The increasing complexity of networks, driven by the constant influx of new devices, applications, and cloud services, presents a daunting challenge for managing firewall policies and rules. A typical enterprise environment has millions of rules, and just one simple misconfiguration can lead to devastating consequences like compliance violations, outages, and data breaches.
The most valuable features of FireMon, according to the reviews, are:
- Ability to configure multiple devices and consolidate them into a single desktop for centralized management of security devices.
- Built-in cleanup reports and unused objects feature for improved cleanup and hygiene of the environment.
- Real-time compliance management capabilities, including automatic warnings for rule violations.
- Ease of use and user-friendly interface. - Security assessments and ability to identify unused rules or objects.
- Historical logs and documentation for accountability and compliance purposes.
- Automation features for reducing human error and operational overhead. - Change normalization and reporting for tracking and analyzing configuration changes.
- Dashboard for identifying high-risk rules and prioritizing fixes.
- Decreased errors and misconfigurations, improving security posture.
Improvements needed on FireMon include user-friendliness of the UI and training for configuring new users or operators, responsiveness of the technical support team, lack of a cloud component and automation for updates, absence of a basic command manual, inability to identify and prioritize risk, limitations in drawing the full network topology and handling asymmetric routing, lack of predefined controls for alerting, limited accessibility and openness of the system for troubleshooting, stability issues affecting operations, difficulties with rule consolidation and cleanup, issues with detection of VPNs and UDP rules, limitations in handling firewall brands and complex network configurations, lack of automatic warning for compliance policy violations, need for enhanced reporting capabilities, improvements in ease of integration and policy automation, better control and sharing of reports, and enhanced support for individual vendors and their specific features. Additionally, the management of the Linux appliance could be made more transparent and user-friendly for Windows-based organizations.
FireMon provides valuable benefits that are difficult to quantify in terms of ROI. It saves time, improves security, and helps in preventing cyber security incidents. It allows for accurate creation, approval, and deployment of firewall policy rules, reducing errors and misconfigurations that increase risk. The solution also identifies unintentional firewall rule usage, enabling immediate fixes. While the solution works well with simple firewalls, it struggles to scale with complex firewalls, requiring additional manual work. Despite this, FireMon has shown a return on investment through the completion of numerous projects tied to future-oriented processes. These projects have resulted in significant improvements in firewall management and hygiene, decreasing errors and misconfigurations. FireMon's reporting capabilities also help in correcting inaccurate firewall change requests and ensure the correct placement of firewall rules. Overall, FireMon's ROI is evident in the time saved and enhanced security it provides.
Users have generally found the pricing for FireMon to be reasonable and straightforward. There are no hidden fees or additional costs beyond the standard licensing fees. Some users have experienced sticker shock due to the pricing being per device, but they believe it is worth the cost as it saves them significant time and resources. While the pricing was initially good, there have been some slight increases in recent years. However, overall, users do not have major issues with the pricing and consider it average or fair. It should be noted that FireMon is generally considered an expensive solution compared to its competitors. The pricing is module-based, with different tiers for licensing and support. Users usually opt for both licensing and support for their modules. In some cases, there may be extra costs for upgrades, system failures, or consultants.
The primary use case of FireMon is for monitoring, reporting, and logging purposes. It is used to capture logs and events from enterprise firewalls, collect configurations, and ensure that firewall rules are up to date and being used. FireMon is also used by MSSPs to monitor security devices on customer sites. It is used to prevent bad things from happening within the infrastructure and to keep track of firewall devices as an inventory database. FireMon is used for monitoring changes on firewalls, conducting regular rule reviews, and helping with firewall migrations. It provides visibility into all rule sets and helps with troubleshooting. Additionally, FireMon is used for automating ticket resolution, firewall management, security management, firewall health, and processing firewall change requests. It is used for firewall rule analysis, firewall rule certification, PCI compliance, managing personal data, preventing data loss, and decommissioning firewalls. FireMon's Security Manager module is used for reporting, auditing firewall changes, tracking firewall hygiene, and applying firewall rules correctly. It is also used to identify unused rules and objects. FireMon is used by a range of organizations, from small groups to enterprise environments.
The customer service and support of FireMon have received mixed reviews. Some customers have had positive experiences, noting that the support team is quick to respond and provide helpful assistance. They appreciate the promptness and efficiency of the technical support, with some rating it as 10 out of 10. The support team is described as knowledgeable and patient, meeting compliance and IT risk deadlines. Additionally, the support team is praised for their global availability, providing great support regardless of the location of the issue. However, there are also some areas for improvement mentioned by customers. Some have experienced delays in receiving detailed answers to their questions, and there have been instances where the support team was not aware of changes in new releases. Despite these concerns, most customers still find the technical support to be good and helpful, rating it around 7 to 9.5 out of 10. In summary, FireMon's customer service and support have shown strengths in responsiveness, knowledge, and availability, but there is room for improvement in terms of communication and staying up-to-date with changes in the product.
The setup for FireMon was described as straightforward, easy, and simple by multiple reviewers. Some mentioned that it only took a few hours or even 20 minutes to complete. However, a few reviewers did mention that there were some hiccups and more detailed configurations that caused minor issues and required some troubleshooting. Overall, the initial setup process was manageable and not overly complex.
The solution of FireMon is considered scalable based on the number of licenses. It has been effective for a small shop with 10 users who use it once a week. The ability to scale up or down easily is mentioned, with new customers being added by setting up a VM. However, there is potential for more scalability, especially in a cloud environment. The on-premises deployment is described as pretty scalable, with the ability to add more collectors by spinning up new VMs. There may be some limitations in terms of processing capacity and integration with Palo Alto, but overall, the solution is capable and being extensively used within organizations. The scalability of FireMon is commended, with the ability to add resources, data collectors, and scale as the company grows. It can be deployed across multiple servers for larger organizations.
The solution of FireMon is highly stable with no downtime. It has been running efficiently for long periods of time without any issues. Once it is deployed, it requires minimal maintenance and monitoring. Some users have experienced minor stability issues, such as false negatives and swap file issues, but these problems were promptly addressed by FireMon. However, there have been cases where the solution could not be used due to stability issues, and some users have faced challenges with specific versions of the software. Overall, the stability of FireMon is considered favorable, with only a few isolated incidents of downtime or performance issues.
FireMon’s Security Manager is a purpose-built network security policy management (NSPM) platform that automates the management of firewall and cloud security policies to eliminate policy-related risk, accurately and quickly change rules, and meet internal and external compliance requirements.
Convey, MGM Resorts International, Southwest Airlines, Alkami, Costco, Aetna, IBM, Verizon, Wells Fargo