FireMon Security Manager Reviews

• Firewall cleanup - the best and most efficient way to clean the firewall from unused, redundant, shadowed rules that create unnecessary risks and impacts the firewalls performance overtime. Also, it helps with the PCI compliance.
• Rule use analysis.

• Improved change workflow
• Optimized my firewalls
• Meet PCI compliance
• Enhanced security

Needs more functional basic workflow for the Policy Planner for those who do not need a fully customized workflow.

One year.

No issues encountered.

No issues encountered.

I've found technical support to be a 9/10.

Straightforward.

Add infrastructure devices to the firewalls and negotiate an overall discount that way. Needed to get insight into configurations.

Tufin and AlgoSec were evaluated as well.

The customized workflow is worth it. If you are considering to migrate to new firewalls, implement FireMon because it will make your migration much easier. Also, cleaning up some slow firewalls will help you extend its life.

The most valuable feature is security management because it allows us to look inside the firewall and see things that the firewall doesn't report. For some of the things the firewall applications lack, we're able to gain insight with the FireMon appliance, as well as having one platform that looks into different vendors of firewalls. That's really important for us.

For me, specifically, I use it for a lot of firewall migrations. We can see rule usage. On a project that I was on, we saw the rules on the migration. We pulled the rules out that weren't being used, and then we could take rules that were overlapping, join those together and make it more efficient.

One area with room for improvement for me is doing the updates. We have to download it from User Center and then put it unto the machine through FTP, or something like that. I would rather just go to the GUI and hit the Update button, and it goes out and gets the update itself. Because these files are large and sometimes the transfers don't go through, the only way that we're able to do it right now is through FTP. That means we have to have CLI access, which sometimes we don't really want to do. I'd rather just go to the update screen, hit Download the Update, and then be able to reboot it and have it go to all of the data collectors, and transfer that file over there automatically. Right now, it's a process and it takes a lot of time.

It's more complex as opposed to being user friendly. It also depends on your level of knowledge on what to do. Some people may not know to do it, and there are some commands in there. If you don't have support, if you haven't read the entire admin guide, you wouldn't know.

I have used it for eight years.

It crashed one time but that's because of a design issue on our part. It's not something that, I think, was on FireMon's part. We need to offload the storage, and our hard drives are filling up, so that causes problems with our servers, but as far as FireMon, I haven't really had a problem with FireMon crashing on its own.

The only scalability problem is having an offloaded log collector, because we do send a lot of logs. We have our own servers that do the log collection and we need to make backups of that. As far as that’s concerned, no, we haven't had any issues with scalability. We can expand much further than what we have.

We've had the FireMon product for eight years. I've only been directly involved with it for the past year. I generally don't call tech support, I usually contact my SE because we're still in the process of these huge migrations, so I talk to my SE a lot. I have contacted support once and they were very helpful, so I would probably rate it 9-10/10 because they know exactly what they're doing.

We did not previously use a different solution, that I know of. I’ve been with my current organization for almost three years and it's always been FireMon, so I don't know. I wasn't a part of that decision-making process.

At the end of last year, we reevaluated which products we wanted to continue going with based on budgets. We reviewed Skybox, Tufin, AlgoSec, and FireMon.

Don't be scared to contact the SE. My SE and I have a very good relationship and we bounce ideas off each other. Leverage your resources. It's not really a complex product to deploy.

Use the User Center. There's a lot of great info there and a lot of your questions can be answered in the User Center.

General recommendations: Make sure that the firewalls you have are supported. Make sure you know how many firewalls you have.

Go with the mindset of what you want to do; general project management-type stuff.

Everything's working fine. The only thing is the automated updates. I’m not giving it a perfect rating because of the usability of the updates. That's my biggest thing that they need to work on.

It's been working very well for us. We’ve got everything we need. We have several groups using it that like it.

Holistically, the product is well thought out. The normalization of the rule sets across different firewall platforms is all valuable to us. You can't really separate it out; for me, you can’t.

I can mention high-level stuff. Basically, it gives us visibility that we were lacking; having everything being able to be viewed in one pane of glass. Instead of having to go jumping all over the place into the different platforms, you can use the tool to get a single pane of glass view.

It's not a jack-of-all-trades product; it's very focused. It does what it does and it does it well. We use it that way. Basically, that's the reason we obtained it. That's what we use it for: to normalize the platforms all into one single view. A place for us to do our analysis, review of rules and things of that sort.

I can mention a ton of areas with room for improvement, but from a high-level standpoint, I just don't think version 8 was ready for prime time, yet. They're still working on it. There are still major swaths of the tool that need attention. To get into the details, I would have to engage my engineers.

We've had it in our portfolio since July of 2013.

We have not encountered any stability issues with the product itself. It's been easy to maintain, to upgrade and to do all of the support work for it. There hasn't been an issue with that at all.

We have not encountered any scalability issues. We haven't run into a limitation yet.

Any time we've engaged technical support for assistance, we've come away with a resolution, so the only thing that we've had difficulty with is programming or making fixes that require coding. That sometimes can take a little while.

Technical support is at least 8/10.

We did not previously use a different solution. This was the first firewall management platform that we've used, except for the built-in, out-of-the-box tool that came with the platform.

Initial setup was all pretty straightforward. You stand up your platform, get your database ready to go, and that all happens out of the box. Then, you start to populate it with your devices. It's all pretty straightforward.

Before choosing this product, we also evaluated Tufin and AlgoSec.

Just like any other IT product on the market today, everything is green grass and high tides. Everything is beautiful. During the sales process, it's all, "Oh, just do this, do that." It's a little more than that. It's a little more complex and a little more effort than just, plug it in and go.

I think that's the mistake of many of the sales teams; that they sell the ease of implementation. I think they should just be straight up and honest with the purchaser, saying, "Look, it's going to take some effort and you're going to have to understand your environment. You're going to have to understand the network flows. You're going to have to understand how your network is segmented, so you can properly implement the tool."

I think when they try to make it seem easier than it really is, then that's inviting problems.

FireMon is just better than average. It's better than average, but not quite stellar yet. They've got a little work to do to address some of the challenges that could be introduced perhaps by the customer and the way the customer has used the different platforms. They have to be able to account for that, and react to it in a timely manner; at least come up with some sort of usable solution in the meantime when they do encounter a problem.

• The possibility to highlight differences between policy revisions
• FireMon Insight with FMSQL
• Hidden reports
• Rule usage/unused rules report
• Object usage report

FMSQL allows us to quickly query our ruleset to check which trafic is allowed. That greatly helps us to fill in the compliance report.

• Support of checkpoint clusters: Rule usage is logged for each cluster member but not for the whole cluster. It may lead to wrong conclusions when you clean rules.
• Comments with special characters (French accent) are not supported. So we can't use the report for uncommented rules.

I have used it for >5 years.

We first had FireMon 5 on Windows Platform. It was a pain in the ...

Now, with the FireMon appliances, you just have to connect your Check Point SmartCenters and ... enjoy!

I have not encountered any stability issues because we purchased Linux appliances.

We have quite a large Check Point environment (>60) with a lot of rules. Reports may be a bit slow but they are so valuable that they are worth the wait. Newer, beefier appliances may also be available from FireMon.

I don't have to deal with customer support, so I won't rate them.

With Windows, it was difficult to get support.

I only had to open once a ticket with the FireMon appliances; fast handling of the case.

I did not previously use a different solution.

Initial setup was quite simple.

I was not in charge of the implementation project. I think we installed the FireMon appliances on our own.

I'm not an accountant !!

FireMon has served as a change monitoring and notification tool for a number of years, but recently we’ve decided to utilize the policy review capabilities to automate our periodic firewall rule review process.

Our primary use case for Firemon initially was to perform change notification for our ASA firewalls. This was the case for about 5 years.

With the introduction of version 8, we decided to reconsider other capabilities of Firemon – specifically the policy review reports that show unused or duplicative policy rules. We intend to use these features to automate our firewall policy review process.

Instead of having to utilize a manual review process, we can automate most of the process. Change notifications for our ASA firewalls that do not have built in change notification is also automated for us.

7 years.

Yes, after an upgrade to version 8 from version 7, we experienced several issues with the Data Collector component. They were all resolved pretty quickly by FireMon support.

No.

FireMon’s technical support is capable and responsive. I’ve had no issues with getting the right resources engaged when I need them.

No.

The upgrade from version 7 to version 8 seemed to be unnecessarily complicated, so we opted to to a clean install on version 8, and have had no issues with using this approach. In fact, it helped us clean up our installation.

Understand that the licensing exercise, is intended to right size the costs to your actual firewall models, but that Firemon v8 does not make a distinction between firewall models in the tool itself.

No other solutions were considered.

Perform the installation and utilize FireMon support to optimize the installation. Perform a post installation review of the configuration a couple of months after it’s implemented and running so that you can decide what features to use, which are useful. There are a lot of built in features that aren’t apparent until you get the whole system set up, all of your devices discovered, and the system collects information for a few weeks.

Security Manager: It effectively manages the complexity and change associated with today’s network security infrastructure and has a good hold in the market.

It’s very helpful during our firewall and network devices audit, and also beneficial when backup is required of network security devices.

I am desperately looking forward to seeing FireMon considered as a good backup solution for network security devices, which can store up to the last 10 incremental backups. This way, the business can grow with multiple solutions to customer.

I have been using it for five years.

I have not really encountered any deployment, stability or scalability issues. Installation and upgrade are quite simple and easy.

Technical support is satisfactory.

Previously we were using AlgoSec, but it requires to be updated from time to time. Also, it wasn’t found to be a fruitful solution and has a lot of room for improvement.

We recently installed FireMon on VMware architecture and it was very smooth and without issues.

Implementation was easy and documents are available in FireMon Center, so the in-house support team implemented it without any issues.

Per-device license is little costly, but with such good features it’s understandable.

It is a good solution for audit trails and end-user visibility.

The Configuration Change Management feature was something we were interested in as it helped us to identify who made the change, when and why. Also, the workflow was easy to set up to ease operations.

The second important feature I liked was determining unused rules - rules placed incorrectly in the ACL - this helped us to reduce the load on the firewalls, thus we didn’t have to buy a new firewall due to high CPU or memory consumption. With the help of FireMon, we fine-tuned the rules and were able to save money for buying a new firewall.

As mentioned, we were able to ease the operations and set up a workflow that allowed the firewall and other network-related requests to go through a formal approval process. This helped to track who, when and why the request was done.

Also, removing redundant rules and placing the rules at the correct place helped lower CPU and memory consumption.

I would have preferred fewer updates, as there were quite a few updates made every now and then. Secondly, the Risk Management Module didn’t work well until you have the all of the subnets mapped. This can be improved.

I used it for two years.

I didn’t really encounter any deployment issues. However, sometimes the GUI used to crash when it tried to populate the device map; we had a lot of devices. At times, the map displayed fine, even though it took some time to show up; and at other times, the GUI crashed. This should be fixed.

Technical support was fine; they have good technical people. However, support can be improved, if they become more responsive.

I did not previously use a different solution.

Initial setup was fine; you just need to map certificates between the sensor and the Application Server, which was something different. It can be sorted out through some other methods as well. I don’t exactly remember, but we faced one issue and to resolve it, we had to install the certificates again to get it working.

Implementation was done by the vendor team.

Although I have left the company, I heard that since the license renewal cost was too high, management decided not to renew it. The vendor should reduce the license renewal cost.

I personally did not test any other alternative, but I heard management evaluated Skybox as well; they eventually chose FireMon. It was a management decision, so I don’t know why others were rejected.

Check the renewal cost, and determine whether the Risk Management Module is mature enough and whether GUI crash issues have been fixed or not. Maybe for small companies, it comes up fine, but for large environments, it might cause issues.

We can check the compliance of each firewall, check the KPI of each firewall to determine the security posture of the network, monitor changes done on the firewalls and provide overview of all the rules, either unused, duplicate or risky rules.

We now have clear visibility of our firewall, clear auditing of each firewall rule and changes, and of course, it helps us comply with governing bodies.

They should add SMB firewall support and not only the big players.

I have used it for one year.

I did not encounter any stability issues.

I did not encounter any scalability issues.

Technical support is 9/10.

Initial setup was straightforward and it was easy to follow the installation steps.

It has great pricing with big discounts.

Prepare the necessary details and make sure you configure the needed firewall according to their guide for a smooth implementation.