FireMon Security Manager Reviews

• The possibility to highlight differences between policy revisions
• FireMon Insight with FMSQL
• Hidden reports
• Rule usage/unused rules report
• Object usage report

FMSQL allows us to quickly query our ruleset to check which trafic is allowed. That greatly helps us to fill in the compliance report.

• Support of checkpoint clusters: Rule usage is logged for each cluster member but not for the whole cluster. It may lead to wrong conclusions when you clean rules.
• Comments with special characters (French accent) are not supported. So we can't use the report for uncommented rules.

I have used it for >5 years.

We first had FireMon 5 on Windows Platform. It was a pain in the ...

Now, with the FireMon appliances, you just have to connect your Check Point SmartCenters and ... enjoy!

I have not encountered any stability issues because we purchased Linux appliances.

We have quite a large Check Point environment (>60) with a lot of rules. Reports may be a bit slow but they are so valuable that they are worth the wait. Newer, beefier appliances may also be available from FireMon.

I don't have to deal with customer support, so I won't rate them.

With Windows, it was difficult to get support.

I only had to open once a ticket with the FireMon appliances; fast handling of the case.

I did not previously use a different solution.

Initial setup was quite simple.

I was not in charge of the implementation project. I think we installed the FireMon appliances on our own.

I'm not an accountant !!

FireMon has served as a change monitoring and notification tool for a number of years, but recently we’ve decided to utilize the policy review capabilities to automate our periodic firewall rule review process.

Our primary use case for Firemon initially was to perform change notification for our ASA firewalls. This was the case for about 5 years.

With the introduction of version 8, we decided to reconsider other capabilities of Firemon – specifically the policy review reports that show unused or duplicative policy rules. We intend to use these features to automate our firewall policy review process.

Instead of having to utilize a manual review process, we can automate most of the process. Change notifications for our ASA firewalls that do not have built in change notification is also automated for us.

7 years.

Yes, after an upgrade to version 8 from version 7, we experienced several issues with the Data Collector component. They were all resolved pretty quickly by FireMon support.

No.

FireMon’s technical support is capable and responsive. I’ve had no issues with getting the right resources engaged when I need them.

No.

The upgrade from version 7 to version 8 seemed to be unnecessarily complicated, so we opted to to a clean install on version 8, and have had no issues with using this approach. In fact, it helped us clean up our installation.

Understand that the licensing exercise, is intended to right size the costs to your actual firewall models, but that Firemon v8 does not make a distinction between firewall models in the tool itself.

No other solutions were considered.

Perform the installation and utilize FireMon support to optimize the installation. Perform a post installation review of the configuration a couple of months after it’s implemented and running so that you can decide what features to use, which are useful. There are a lot of built in features that aren’t apparent until you get the whole system set up, all of your devices discovered, and the system collects information for a few weeks.

Security Manager: It effectively manages the complexity and change associated with today’s network security infrastructure and has a good hold in the market.

It’s very helpful during our firewall and network devices audit, and also beneficial when backup is required of network security devices.

I am desperately looking forward to seeing FireMon considered as a good backup solution for network security devices, which can store up to the last 10 incremental backups. This way, the business can grow with multiple solutions to customer.

I have been using it for five years.

I have not really encountered any deployment, stability or scalability issues. Installation and upgrade are quite simple and easy.

Technical support is satisfactory.

Previously we were using AlgoSec, but it requires to be updated from time to time. Also, it wasn’t found to be a fruitful solution and has a lot of room for improvement.

We recently installed FireMon on VMware architecture and it was very smooth and without issues.

Implementation was easy and documents are available in FireMon Center, so the in-house support team implemented it without any issues.

Per-device license is little costly, but with such good features it’s understandable.

It is a good solution for audit trails and end-user visibility.

The Configuration Change Management feature was something we were interested in as it helped us to identify who made the change, when and why. Also, the workflow was easy to set up to ease operations.

The second important feature I liked was determining unused rules - rules placed incorrectly in the ACL - this helped us to reduce the load on the firewalls, thus we didn’t have to buy a new firewall due to high CPU or memory consumption. With the help of FireMon, we fine-tuned the rules and were able to save money for buying a new firewall.

As mentioned, we were able to ease the operations and set up a workflow that allowed the firewall and other network-related requests to go through a formal approval process. This helped to track who, when and why the request was done.

Also, removing redundant rules and placing the rules at the correct place helped lower CPU and memory consumption.

I would have preferred fewer updates, as there were quite a few updates made every now and then. Secondly, the Risk Management Module didn’t work well until you have the all of the subnets mapped. This can be improved.

I used it for two years.

I didn’t really encounter any deployment issues. However, sometimes the GUI used to crash when it tried to populate the device map; we had a lot of devices. At times, the map displayed fine, even though it took some time to show up; and at other times, the GUI crashed. This should be fixed.

Technical support was fine; they have good technical people. However, support can be improved, if they become more responsive.

I did not previously use a different solution.

Initial setup was fine; you just need to map certificates between the sensor and the Application Server, which was something different. It can be sorted out through some other methods as well. I don’t exactly remember, but we faced one issue and to resolve it, we had to install the certificates again to get it working.

Implementation was done by the vendor team.

Although I have left the company, I heard that since the license renewal cost was too high, management decided not to renew it. The vendor should reduce the license renewal cost.

I personally did not test any other alternative, but I heard management evaluated Skybox as well; they eventually chose FireMon. It was a management decision, so I don’t know why others were rejected.

Check the renewal cost, and determine whether the Risk Management Module is mature enough and whether GUI crash issues have been fixed or not. Maybe for small companies, it comes up fine, but for large environments, it might cause issues.

We can check the compliance of each firewall, check the KPI of each firewall to determine the security posture of the network, monitor changes done on the firewalls and provide overview of all the rules, either unused, duplicate or risky rules.

We now have clear visibility of our firewall, clear auditing of each firewall rule and changes, and of course, it helps us comply with governing bodies.

They should add SMB firewall support and not only the big players.

I have used it for one year.

I did not encounter any stability issues.

I did not encounter any scalability issues.

Technical support is 9/10.

Initial setup was straightforward and it was easy to follow the installation steps.

It has great pricing with big discounts.

Prepare the necessary details and make sure you configure the needed firewall according to their guide for a smooth implementation.

Security Manager (SM) and Risk Analyzer (RA) are the most valuable features to me. SM assesses a network's security posture in terms of deployed policies, redundant policies, duplicate policies, etc. RA takes a snapshot of everything connected to and within the network down to the end points. It recommends security policies that would improve and further secure the network from potential threats etc.

The product is extremely helpful in policy analysis and improvement. RA was exceptional is identifying risk exposure areas.

Although there is nothing 'wrong' in FireMon's support for other vendors, with the advent of SDN, NGFW, etc., I think FireMon will have to cover more layer 3 devices from different vendors. Again, their current database covers almost all of the major vendors: Cisco, Juniper, Fortinet, etc. However, there is always room for growth in this particular area.

I have used this solution since 2012.

We have not encountered any issues with stability so far.

We have not encountered any issues with scalability so far.

Their technical support is superior.

Pricing and licensing is structured well and FireMon was very helpful in meeting the target budget for this project.

We looked at AlgoSec before choosing FireMon.

It’s provided us with proactive security intelligence so we can act before we have a security breach.

FireMon allows us to monitor and assess our network, giving continuous visibility into and control over firewall infrastructure, network security policies and underlying IT risk.

The reporting needs some improvement to ensure that we are provided with consistent data accross each firewall device on the network.

I’ve been using it for two years.

There were no issues with the deployment.

We had no issues with the performance.

It's been able to scale for our needs.

8/10

This is my first time using a solution like this.

It’s quite straightforward.

We had it implemented by a vendor team.

The instant and complete network graphical view it provides is amazing. Alerts give you complete control of firewall changes, its amazing for compliance and security policy validation. Rule comparison and filters are an easy way to check if you policy is concise and clean, giving your firewall the best performance and readability.

We managed around 70 different firewalls in more than 25 countries all over the world. The firewalls were from different vendors such as Palo Alto, Checkpoint, Cisco, Juniper, etc. FireMon helped to decrease the workload on risk analysis and also firewall rulebase review time by 50%, at least due to its very elaborate and easy to use filters.

It’s been a constant need not only to analyze firewall rules and configurations but also implement them, for which FireMon has no support. Also some of the firewall analysis involve weak password policy, FireMon could implement a way to send firewall hashes, when they exist, to third party cracking softwares.

I used this solution for about three years in my previous job. I primarily used the Policy Planner and Policy Optimizer modules.

The deployment was already easy for v7.0, the upgrade to v8.0 is even easier.

We had no issues with the performance.

It's been able to scale for our needs.

I would rate it 8/10. The only reason I don’t rate it 10/10 is because of the response time which, for us, sometimes took a little bit longer then expected. Customer service and technical support is very good.

The initial setup was very easy and straightforward and we had no problems implementing it.

It was initially implemented by a vendor team, but the implementation could easily be done in house.

FireMon is not a cheap solution but its price is well balance for what it has to offer.

We have evaluated FireMon’s competitors like AlgoSec and others, but found FireMon to be the best solution for our needs due to having a complete set of tools.

Be sure you read all the specs, and test the application as deeply as you can to ensure it meets all your requirements.