Try our new research platform with insights from 80,000+ expert users

FireMon Security Manager vs Tufin Orchestration Suite comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 8, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

FireMon Security Manager
Ranking in Firewall Security Management
4th
Average Rating
8.2
Reviews Sentiment
7.5
Number of Reviews
56
Ranking in other categories
No ranking in other categories
Tufin Orchestration Suite
Ranking in Firewall Security Management
2nd
Average Rating
8.0
Reviews Sentiment
7.3
Number of Reviews
183
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Firewall Security Management category, the mindshare of FireMon Security Manager is 16.6%, up from 16.2% compared to the previous year. The mindshare of Tufin Orchestration Suite is 22.0%, up from 20.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewall Security Management
 

Featured Reviews

Ganesh-Khutwad - PeerSpot reviewer
Rapid policy insights with robust dashboards and cross-vendor automation
FireMon Security Manager is excellent for real-time compliance management. It allows us to quickly retrieve any policy needed for testing and easily analyze it for loopholes. If a loophole exists, FireMon provides comprehensive details within the policy manager. It alerts us to firewall rule additions or changes that violate compliance policies. It supports various firewall platforms, including Checkpoint, Zscaler, Fortinet, Cisco, and AWS, and provides centralized management for all configured policies through a single console. FireMon Security Manager provides many features, like whether my firewall is compatible with required standards such as NTP and SNMP. Each compliance included in our RFPs is shown in the UI of FireMon. It gives robust and clear dashboards, making it easier to understand risks because the policies have ratings showing usage, and the number of hit attacks. It streamlines our compliance reporting processes by providing comprehensive risk and compliance assessments. It offers a range of features, including verification of firewall compatibility with protocols like NTP and SNMP, and detection of signal charges. FireMon effectively addresses all compliance requirements outlined in our RFPs. For instance, it can determine if firewalls or proxies within a stack are configured in Secure Mode or Active-Active mode. FireMon Security Manager enables us to generate reports on all these aspects, ensuring thorough compliance monitoring and documentation. FireMon Security Manager is robust and can help automate firewall policy changes across large multi-vendor enterprise environments. FireMon Security Manager helps automate firewall policy changes across various environments, including on-premises, cloud, hybrid, SASE, and SD-WAN. It also simplifies cleaning up firewall rules in our environment. The time required to accurately create, approve, and deploy firewall policy rules has been reduced. Tasks that took 30 minutes can now be completed in just five minutes using FireMon. FireMon provides immediate visibility into our policies through a robust and clear dashboard, making it easy to identify errors or misconfigurations based on the policy rating.
MithatBulut - PeerSpot reviewer
New employees can quickly grasp the various IPs, devices, and the network's logical and physical
Tufin is primarily used to orchestrate and manage network traffic and firewall devices. It is specifically useful for implementing firewall policies and handling requests from clients that require policy updates or changes Tufin simplifies understanding network topology. New employees can quickly…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features are Policy Optimizer and Firewall Manager for different brands of firewall."
"The SQL language is convenient to use. It allows us to process a bunch of criteria very quickly and narrows things down if there is an issue with the firewall. It's easy to do that with SQL queries."
"The Security Manager part of FireMon... gives me an eye on everything that's out there, everything that I cannot see. Because I'm not a network admin, I cannot go to a firewall itself, but at least I have FireMon so that I can go in and view everything that I want to view. And I can eliminate whatever I see that is wrong,"
"Vendor agnostic when it comes to integrating with other product."
"Policy test, access path analysis, and change reports."
"We also use the solution’s SASE integration capabilities to extend security policy management for cloud firewall management. It helps in creating one consistent rule across multiple platforms and it improves accuracy."
"I've been using the reports to see what is going on, and that is a helpful feature. We can track down unused rules, which helps with compliance. We can see rules that have not been used or that are duplicates or overly permissive."
"Compared to other applications, it is user-friendly. The appearance of the menus and titles is clear and they are easy to follow. Of course, it requires some experience through using it, to go through everything, but it is not very difficult. It is an easy application to use."
"This solution helps us ensure that security policy is followed across our entire hybrid network. You can have a Unified Security Policy which reaches across all networks, so if you are having a change submitted, it doesn't matter if you're enforcing it or not. You can get an alert saying, "This is a violation." That's a value-add."
"This has helped us to better clean up and audit changes to the firewall policy."
"It's hard to pick the most valuable feature. All of them are valuable, they're all critical for us... ChangeTrack obviously has a lot of very good features, like the risk analysis, the USP, and the Policy Browser."
"We just got done with major audits. Tufin was able to provide information to give back to people, and say, "Hey, this is what I need to do, and what we're doing.""
"We use Tufin to clean up our firewall policies because it is so fast. A report about compliance and the clean-up process used to take about one month up before. With Tufin, it takes only one day."
"Our engineers save quite a bit of time that was previously spent on manual processes."
"The automated reporting on a regular basis is helping us to be compliant with legal requirements."
"One of the things that came up this week was the ability to decommission a server, which we thought was interesting. We had a workshop recently that talked about all the things that need to be thought about when managing firewalls. People said, "A lot of times, things get forgotten when you are decommissioning a server." E.g., making sure rules are taken away and taking out the rule set. The fact that there is an automated workload for that can be helpful."
 

Cons

"It comes as a Linux appliance on a server and we're not a Linux shop, we're more of a Windows shop. It would be great if they could automate or integrate the backups into it and other things through their GUI interface, just to make the management of Linux a little more transparent."
"When it comes to identifying risk in our environment and prioritizing fixes, it is really about the different priorities within the organization. FireMon is not so smart that it can tell what's important to us. It's up to us to figure that out."
"Some of the things that you want to do in FireMon are not exactly straightforward, like creating certain reports or controls. Some of the functions could be a little more user-friendly, such as creating certain filters."
"Its reporting can be improved. I am the only one who works a lot with it, and I am having problems in terms of reporting. In the case of Palo Alto, I'm okay with it, but with some of the Cisco devices, such as routers, when I provide the reports to other teams for review, they always say that the hit count is incorrect. So, I was struggling for a long time to work with them. When working with other teams, they have a lot of questions about reporting, such as how it reports, and we are still struggling with that."
"Some of the core functionality in our environment doesn't seem to work. We will get buggy code releases. They need to work on their Q&A of every code release."
"The advanced features are complex in setting up the rules."
"I don't like that it comes with bugs, constant issues, and limited functionality."
"The current health and monitoring of the devices is atrocious... Imagine you have a list of 200 devices, and you can grade each of those devices as either green, yellow, or red. However, there might be three different reasons for you to go to red, or eight different reasons to go to yellow, and all of those things could be combined... Out of all those categories, I only find one or two of them that are, perhaps, pertinent."
"I would rate their reports as a four out of ten. I don't like the way that they are shown. It is too hard to export and send them to our clients."
"We like the change impact analysis capabilities quite a bit. The only weakness is that the reporting is a bit clunky. We would like to have the reporting be better."
"I feel that the user interface is a bit dated."
"I would like a better reporting feature and automatic alerting based upon rule changes."
"I would like to see the hardware specifications improved."
"The integration with different products needs to be improved."
"One of the areas that I've had challenges with is making complicated reports."
"There are some missing features we'd like to see them add in the future."
 

Pricing and Cost Advice

"Pricing model seems fair."
"We don't license all of the devices in our network, so it does not provide us with a comprehensive visibility of all devices in a hybrid network at this time."
"FireMon is cheaper than AlgoSec."
"This is an expensive solution. The cost of three modules for three years was approximately one million."
"Regarding additional costs, if you want things like Policy Optimizer, extra features, that's extra."
"The pricing was very good during our initial year, but they increased it this year a little bit. The price is okay. It is not cheap, but it is still average."
"We pay for it yearly."
"Relative to what it offers, the price is fair."
"While licensing varies greatly, it is about $50,000 a year."
"Because we're quite a large company, the price wasn't too much of a factor for us."
"The solution is more reasonably priced than its competitors."
"We are seeing ROI in terms of having SecureApp."
"I believe our cost is more than $100,000 per year."
"If you don't buy their premium support, their technical support is not great and you can only call during daytime hours. So, we ended up purchasing their premium support."
"For us it's around $40,000 or so."
"Our evaluation showed that Tufin's features were on par with AlgoSec, but Tufin was the better financial choice."
report
Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
19%
Financial Services Firm
16%
Manufacturing Company
9%
Healthcare Company
6%
Financial Services Firm
19%
Computer Software Company
15%
Manufacturing Company
10%
Retailer
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about FireMon?
I like the Security Manager console where we can see any changes that have been made or pull the results of an assessment and control the policies that we implement.
What is your experience regarding pricing and costs for FireMon?
Comparatively, FireMon has a very good price and is below the general competition in cost. I have not seen any additional fees beyond the general contract fees for the usage I have. So, I have not ...
What needs improvement with FireMon?
For one company I work with, I use Fortinet, and FireMon is not able to understand the zones that Fortinet uses. Part of that compliance piece does not provide me with the necessary information. An...
What do you like most about Tufin SecureCloud?
The most valuable feature of Tufin is security auditing. We are able to check the rules and compliance of the company, for example, what is allowed or not. We are able to check the rules over diffe...
What needs improvement with Tufin SecureCloud?
The design needs improvement, particularly in recognizing target devices and target files. Additionally, there's a need for an improved network map.
What is your primary use case for Tufin SecureCloud?
My primary use case involves applying firewall policies faster from a central point. Additionally, I would like to use it to generate reports, but this hasn't occurred yet.
 

Also Known As

No data available
Tufin SecureCloud
 

Overview

 

Sample Customers

Convey, MGM Resorts International, Southwest Airlines, Alkami, Costco, Aetna, IBM, Verizon, Wells Fargo
3M, AT&T, Blue Cross Blue Shield, BNP Parabas, ConocoPhillips, Deutsche Bank, GE, IBM, Pfizer, United States Postal Service 
Find out what your peers are saying about FireMon Security Manager vs. Tufin Orchestration Suite and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.