FireMon Asset Manager Reviews

My main use case for FireMon Asset Manager is continuous network asset discovery and visibility for our BCDR program. In disaster recovery, I can only protect what I know exists. If I don't have a complete, accurate, real-time inventory of my network assets, my recovery plans are built on assumptions, and in a regulated banking environment, assumptions don't pass examiner scrutiny. FireMon Asset Manager gives me the real-time discovery that keeps my asset inventory accurate continuously, rather than relying on periodic manual scans that are out of date the moment they're done.

FireMon Asset Manager fits into my workflow during our annual BIA, our Business Impact Analysis, as one of the inputs is a complete inventory of systems and network assets that support critical banking functions. Before FireMon Asset Manager, I compiled that inventory manually from multiple sources: CMDB, spreadsheets, scan outputs, and by the time I finished compiling it, some of it was already stale. FireMon Asset Manager feeds me a continuously updated asset inventory. So when I sit down to do the BIA, the data I am working from is current and defensible. That's a meaningful difference when an examiner asks how I validated my asset inventory.

FireMon Asset Manager supports my disaster recovery and business continuity planning through continuous real-time discovery, which is the foundation of everything. The fact that it's not a point-in-time scan, but ongoing, passive and active discovery, means my inventory is always current. That's what makes it useful for BCDR, where stale data is dangerous.

The best features FireMon Asset Manager offers include leak path detection, which is genuinely valuable. It identifies rogue internet connectivity, unauthorized connections, and paths in and out of the network that shouldn't exist. In a bank, that's both a security concern and a BCDR concern because undocumented network paths create recovery risks I don't know I have. The topology mapping is also excellent. Being able to visualize how assets connect to each other and to the network helps my BCDR team understand dependencies between systems, which is critical for sequencing recovery procedures correctly. If I'm recovering a system, I need to know what it depends on and what depends on it.

FireMon Asset Manager has positively impacted my organization primarily on our audit and examination posture. Before FireMon Asset Manager, when examiners asked about our asset inventory, I was presenting data I knew had gaps and hoping nobody looked too closely. Now I can walk into an examination with a continuously updated, discovery-validated asset inventory and answer those questions with confidence. That's a qualitative shift, but it has real consequences. Examination findings in banking are not trivial.

This shift has led to measurable outcomes, such as reducing the time to compile our annual BIA asset inventory from roughly three weeks of manual effort down to essentially a report pull. That's significant staff time saved. I've also seen our CMDB accuracy improve. FireMon Asset Manager's continuous discovery keeps finding things that manual processes miss. And from a regulatory standpoint, I've had two examinations since deploying FireMon Asset Manager, and in both cases, the asset inventory questions that were previously a weakness in our program were answered cleanly. That's the metric that matters most in a regulated banking environment.

FireMon Asset Manager can be improved in reporting customization, which is more limited than I'd prefer. The standard reports cover most use cases well, but when I need a specific format for regulatory reporting or board-level communication, getting exactly what I want sometimes requires more workarounds than it should. More flexible custom reporting would be genuinely useful.

The documentation for some of the more advanced configuration scenarios could be more detailed.

I have been using FireMon Asset Manager for almost two years.

FireMon Asset Manager is stable.

Before FireMon Asset Manager, I was doing asset inventory through a combination of our CMDB, periodic Nessus scans, and manual processes. The CMDB was manually maintained and always had gaps.

I have seen a return on investment, with the audit and examination improvements being the clearest ROI. Examination findings have costs in banking, both directly and in terms of regulatory relationship.

My experience with pricing, setup cost, and licensing reveals that it's not inexpensive. The license cost is manageable in the context of our overall security budget, but the professional services cost to get it properly deployed and configured was significant.

Before choosing FireMon Asset Manager, I evaluated other options such as Axonius and Qualys' CSAM. Axonius is strong on integrations, pulling asset data from a very wide range of existing tools and consolidating it. However, for my use case, I needed active network discovery, specifically the leak path detection, and Axonius is more of an aggregator than a discoverer.

FireMon Asset Manager's governance and security are well thought out since FireMon Asset Manager has been building out AI-assisted anomaly detection, flagging unusual network behavior, unexpected asset appearances, and changes that look suspicious. From a governance standpoint as a bank, I'm cautious about any AI feature that involves sending data outside my environment.

I find the accuracy and reliability of output for FireMon Asset Manager's AI capabilities quite satisfactory, as the anomaly detection features I've tested have been reasonably accurate. They've flagged genuine anomalies, including a couple of cases where an asset appeared on the network unexpectedly. The false positive rate has been manageable.

I would rate FireMon Asset Manager a seven out of ten. I rate it a seven because it solved a genuine problem for us. We have a much better asset inventory program because of it, and the BCDR and audit improvements are real.

My main use case for FireMon Asset Manager is continuous network asset discovery and visibility for our BCDR program. In disaster recovery, I can only protect what I know exists. If I don't have a complete, accurate, real-time inventory of my network assets, my recovery plans are built on assumptions, and in a regulated banking environment, assumptions don't pass examiner scrutiny. FireMon Asset Manager gives me the real-time discovery that keeps my asset inventory accurate continuously rather than relying on periodic manual scans that are out of date the moment they're done.

FireMon Asset Manager fits into my workflow during our annual BIA, our Business Impact Analysis, where one of the inputs is a complete inventory of systems and network assets that support critical banking functions. Before FireMon Asset Manager, that inventory was compiled manually from multiple sources like CMDB, spreadsheets, and scan outputs, and by the time I finished compiling it, some of it was already stale. FireMon Asset Manager feeds me a continuously updated asset inventory, so when I sit down to do the BIA, the data I am working from is current and defensible. That's a meaningful difference when an examiner asks how I validated my asset inventory.

The best features FireMon Asset Manager offers include Leak Path Detection, which is genuinely valuable as it identifies rogue internet connectivity and unauthorized connections, paths in and out of the network that shouldn't exist. In a bank, that's both a security concern and a BCDR concern because undocumented network paths create recovery risks I don't know I have. Topology Mapping is also excellent; being able to visualize how assets connect to each other and to the network helps my BCDR team understand dependencies between systems, which is critical for sequencing recovery procedures correctly. If I'm recovering a system, I need to know what it depends on and what depends on it.

FireMon Asset Manager has positively impacted my organization primarily through our audit and examination posture. Before FireMon Asset Manager, when examiners asked about our asset inventory, I presented data that I knew had gaps, hoping nobody looked too closely. Now I can walk into an examination with a continuously updated, discovery-validated asset inventory, and I can answer those questions with confidence. That's a qualitative shift, but it has real consequences since examination findings in banking are not trivial.

I find that FireMon Asset Manager's reporting customization is more limited than I would like. The standard reports cover most use cases well, but when I need a specific format for regulatory reporting or board level communication, getting exactly what I want sometimes requires more workarounds than it should. More flexible custom reporting would be genuinely useful.

The documentation for some of the more advanced configuration scenarios could be more detailed.

I am coming up on two years using FireMon Asset Manager.

FireMon Asset Manager is stable.

I previously did asset inventory through a combination of my CMDB, periodic Nessus scans, and manual processes. The CMDB was manually maintained and always had gaps.

I have seen a return on investment; the audit and examination improvements are the clearest ROI. Examination findings have costs in banking, both directly and in terms of regulatory relationship.

My experience with pricing, setup cost, and licensing is that it's not inexpensive. The license cost is manageable in the context of my overall security budget, but the professional services cost to get it properly deployed and configured was significant.

Before choosing FireMon Asset Manager, I evaluated other options including Axonius and Qualys CSAM. Axonius is strong on integrations and pulls asset data from a very wide range of existing tools, consolidating it. But for my use case, I needed active network discovery, specifically the leak path detection, and Axonius is more of an aggregator than a discoverer.

The continuous real-time discovery is the foundation of everything. The fact that it's not a point-in-time scan but ongoing, passive, and active discovery means the inventory is always current. That's what makes it useful for BCDR where stale data is dangerous.

This shift has led to measurable outcomes, as we reduced the time to compile our annual BIA asset inventory from roughly three weeks of manual effort down to essentially a report pull. That's significant staff time saved. I've also seen our CMDB accuracy improve since FireMon Asset Manager's continuous discovery keeps finding things that manual processes miss. From a regulatory standpoint, I've had two examinations since deploying FireMon Asset Manager, and in both cases, the asset inventory questions that were previously a weakness in our program were answered cleanly. That's the metric that matters most in a regulated banking environment.

FireMon Asset Manager has been building out AI-assisted anomaly detection, flagging unusual network behavior, unexpected asset appearances, and changes that look suspicious. From a governance standpoint, as a bank, I am cautious about any AI feature that involves sending data outside our environment. The anomaly detection features I've tested have been reasonably accurate. They've flagged genuine anomalies, including a couple of cases where an asset appeared on the network unexpectedly. The false positive rate has been manageable.

I would rate this review a seven out of ten.

My main use case for FireMon Asset Manager is continuous network asset discovery and visibility. We have a complex hybrid environment with a mix of on-premises, cloud, and OT devices, and keeping an accurate inventory of everything was becoming a real challenge. FireMon Asset Manager gives me the tools needed to manage this complexity.

When I log into FireMon Asset Manager on a normal day, the first thing I usually use it for is checking the dashboard. It gives me an immediate overview of what has been discovered overnight, any new alerts or notifications that came in, and whether there are any devices flagged as potential issues. That is my morning sweep.

The best features of FireMon Asset Manager include real-time asset discovery, which is the standout feature. It is continuous rather than point-in-time, so I am not working from a stale inventory.

FireMon Asset Manager has impacted my organization by allowing us to discover about 40 devices on our network that were not in our existing inventory. Some of them were old decommissioned systems that should have been taken offline.

The biggest friction point or frustration I have encountered with FireMon Asset Manager is the support experience being inconsistent. Response times can be slow when I have a complex technical issue, and the custom compliance reporting is also fairly limited.

If I could change one thing about FireMon Asset Manager, I would ask for faster response times. I would prefer not to be asked the same question repeatedly.

I have been familiar with FireMon Asset Manager for two years.

When I first implemented FireMon Asset Manager, it took three weeks to get up and running.

During that rollout, my team found FireMon Asset Manager easy to pick up, without needing any formal training on it.

Before I started using FireMon Asset Manager, we looked at Axonius and Qualys Cybersecurity Asset Management. Axonius was impressive on integration, but the pricing was higher, and FireMon Asset Manager had the edge on network-specific discovery.

When I was evaluating options such as Axonius, the decision on FireMon Asset Manager specifically came down to Qualys being more focused on vulnerability management than pure asset visibility. FireMon Asset Manager was the best fit for our specific use case.

My advice for anyone considering FireMon Asset Manager with a similar workflow to mine is to make sure you map out your full environment before you start. FireMon Asset Manager is only as good as the scope you give it.

FireMon Asset Manager fills a genuine gap in network security visibility that many organizations underestimate. If you do not have good asset discovery in place, you are essentially managing security blind. I would rate this solution a 9 out of 10.

We used FireMon Asset Manager for 12 clients. We used it for firewall audits and rule changes.

FireMon Asset Manager was pretty accurate. It improved the security posture of our clients by providing detailed reports. We would go through the rules for the firewall and provide them with the reports. We would get feedback from the clients, and we would make changes to the firewall. 

It was pretty accurate. We did not find any issues. We initially experienced a couple of bugs because the change module was not working properly. After they fixed that, the details were accurate. It was to the point. It was perfect.

I did not use SQL queries a lot. There were already inbuilt queries, so we used them. We did not use any specific SQL queries. With the inbuilt queries, it was pretty easy to create a dashboard. There were also inbuilt reports. We usually did not have to create a customized report, but when needed, I was able to do that. I would put the command in the reporting tab and run it. It was quite easy.

The most valuable feature is the change modules. Whenever there is a change in the firewall, it automatically reflects on FireMon.

The interface and reporting are also very useful. The FireMon reporting tab is very useful. I have used a couple of other applications, and I found FireMon Asset Manager's reports and the GUI to be better.

We used FireMon Asset Manager only for the firewalls. It could not always discover, so we had to go in and add it manually. The discovery was not always consistent. At times it worked, and at times it did not work. It was 50/50.

The discovery process could be improved. If incorrect credentials are entered, it should give an error message. That would make our work easy rather than having to troubleshoot why the issue is occurring. Also, the SQL queries at times did not work, so we had to get support from FireMon. Everything else is good.

I used FireMon Asset Manager for one year in my previous company. I have not used it for the past two months.

We found a couple of bugs in it. We reported them to the FireMon team, and they provided the fixes in the next patch. While defining our rule sets, we realized that the changes were not being made. We approached their team, and they helped us to fix the bugs with updated patches. I would rate it an eight out of ten for stability.

I would rate it a seven out of ten in terms of the scalability of users.

Our clients were a mix of small, medium, and enterprise businesses.

The technical support is good and responsive. They responded on time and had good knowledge.

Positive

I previously used another solution. It was not as good as FireMon, which provided a more comprehensive set of details. It eased our job in getting the reports, getting the details, or getting the changes done. Our client was happy.

The other solution did not provide us with complete details, whereas FireMon Asset Manager provided all the details. It was more in-depth. FireMon Asset Manager was also more accurate after they fixed the bugs that we had found. It is quite a good solution.

It was on-prem. For all 12 clients, we used it on-prem. We created a VM on the site.

The deployment of FireMon Asset Manager was straightforward. On average, it took about one to two weeks because we depended on our clients. It took a maximum of 14 days. We did not find any issues with implementing this solution. 

It did not require any maintenance.

The team was responsible for the deployment, which depended largely on the client's schedule.

I would definitely recommend FireMon Asset Manager to others. It was an easy tool to work with. They released patches on a quarterly basis, and it helped secure networks effectively.

I would rate FireMon Asset Manager an eight out of ten.

We use FireMon Asset Manager to track and manage our network devices and to understand and map our network assets.

The fact that Asset Manager provides us with accurate updated asset information and details, is important for us.

When FireMon Asset Manager is properly configured the data it provides is comprehensive.

I have used Asset Manager to create dashboards for certificate monitoring to identify out-of-date certificates. I've also used it for operational technology, like industrial control system-type monitoring. They work well. They're a great resource when we're trying to learn more about our network, find a gap, or discover if something isn't being monitored that we need to be monitoring.

The speed at which Asset Manager can discover large IP address spaces is impressive. It discovers things relatively quickly and with relatively minimal configuration and setup.

Asset Manager's benefits became evident soon after implementation. Real-time data provided immediate clarity; even simple queries quickly demonstrated its value.

Asset Manager identified unauthorized devices on the network, prompting a review of connections between various generative networks. In simpler terms, I discovered unexpected devices, addressed a potential security breach by isolating them, and identified additional unauthorized connections. This has a clear impact on overall network security.

We have configured FireMon APIs for alerting. 

The most valuable aspects of FireMon Asset Manager are its integrations and its ability to passively monitor the network for unknown assets. It acts as an agentless discovery tool, identifying network hosts that were previously undetectable and determining if they are included in our security or network management systems. 

FireMon Asset Manager has improved its ability to gather information directly from devices, complementing its existing passive data collection. While passive discovery remains important, active retrieval of asset details would be valuable, and this functionality is starting to be implemented, as I've observed in recent updates but it is not fully there yet.

I have been using FireMon Asset Manager for almost six years.

We don't have many crashes. In a VM environment, FireMon Asset Manager is stable.  

I have used FireMon Asset Manager in one of the world's largest networks, and it scaled out in that environment.

Their technical support has always resolved everything in a reasonable amount of time even when there was some sort of bug or work required from the software team. Things still moved quickly.

Positive

The initial deployment was straightforward. The deployment required two hours for initial setup and slightly longer for the entire enterprise to be operational. While one person managed the process, it relied on the availability of multiple resources.

The implementation was completed in-house.

FireMon Asset Manager's pricing has been reasonable and has worked well for us from a licensing standpoint.

I would rate FireMon Asset Manager nine out of ten.

FireMon Asset Manager seems unique in its approach. Unlike other asset management tools I've used that rely on installing agents on every device, it passively analyzes the network for information, offering a more hands-off discovery method.

Applying patches for Asset Manager is a necessary maintenance task, but fortunately, it doesn't require a lot of ongoing effort to keep the solution running smoothly.

We mainly use FireMon Asset Manager for our customers. Our main customer is a casino in Macau. They wanted a single platform to access and monitor their firewall situation and deploy the policies. It is also used for internal audits, specifically for ISO 24001 compliance.

The dashboard clearly shows the policies of a network environment. We can see which policies are critical or are always being used. We can also see which ones are not being used or have not been modified in a long time. We can see all the ports that the applications are using. We have all this information in the dashboard.

After deployment, FireMon Asset Manager automatically shows the network topology. However, the dashboard is pretty fixed. It is not flexible. If I need to modify the dashboard, I need the help of their customer support.

FireMon has streamlined policy deployment across multiple firewalls, making it easier to quickly implement changes. It has also improved our ability to comply with audits and be compliant with PCI DSS and ISO 27001 standards. The efficiency of deploying policies has increased significantly.

The information provided by FireMon Asset Manager is helpful in making an organization's environment secure. It makes customers look into their policies and see if they need to be modified.

A single platform to manage all the firewalls and network switches is its best feature. It is very easy.

Its ability to show the network topology automatically is also valuable. It facilitates the discovery of full paths in the network environment.

It offers a single platform for managing firewalls of different brands and simplifies policy deployment and auditing. It helps push policies to different firewalls, and it also helps with policy auditing. We can easily see if there are any policies that are duplicated or that are not being used. It helps improve the firewall or network environment.

It is not very good at monitoring the Check Point firewall, but it works very well with other firewalls such as Palo Alto, Fortinet, and Cisco ASA. Similarly, it works well with or supports certain network switches, but there are some that it does not support.

I am not sure if FireMon Asset Manager supports the CVN and SDN environments. I am also not sure if it supports a VDI desktop environment. The support for these environments would be good. There should also be better handling of VPN connections.

I have been using FireMon Asset Manager for approximately five or six years.

I would rate the stability of FireMon Asset Manager a nine out of ten.

I would rate it a nine out of ten for scalability.

Our customer's environment has about 15 people in the IT department and about 60 firewalls.

FireMon's customer support is very helpful and responsive, often providing remote assistance to resolve problems efficiently.

Positive

Previously, we used solutions like Tufin and AlgoSec. We switched to FireMon due to its strong performance in Gartner reports and user-friendly interfaces.

The initial setup of FireMon Asset Manager is easy, provided that the prerequisites like network details and accounts are ready. It requires about three days for deployment and additional time for user training.

FireMon is more expensive than other brands but justified by its comprehensive feature set. It includes several functions that might require additional subscriptions in other solutions.

FireMon is an excellent choice for organizations with complex environments requiring ISO audits and multi-vendor firewall management. It is particularly beneficial for companies needing a single platform for policy deployment across multiple firewall brands.

I would rate FireMon Asset Manager a nine out of ten.