems of a scalable nature on the device.

Back then, it was client-based and the setup was not so straightforward. Most things worked well right out of the box.

Although I haven’t done an actual setup after it became web-based, I can see that it is much easier. You don’t have to download a client. You just have a website. There is no need for a command-line configuration to get it up and running. It was fine for overall level of difficultly before and I can assume it is easier now.

We did not evaluate other options. This was the first of its kind. I saw it at a vendor/expo demo and I was interested in it.

Our vendor that we work with threw it into a deal. We paid for support and they were trying to increase the overall install base footprint. They made a couple deals with us for a next generation firewall. I wasn’t budgeted to purchase it, but it was part of a deal, and it fell into our lap for next generation firewall monitoring.

FireMon is a very good product; is a slippery slope in terms of deployment. It can monitor all of your network devices and firewalls. I would imagine a lot of people probably use it for that.

We are a small organization. From a cost and work standpoint, we only wanted the ability to audit and manage our firewall rule sets. It’s been good for us in that way.

People need to think about what’s important to them based on a monitoring point of view, which is regulation-based. That wasn’t an issue for us. I recommend that people considered the best-sized solution for them. Give it a try. It’s worked well for us.

I would rate it as the best firewall monitoring platform that I’ve used, but I’ve only used FireMon.

We are a Palo Alto customer and this is a great tool to augment the Palo Alto tool set. It’s a very beneficial product. It fills the gap of things you can’t get with standard Palo Alto management, such as long-term analysis and knowing what’s really going on with objects and rules in the firewall rule base.