FireMon Security Manager Reviews

Security Manager (SM) and Risk Analyzer (RA) are the most valuable features to me. SM assesses a network's security posture in terms of deployed policies, redundant policies, duplicate policies, etc. RA takes a snapshot of everything connected to and within the network down to the end points. It recommends security policies that would improve and further secure the network from potential threats etc.

The product is extremely helpful in policy analysis and improvement. RA was exceptional is identifying risk exposure areas.

Although there is nothing 'wrong' in FireMon's support for other vendors, with the advent of SDN, NGFW, etc., I think FireMon will have to cover more layer 3 devices from different vendors. Again, their current database covers almost all of the major vendors: Cisco, Juniper, Fortinet, etc. However, there is always room for growth in this particular area.

I have used this solution since 2012.

We have not encountered any issues with stability so far.

We have not encountered any issues with scalability so far.

Their technical support is superior.

Pricing and licensing is structured well and FireMon was very helpful in meeting the target budget for this project.

We looked at AlgoSec before choosing FireMon.

It’s provided us with proactive security intelligence so we can act before we have a security breach.

FireMon allows us to monitor and assess our network, giving continuous visibility into and control over firewall infrastructure, network security policies and underlying IT risk.

The reporting needs some improvement to ensure that we are provided with consistent data accross each firewall device on the network.

I’ve been using it for two years.

There were no issues with the deployment.

We had no issues with the performance.

It's been able to scale for our needs.

8/10

This is my first time using a solution like this.

It’s quite straightforward.

We had it implemented by a vendor team.

The instant and complete network graphical view it provides is amazing. Alerts give you complete control of firewall changes, its amazing for compliance and security policy validation. Rule comparison and filters are an easy way to check if you policy is concise and clean, giving your firewall the best performance and readability.

We managed around 70 different firewalls in more than 25 countries all over the world. The firewalls were from different vendors such as Palo Alto, Checkpoint, Cisco, Juniper, etc. FireMon helped to decrease the workload on risk analysis and also firewall rulebase review time by 50%, at least due to its very elaborate and easy to use filters.

It’s been a constant need not only to analyze firewall rules and configurations but also implement them, for which FireMon has no support. Also some of the firewall analysis involve weak password policy, FireMon could implement a way to send firewall hashes, when they exist, to third party cracking softwares.

I used this solution for about three years in my previous job. I primarily used the Policy Planner and Policy Optimizer modules.

The deployment was already easy for v7.0, the upgrade to v8.0 is even easier.

We had no issues with the performance.

It's been able to scale for our needs.

I would rate it 8/10. The only reason I don’t rate it 10/10 is because of the response time which, for us, sometimes took a little bit longer then expected. Customer service and technical support is very good.

The initial setup was very easy and straightforward and we had no problems implementing it.

It was initially implemented by a vendor team, but the implementation could easily be done in house.

FireMon is not a cheap solution but its price is well balance for what it has to offer.

We have evaluated FireMon’s competitors like AlgoSec and others, but found FireMon to be the best solution for our needs due to having a complete set of tools.

Be sure you read all the specs, and test the application as deeply as you can to ensure it meets all your requirements.

Firewall auditing is very important. We also use the solution for rule traffic analysis, traffic flow discovery and hidden/shadow rules within over 100 firewalls spanning five different brands. These features are valuable as firewall rules are constantly added but its tough to determine what can get cleaned up over time. Knowing how frequently a rule is used, where redundant rules exist and documenting changes are important.

Since our network is large, someone new like myself has a challenge when we need to make changes to permit certain traffic. Often this traffic will traverse multiple firewalls and FireMon can help demystify where needed rules need to be implemented.

We just went from the v7.x to their latest web based v8.x which was a welcome change. One area for 7.x customers that needs improvement is the migration. It is an involved process so get ready to spend some time getting your environment back to the way it was. Another area that could use improvement is the traffic path analysis. FireMon uses learned zone data against interfaces to help determine traffic pathways. The catch here is in v8.x, you now have to specify a source or destination network which may throw off the results sending you to the incorrect firewall. Since we just upgraded last week, there aren't many other items that we can see as improvements as we are just getting familiar with this version.

I've used this solution for a little over one year.

The migration from v7 to v8 needs to be improved but we had no issues in the initial deployment.

We have a centralized server with data collector appliances placed between two data centers. We were losing change data because one of the collectors had too much load on it but we never knew. Support had to dig deep when we had our 7.x install and help balance out our firewall to collector ratio to ensure we weren't flooding any one collector.

It's been able to scale for our needs.

Their support is very good. They are generally responsive and I have needed to escalate only a couple of times.

We had no solution in place prior to this. FireMon was the best choice as they really specialize in this niche market.

Like anything new, we needed help from support to get our initial setup moving along. However once you learn the basics, it's not hard moving around the system.

We did get FireMon's assistance during our initial implementation. I encourage this as every environment is different and for me it was worth the investment to get that initial startup help to get things going.

Like any implementation, take time and plan. Engage users and stakeholders letting them know what this system can do and get it integrated within the organizational ecosystem. Like any solution, if it isn't used you simply don't get that potential dividend.

The reports you can run to look for redundant ACL’s in the firewalls, and the policy trace and review. It also allows you to tie to multiple domains so that the administrators for the FireMon servers do not have to deal with the hassle of making 'view only' accounts. You can also use the Insight function to keep records of the ACL’s. Instead of filling up the firewall with remark statements that could lose their position, you can leave all the information in the FireMon server, and you can tie in ticket information. It also allows you to put an expiration date on that ACL so that you can always remove unneeded exceptions.

It improved performance of the organization, as instead of going line through line of the firewall, we were able to quickly find IP addresses or services using Firemon.

I believe their network maps have a lot of room for improvement. I think they should allow more customization.

I have only worked on this product for a year.

No issues encountered.

We have not had any issues with stability.

My organization only used FireMon for Cisco ASA products, so I am not sure if it works with other firewalls but it does support other vendors.

Great, they hold free WebEx sessions for additional training on FireMon.

They're extremely responsive and experienced on the product.

We did not have a previous solution.

An in-house team did it.

Using this product allows firewall administrators to quickly find a problem with their firewall configurations. It allows the administrators to also look for open services that should not be allowed. One of the most useful features is the ability to use policy trace. If you work in an environment with multiple tiered firewalls you can look at exactly what ACL’s the traffic is going through on each firewall without having to have permission to those firewalls.

It is a smart move to make and makes the administration and troubleshooting of ACL problems clear.