FireMon Security Manager Reviews

FireMon Security Manager is a highly intelligent and useful device that consolidates all our security policies, including those for Zscaler proxies, into a single console. This centralized view eliminates gaps and inconsistencies between policies, simplifying policy review and analysis.

FireMon Security Manager is excellent for real-time compliance management. It allows us to quickly retrieve any policy needed for testing and easily analyze it for loopholes. If a loophole exists, FireMon provides comprehensive details within the policy manager.

It alerts us to firewall rule additions or changes that violate compliance policies. It supports various firewall platforms, including Checkpoint, Zscaler, Fortinet, Cisco, and AWS, and provides centralized management for all configured policies through a single console.

FireMon Security Manager provides many features, like whether my firewall is compatible with required standards such as NTP and SNMP. Each compliance included in our RFPs is shown in the UI of FireMon. It gives robust and clear dashboards, making it easier to understand risks because the policies have ratings showing usage, and the number of hit attacks.

It streamlines our compliance reporting processes by providing comprehensive risk and compliance assessments. It offers a range of features, including verification of firewall compatibility with protocols like NTP and SNMP, and detection of signal charges. FireMon effectively addresses all compliance requirements outlined in our RFPs. For instance, it can determine if firewalls or proxies within a stack are configured in Secure Mode or Active-Active mode. FireMon Security Manager enables us to generate reports on all these aspects, ensuring thorough compliance monitoring and documentation.

FireMon Security Manager is robust and can help automate firewall policy changes across large multi-vendor enterprise environments.

FireMon Security Manager helps automate firewall policy changes across various environments, including on-premises, cloud, hybrid, SASE, and SD-WAN. It also simplifies cleaning up firewall rules in our environment.

The time required to accurately create, approve, and deploy firewall policy rules has been reduced. Tasks that took 30 minutes can now be completed in just five minutes using FireMon.

FireMon provides immediate visibility into our policies through a robust and clear dashboard, making it easy to identify errors or misconfigurations based on the policy rating.

We're an MSSP, so we put FireMon on our customer sites to monitor their security devices.

It's so quick at finding redundant and shadowed rules. I used to have to do that and I would have to yell at people to stop bothering me because I needed my complete concentration to do it. And there was still human error. FireMon saves all that time and eliminates that human error.

Also, in terms of our compliance reporting process, they would give us a week and we'd pull all the configurations of all the firewalls and send them off to someone like me who would go through them and say, "Hey, this is not good. Take a close look at this. Why is it any-any?" People would have to go back and look at the firewalls to see if that was a business risk or not and, if it was, have the company sign off on it as a business risk. That would actually take up to about six months of going back and forth, giving people weeks at a time to respond.

With FireMon Security Manager, I can create a report and send it off to the customer and say, "Here are the 98 rules that put you at high risk. Are these needed?" They look at them and say, "Oh no, that application is gone, you can get rid of that." Or they say, "Yep, this is an acceptable risk." I then say, "Okay, I'm going to be back in a year," and I mark it as "acceptable risk, by so and so." A year later I can go back and say, "Is this still an acceptable risk to you?" It makes our compliance so much easier when compared to having to do it manually. I would recommend everybody get this tool just for that aspect.

A module that we have to pay for, because we're using FireMon Security Manager, helps automate firewall policy changes across large, multi-vendor enterprise environments, and it's the only solution that does that. The rest of them are so labor-intensive that this would probably save 70 percent of that work time. It enables us to make changes company-wide. Suppose one of our clients has 60 firewalls. We can do a company-wide firewall update within about two hours if they have multiple brands of firewalls. We can do it in about 30 minutes if they only have one brand. When we had a person logging in to manually do it, it would take them at least a day for 60 firewalls. Now, if it's Palo Alto, we can do it in half an hour. If it's Fortinet, it can take us an hour and a half.

We have about 20 customers and we're saving at least a day of time for each one of those customers. Within one day, we can do what we used to do in two weeks. That's very significant because we were looking at hiring more people. FireMon has reduced the need for that. As our people become more and more efficient, we can actually have more and more customers without having to increase our labor force.

The solution can also talk across on-premises, cloud, hybrid, SASE, and SD-WAN environments. You need the path. Once you have the path, which most of the time is going to be a VPN tunnel if it's over an untrusted area, you can do anything. That makes it one pane of glass. For example, in the past, if it was on-prem and in the cloud, I would have to do an on-prem pane of glass and a cloud pane of glass. Now I can do it in one pane of glass and it's less labor-intensive and much faster.

You can even automate the cleanup of firewall rules in a large, enterprise environment. That's the nice part about it. You can say, "Here are 100 rules I want you to disable," put in the IP addresses, hit enter, and it pushes that out to the 60 firewalls. It takes time, but you walk away. You've saved tons of time while it's doing the process for you through automation. I can't see working on more than one firewall without having this tool.

If you make a mistake on one IP address, and you push it out to 60 firewalls, instead of bringing one down, you could bring them all down. You measure twice and cut once. You verify, you make sure you have the stuff in there. Then you have a second person to look at it and, when you both agree, you hit enter and you know you're not going to bring the system down. That actually takes a little bit more time because it's a two-person activity where it used to be just one. We used to bring down a firewall once a month and now we don't do that. We're saving at least one outage day and then another day of apologizing.

I use FireMon in my work. I work in security and compliance, so I use it to monitor security and compliance within the firewalls.

The most effective feature is the general reporting on compliance. It has helped me bring all the firewalls into better alignment with the compliance requirements in my environment. The general long-term compliance monitoring has been the most beneficial aspect to me.

Whenever I have a project or implementation, I use FireMon Security Manager for firewall cleanup or reporting. When I have an assessment project, I need to ensure the complexity of the firewall rules and identify unused rules from my side. It helps me to generate these reports and clean up the firewall itself.

It automatically warns us when new firewall rules, and changes to existing ones, violate compliance policies before they are deployed. This is important because I need to know who made the changes or when a change was made. It helps with tracking.

It has helped with the compliance reporting processes in an effective way.

It has helped to clean up firewall rules to some extent. It is not 100% percent but meets the needs.

It has decreased errors and misconfigurations that increase risk in an environment. There has been about a 90% reduction.

We use the Security Manager module. We use it to report and audit firewall changes. We also use it to track the hygiene of our firewalls in addition to the changes made to them. Since it normalizes the firewall config, we are able to do custom searches and make custom controls to build out those audits and reports, making sure that we are applying firewall rules correctly. There are a lot of built-in reports as well, which help us to identify rules and objects that are being used. 

We are an enterprise environment. We are definitely not the largest of FireMon's customers, deployment-wise. 

FireMon automatically warns us when new firewall rules, and changes to existing ones, violate compliance policies before they are deployed. We find this valuable as well, especially from the compliance standards where it has real-time change detection and FireMon watches the firewalls. Whenever there is a change that breaks compliance, we get that immediately. At the same time, whenever you are planning a change inside FireMon, it won't let you make that change when there is a compliance issue that they found.

We have built-in change reporting in Security Manager, which is very helpful. Whenever we have a scheduled change report, we use that as an opportunity to review the report and do a technical review of the changes that were made.

It does a search whenever you are planning a rule in FireMon. So, if the traffic that you are trying to create a rule for is already allowed, FireMon will tell you. This will save you the time of trying to create a duplicate rule if you already have a rule that would allow the traffic.

We use FireMon for security management, to manage our security infrastructure. We also use it to do PCI compliance and to manage personal data and information related to the organization, and to prevent data loss. In addition, we use the admin console for firewall management, including firewall rules and to decommission firewalls when they are not in use. We use it to monitor our primary corporate DR firewalls as well.

In the past, we've had thousands of firewall rules that came from legacy applications and many years of work. FireMon has helped us to clean up those rules and to manage them properly. We can decommission rules that are old and outdated or clean them up. And we can work on the ones that are not functioning properly or that are configured improperly, to make them compliant and useful to the organization. It has helped us to manage multiple firewall rules and remove legacy ones that are not useful.

It helps by automating the process of cleaning up firewall rules in a large, enterprise environment. It's not done manually, which is a process that is more prone to errors and takes more time. When it's done manually it's more tedious and requires multiple resources dedicated to doing it. It helps reduce the time involved, increasing the efficiency and reducing the cost, as well as making the job more accurate.

The same is true when it comes to accurately creating, approving, and deploying firewall policy rules. It reduces the effort by 75 to 80 percent, compared to how we used to do it before we got FireMon. And we get that same percentage reduction in effort, 75 to 80 percent, when changing firewall policy rules.

It has also been very helpful in terms of the time and effort required to create compliance reports. Previously, when we used other applications or did it manually, we were not able to finish our work efficiently and on time. FireMon has helped us to cut the time it takes to do auditing and reporting of firewall rules, and increased our efficiency. 

It has cut both the man-hours spent as well as the number of staff members who are dedicated to firewall policy changes and the firewall policy update process, because it enables automation and simplifies the task. The reporting is also more efficient and more correct and useful.

FireMon has decreased errors and misconfigurations, issues that had increased risk in our environment, by 75 percent.

It also identifies risks in your environment and helps to prioritize fixes, if you have the necessary set of eyes to look at the rules and the resources. When FireMon gives you reports on what's going on in the environment, you assign staff members to rectify whatever issues it has reported and proactively prevent issues from arising in the future. It has improved our security posture drastically, and cut down the cost related to having third parties manage those things. We can do some of those things in-house. It has improved our security posture and senior management is happy because of that.

I am a contractor and I work on security. At this company, we primarily use FireMon for firewall rule analysis and as part of our firewall rule certification process.

Our environment is on-premises using VM hosts.

With respect to compliance management, this product does cover some of the compliance factors, although not all of them. For example, in terms of accountability, it has all of the data available for third-party rules and auditing. It can produce a comprehensive report. However, compliance has its own set of requirements.

We planned on having divisions for about 400 days but at 700 gigabytes, the file size was too large and it was interfering with our database backups. Consequently, we had to cut it down to 100 days, which means that we're missing 300 days of divisions. The fact that we no longer had a complete view of 400 days of data was a setback for us. Otherwise, the metadata has been pretty handy.

We do not run assessments on new firewall rules before they are deployed, but we can set it up in such a way that compliance can be checked automatically once we push a rule to the firewall. If there is a problem then the new rule will be flagged. As it is now, we do all of the compliance assessments manually. The reason that we don't use the compliance module in FireMon is that it creates a heavy load on our CPU.

Prior to FireMon being implemented, the company had Tufin running to conduct assessments. They were flagging some rules, based on the subnet categorization that is defined in Tufin. However, those kinds of assessments were not really accurate. They also weren't making any changes to the rules that were problematic.

When they brought in FireMon, we started to run reports that are pretty precise. They were more accurate, and based on the firewall zone definitions. We began to flag rules that made sense and we also started to analyze them. Afterward, we were able to get rid of a lot of risky rules. There were a lot of shadow rules identified that we cleaned up. The agenda was to make sure that the security compound or security footprint within the company is safe.

For this task, FireMon has been very helpful in terms of flagging such rules so we can drop them and improve the security of the infrastructure.

FireMon has improved our compliance process in terms of the time and effort required to create compliance reports. As far as the rule recertification is concerned, it's made it easier for us because it's just one click to explore the metadata of each firewall rule and its information. For example, we use owner fields, technical descriptions, review dates, next review dates, and exceptions, if there are any exceptions. With all of the metadata in place, it can be given to the compliance team.

This solution has helped us to decrease errors and misconfiguration that increased risk in our environment. By using the system that we did to flag risky rules, we were able to identify problems and mediate or eliminate them. We are still working on this but at this point, we have completed 80% of our cleanup. It has been helpful.

FireMon helps to identify and prioritize fixes, although we do the repairs manually. This is something that is necessary when you consider our network and how our firewalls are configured. FireMon does provide suggestions and we make use of them, but we conduct our own manual analysis in addition to the reports. This acts as a valuable double-check for us, which is very important for our security posture.

We use it to keep track of our firewall devices, as an inventory database and a collection of the configuration. It also draws out the map of our network, including non-firewall devices.

We are using the latest version of the solution.

FireMon has been helpful because we have been able to meet our compliance risk management targets. We have been able to satisfy our auditors, internally and externally. 

FireMon has helped automate firewall policy changes across large, multi-vendor enterprise environments. This has been helpful for keeping a good inventory of the changes. Everything is well-documented. It also helps us to be mindful before we make any changes that everything is audited. Since we are a global environment, we can't see everything. We have many people working on different devices.

We are presently utilizing the automate firewall policy changes for our firewall and internal network devices.

The cleanup of firewall rules in our environment has been very helpful. We can go back and ensure we have uniform rules across different firewalls.