Try our new research platform with insights from 80,000+ expert users
Network Administrator at a computer software company with 51-200 employees
Real User
Reduces time and effort required to create compliance reports, but there have been issues with rule cleanup recommendations
Pros and Cons
  • "Compared to other applications, it is user-friendly. The appearance of the menus and titles is clear and they are easy to follow. Of course, it requires some experience through using it, to go through everything, but it is not very difficult. It is an easy application to use."
  • "I ran a report and FireMon suggested that certain tools were not used. When I removed them, while it didn't bring our environment down completely, a lot of our environment started malfunctioning. Our backup system did not work, nor did other things that involve internal and external communication. We are not comfortable with what it did."

What is our primary use case?

We were excited in the beginning about this solution because we have multiple firewalls in different regions, and so many rules. We wanted to find a solution that could organize our firewalls and remove the unused rules and redundant rules.

We use FireMon Security Manager. We don't use the Policy Planner or Policy Optimizer. We don't have a license for them. We started with a limited license and said, "If things go well with this, we'll go to the next step."

How has it helped my organization?

The solution has helped when it comes to the time and effort required to create compliance reports.

It has also given me some confidence in the changes I make. Before, I was very hesitant to make changes or remove rules. Now, FireMon has decreased the time I spend on that by 50 percent.

FireMon has also helped us when it comes to misconfigurations that increased risk in our environment. That is something that I have just discovered recently, when using it.

What is most valuable?

Compared to other applications, it is user-friendly. The appearance of the menus and titles is clear and they are easy to follow. Of course, it requires some experience through using it, to go through everything, but it is not very difficult. It is an easy application to use.

What needs improvement?

During the first year of use we mostly reviewed the results FireMon gave us and used that time to learn about it. We did not go with the recommended changes in-depth, and we did not have many problems. But this year, we tried to go into the details and follow the recommendations. It helped us to remove and clean up a lot of our redundant rules, historically. But in the meantime, especially when we tried to do some advanced rule consolidation or cleanup of historically unused rules, we encountered problems.

The solution does not detect traffic or activities that come and go through our local or site-to-site VPNs. So when we cleaned up some of those rules and encountered issues, we actually had to put them back.

It's not just the VPN, but it also misses some of the rules. Two weeks ago, I cleaned some rules with the FireMon. I ran a report and FireMon suggested that certain tools were not used. When I removed them, while it didn't bring our environment down completely, a lot of our environment started malfunctioning. Our backup system did not work, nor did other things that involve internal and external communication. We are not comfortable with what it did. Since then, I have been busy the whole time just reviewing all those rules and restoring some of them.

FireMon also does not detect the rules with UDP. That's another problem.

Another issue is that our compliance team wants to do some consolidation but that is also a problem because FireMon recommends consolidation based on the ports that we open. We have a grouping system with multiple groups. Under the consolidation grouping, FireMon suggests only based on the port. For example, if we use port 22, we have to share it across the board. It disorganizes the groupings that we have. So the consolidation is not working very well.

Our compliance team also creates reports using FireMon, reports that they send to me. Sometimes I can follow those reports, but most of the time I cannot. In the last two days, I received two huge reports on unused rules and I cannot really use them. At the same time, I'm using my own judgment and my own due diligence. When I doubt a rule, I go back to the firewall and run the history and compare things to help me decide. The problem is that if I always do that, it will take me a lot of time and the solution ends up being 50 percent useful and 50 percent not useful.

Buyer's Guide
FireMon Security Manager
November 2024
Learn what your peers think about FireMon Security Manager. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.

For how long have I used the solution?

I have been using FireMon for roughly two years.

What do I think about the scalability of the solution?

I guess it is scalable, but there is room for improvement. 

How are customer service and support?

I was not involved in the setup of FireMon but, later on, when I became involved working with it, I approached FireMon personnel through remote conferences and remote meetings. They helped over the course of several sessions and that was helpful.

Their technical support is very good, very responsive, and very helpful. They follow up on issues.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did not have a previous solution. We just relied on regular reviews of our firewalls and rules by looking at the history.

What's my experience with pricing, setup cost, and licensing?

The pricing was very good during our initial year, but they increased it this year a little bit. The price is okay. It is not cheap, but it is still average.

What other advice do I have?

It is not a bad tool. I still recommend it and I'm not against it. I recommend it because, overall, it has helped us to remove and clean 15,000 to 20,000 redundant unused rules. When we cleaned those, we were confident that they were not usable. They were very old. But we didn't just rely on FireMon's report. At the same time, we used our own judgment. When we blindly relied on the FireMon report, it created issues.

It's a good solution, but it is not something that you can 100 percent rely upon. It is a useful tool. At least it will help you up to a certain percentage.

We work according to the risks FireMon warns us about, but some of those recommendations are false alarms and others are valid. If it gives us 100 warnings, about 10 of them are valid.

Despite all the shortcomings, we still prefer to use it. At least we get some good recommendations and suggestions in the reports. We like it, despite the drawbacks.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
it_user456090 - PeerSpot reviewer
Senior Network Security Engineer at a local government with 1,001-5,000 employees
Real User
In addition to firewall auditing, we use it for rule traffic analysis, traffic flow discovery and hidden/shadow rules.
Pros and Cons
  • "Firewall auditing is very important. We also use the solution for rule traffic analysis, traffic flow discovery and hidden/shadow rules within over 100 firewalls spanning five different brands."
  • "One area for 7.x customers that needs improvement is the migration. It is an involved process so get ready to spend some time getting your environment back to the way it was."

What is most valuable?

Firewall auditing is very important. We also use the solution for rule traffic analysis, traffic flow discovery and hidden/shadow rules within over 100 firewalls spanning five different brands. These features are valuable as firewall rules are constantly added but its tough to determine what can get cleaned up over time. Knowing how frequently a rule is used, where redundant rules exist and documenting changes are important.

How has it helped my organization?

Since our network is large, someone new like myself has a challenge when we need to make changes to permit certain traffic. Often this traffic will traverse multiple firewalls and FireMon can help demystify where needed rules need to be implemented.

What needs improvement?

We just went from the v7.x to their latest web based v8.x which was a welcome change. One area for 7.x customers that needs improvement is the migration. It is an involved process so get ready to spend some time getting your environment back to the way it was. Another area that could use improvement is the traffic path analysis. FireMon uses learned zone data against interfaces to help determine traffic pathways. The catch here is in v8.x, you now have to specify a source or destination network which may throw off the results sending you to the incorrect firewall. Since we just upgraded last week, there aren't many other items that we can see as improvements as we are just getting familiar with this version.

For how long have I used the solution?

I've used this solution for a little over one year.

What was my experience with deployment of the solution?

The migration from v7 to v8 needs to be improved but we had no issues in the initial deployment.

What do I think about the stability of the solution?

We have a centralized server with data collector appliances placed between two data centers. We were losing change data because one of the collectors had too much load on it but we never knew. Support had to dig deep when we had our 7.x install and help balance out our firewall to collector ratio to ensure we weren't flooding any one collector.

What do I think about the scalability of the solution?

It's been able to scale for our needs.

How are customer service and technical support?

Their support is very good. They are generally responsive and I have needed to escalate only a couple of times.

Which solution did I use previously and why did I switch?

We had no solution in place prior to this. FireMon was the best choice as they really specialize in this niche market.

How was the initial setup?

Like anything new, we needed help from support to get our initial setup moving along. However once you learn the basics, it's not hard moving around the system.

What about the implementation team?

We did get FireMon's assistance during our initial implementation. I encourage this as every environment is different and for me it was worth the investment to get that initial startup help to get things going.

What other advice do I have?

Like any implementation, take time and plan. Engage users and stakeholders letting them know what this system can do and get it integrated within the organizational ecosystem. Like any solution, if it isn't used you simply don't get that potential dividend.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user586950 - PeerSpot reviewer
it_user586950Customer Success Manager at FireMon
Real User

Brendan, thank you for taking the time to write a review of FireMon. I am glad to see you are finding overall satisfaction with the product. Please feel free to drop us a note at customersuccess@firemon.com for any future questions or concerns.

Buyer's Guide
FireMon Security Manager
November 2024
Learn what your peers think about FireMon Security Manager. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.
GISA at a tech vendor with 201-500 employees
Real User
Top 20
The solution makes it much easier for us to track changes and perform audits
Pros and Cons
  • "I like the Security Manager console where we can see any changes that have been made or pull the results of an assessment and control the policies that we implement."
  • "We've had recurring issues managing FireMon's internal backups. Sometimes, the space allocated for the backup is full, and there is no process where it deletes files that are older than I certain date. It's just waiting for the storage to get full and then it's cleaned up. It isn't something that creates serious issues for us."

What is our primary use case?

We use Security Manager for firewall changes, monitoring, and audits. 

How has it helped my organization?

FireMon makes it much easier for us to track firewall changes and perform audits. It has made our compliance process more efficient. Before we implemented FireMon we had to go into each individual firewall and check the rules. Now, we pull a report, and that's it. 

We can monitor and implement changes across different firewall vendors. It lets us clean up our firewall rules regularly, which we do as part of our audit. It helps us save time managing firewall policies. We don't make changes to our firewall policies through FireMon, but we use it to track changes across various firewalls. It makes our internal processes more efficient and improves our visibility. 

It reduces risks. Better visibility and cross-vendor integration give us more control and context about potential changes. Having a product for monitoring critical changes is crucial for our security posture. 

What is most valuable?

I like the Security Manager console where we can see any changes that have been made or pull the results of an assessment and control the policies that we implement. That's useful for regular audits and monitoring some critical events we want to know about. We can configure alerts that notify us about policy changes. This is pretty beneficial for monitoring and helps us track changes in the projects. 

What needs improvement?

We've had recurring issues managing FireMon's internal backups. Sometimes, the space allocated for the backup is full, and there is no process where it deletes files that are older than I certain date. It's just waiting for the storage to get full and then it's cleaned up. It isn't something that creates serious issues for us.

For how long have I used the solution?

We have used FireMon for about two and a half years. 

What do I think about the stability of the solution?

FireMon is more or less stable. We've had some issues with backups failing. 

What do I think about the scalability of the solution?

I believe that FireMon is scalable. 

How are customer service and support?

I rate FireMon support seven out of 10. It varies depending on who you get. We sometimes get a highly knowledgeable agent, but other times, it seems like we just go in circles. It sometimes takes them a while to understand what we want. 

How was the initial setup?

FireMon professional services helped us during deployment, and it was relatively straightforward. Deployment took us around two months. 

What was our ROI?

FireMon is working on our project scope. We save some labor power on our side. 

What other advice do I have?

I rate FireMon Security Manager eight out of 10. It has many more features than we use, but we have a limited scope. I think we could've done more had we used that momentum when we were implementing it. 

Even if you think having a firewall management solution isn't a priority, the FireMon can provide more visibility and make some tasks easier, faster, and more efficient.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Asst. Manager Finance at a insurance company with 5,001-10,000 employees
Real User
Stable with good support and very easy to use
Pros and Cons
  • "The technical support is very good. They've always been helpful."
  • "The cost of the solution is pretty expensive. It would be ideal if they could work on their pricing."

What is our primary use case?

We act as a business partner for our clients. We're implementors. Each client has a different use case. 

What is most valuable?

The solution is very stable. We haven't found there are any issues with its reliability.

The product scales well. You can really expand it if you need to.

This product is very simple to use. In that sense, it's one of the best on the market.

The technical support is very good. They've always been helpful.

What needs improvement?

I personally have started using it recently, therefore it's hard to pinpoint if anything is lacking. I need more time with the product.

The cost of the solution is pretty expensive. It would be ideal if they could work on their pricing.

For how long have I used the solution?

My company has been using the solution for around five years or so. It's been a while at this point.

What do I think about the stability of the solution?

The solution is very stable. We've found it to be reliable. It doesn't crash or freeze. It's not buggy or glitchy.

What do I think about the scalability of the solution?

If a company needs to expand the solution they can. The product is very scalable. We've been satisfied with it.

We've currently applied for 20 users.

How are customer service and technical support?

We occasionally need the assistance of technical support. We've always found them to be helpful and responsive. We're satisfied with the level of support we get.

How was the initial setup?

The installation is pretty straightforward. It didn't take much time to install. It will take around 10 days of time to install in an environment similar to ours.

We have 30 people that deploy the solution to different organizations.

What about the implementation team?

We're the deployment team. We implement this solution for clients.

What's my experience with pricing, setup cost, and licensing?

The solution is expensive. It's not the cheapest option.

We've pre-paid for the license. We don't have to pay for it on a monthly basis.

What other advice do I have?

We're using the latest version of the solution currently. 

I'd rate the solution ten out of ten. I've been very happy with the product overall. 

I'd recommend the solution as it's so easy to use. Clients are very happy with it.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
it_user617388 - PeerSpot reviewer
Works at a financial services firm with 1,001-5,000 employees
Vendor
We use the forwarding capabilities and we use it for cleanup.

What is most valuable?

We use the forwarding capabilities because we don't have another way to report on the firewall. We use it for cleanup and also for our biannual firewall review. Pretty much that's the big reason that we use FireMon.

How has it helped my organization?

The time that it takes for us to do the review: Previous to FireMon, we would have to go through the firewall pretty much manually, every line. This took an incredible amount of time. With the FireMon product, we did notice a significant decrease in the time that it takes for us to do any type of review. Also, just a general report, if you have an inquiry throughout the year, without actually doing a full review, you can just go to FireMon and click a few buttons and it tells you what you need to know. There's no need to dig around and spend additional time. So, it's mainly time.

What needs improvement?

We've had issues with backups. We almost lost our database at one point. It would be nice to be able to back up the backup configuration to a network share or some other function. The only way that we know how to do it right now is to do a manual backup. Or the server backs itself up to itself, which is not helpful. If you lose the server, the backup that's stored on the server is also lost. So, it's not that helpful.

One thing that is missing is the ability to export the entire rule base of a firewall. Suppose we were going to be migrating to a different firewall. Not getting rid of FireMon, but moving to a different firewall; either a different vendor or a different model of a firewall. So instead of taking bad stuff, or maybe old stuff out of the current firewall and going to a new firewall and using the exact same configuration, we may want to export that information into an Excel spreadsheet or some other format, so that we could work with that data outside of FireMon. That would be really helpful. I've called FireMon, I've also played around trying to figure out if I could get it to work and I still didn't get it. Nobody knew how to get the info out of FireMon to work on it. Also, potentially the ability to import it back into the system and maybe get some sort of a diff report; a difference of the configuration from the system.

For how long have I used the solution?

I have used FireMin for about four years.

What do I think about the stability of the solution?

We have an issue sometimes with the listener for logging. Sometimes the listeners, the ports, go down and the server has to be rebooted. It's very, very rare that that happens, but we have noticed that's really the only stability issue that we've had. The server application itself seems to be very, very stable. Even when the port goes down, the app stays up. It just has to be reset. That may be every three months or so we may notice that.

What do I think about the scalability of the solution?

We have three major production firewalls pushing thousands of logs every hour to this one box. We have two boxes in both of our data centers but they push a lot of logs to these guys. We've never had any issues.

How are customer service and technical support?

I would rate support a 4/5. I sort of get the feeling when I send an email that it's a little bit of a slow response time. There are things that we do need immediate attention on and sometimes when you call, they'll ask you to send an email in. That's sort of a backwards approach to technical support. If I've already got somebody on the phone, they should be able to take my information and proceed with handling the triage of the call. I shouldn't have to hang up the phone, write an email, and then wait for a telephone call back from them. I would rather see some sort of support model that has a better flow to it.

Which solution did I use previously and why did I switch?

Previously, we did not have a different solution.

How was the initial setup?

Setup was fairly straightforward. Our system is in a virtual environment. We pretty much turned logging on for the firewall, pointed it to the FireMon server, added the firewall to the FireMon server. Within seconds, there were tens of blocks being pushed over there. The reports pretty much created themselves. You just had to run them.

What other advice do I have?

If someone asked me for advice, I would definitely say that it would help them, especially with being able to navigate through if you have a complex rule set. I would definitely suggest FireMon. It's been extremely helpful for us to have. Even though they're missing a few functions, it's still workable from our standpoint.

Being able to export to Excel isn't a huge turnoff. It's a nice feature to have but I would definitely suggest purchasing FireMon. Especially if you have a large environment where you're trying to trim down your rule base, you're trying to optimize your firewall, or you're just trying to find stuff that's sort of lost in your configuration.

Also change management: I believe it's a PCI requirement. We use FireMon as well for notifications and that's helped satisfy a PCI. I don't have anything in front of me that shows me all the requirements but I believe a review of rules that are changed is part of that requirement, so they help fulfill that, too.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
it_user630399 - PeerSpot reviewer
it_user630399FireMon Customer Success Manager at FireMon
Real User

Thank you for providing your detailed feedback on FireMon Security Manager. We truly appreciate the investment of your time to post a review.

To address your "Room for Improvment" comments:

The FireMon backups are placed in /var/lib/backup. This can be configured to be an NFS mounted file system from an external host. This would satisfy your desire for having backups placed on a network share.

The entire policy for a device can be exported to an XLS file from the | Policy | Policy View tab in Security Manager. The resulting XLS file will have separate worksheets for the security rules, network, objects, user objects, application objects, etc…

Please let us know if there is anything we can do to help you better utilize FireMon.

it_user588591 - PeerSpot reviewer
Enterprise Security Architect at a insurance company with 1,001-5,000 employees
Vendor
The normalization of the rule sets across different firewall platforms is valuable. Version 8 wasn't ready for prime time.

What is most valuable?

Holistically, the product is well thought out. The normalization of the rule sets across different firewall platforms is all valuable to us. You can't really separate it out; for me, you can’t.

How has it helped my organization?

I can mention high-level stuff. Basically, it gives us visibility that we were lacking; having everything being able to be viewed in one pane of glass. Instead of having to go jumping all over the place into the different platforms, you can use the tool to get a single pane of glass view.

It's not a jack-of-all-trades product; it's very focused. It does what it does and it does it well. We use it that way. Basically, that's the reason we obtained it. That's what we use it for: to normalize the platforms all into one single view. A place for us to do our analysis, review of rules and things of that sort.

What needs improvement?

I can mention a ton of areas with room for improvement, but from a high-level standpoint, I just don't think version 8 was ready for prime time, yet. They're still working on it. There are still major swaths of the tool that need attention. To get into the details, I would have to engage my engineers.

For how long have I used the solution?

We've had it in our portfolio since July of 2013.

What do I think about the stability of the solution?

We have not encountered any stability issues with the product itself. It's been easy to maintain, to upgrade and to do all of the support work for it. There hasn't been an issue with that at all.

What do I think about the scalability of the solution?

We have not encountered any scalability issues. We haven't run into a limitation yet.

How are customer service and technical support?

Any time we've engaged technical support for assistance, we've come away with a resolution, so the only thing that we've had difficulty with is programming or making fixes that require coding. That sometimes can take a little while.

Technical support is at least 8/10.

Which solution did I use previously and why did I switch?

We did not previously use a different solution. This was the first firewall management platform that we've used, except for the built-in, out-of-the-box tool that came with the platform.

How was the initial setup?

Initial setup was all pretty straightforward. You stand up your platform, get your database ready to go, and that all happens out of the box. Then, you start to populate it with your devices. It's all pretty straightforward.

Which other solutions did I evaluate?

Before choosing this product, we also evaluated Tufin and AlgoSec.

What other advice do I have?

Just like any other IT product on the market today, everything is green grass and high tides. Everything is beautiful. During the sales process, it's all, "Oh, just do this, do that." It's a little more than that. It's a little more complex and a little more effort than just, plug it in and go.

I think that's the mistake of many of the sales teams; that they sell the ease of implementation. I think they should just be straight up and honest with the purchaser, saying, "Look, it's going to take some effort and you're going to have to understand your environment. You're going to have to understand the network flows. You're going to have to understand how your network is segmented, so you can properly implement the tool."

I think when they try to make it seem easier than it really is, then that's inviting problems.

FireMon is just better than average. It's better than average, but not quite stellar yet. They've got a little work to do to address some of the challenges that could be introduced perhaps by the customer and the way the customer has used the different platforms. They have to be able to account for that, and react to it in a timely manner; at least come up with some sort of usable solution in the meantime when they do encounter a problem.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
it_user630399 - PeerSpot reviewer
it_user630399FireMon Customer Success Manager at FireMon
Real User

Thank you for providing your detailed feedback on FireMon Security Manager. We truly appreciate the investment of your time to post a review.

In regards to your statement about FireMon version 8, not ready for prime time, there have been quite a few version 8 revisions released to address stability issues and improve performance. The most recent version released is FireMon 8.15. Hopefully your organization has the latest version installed to take advantage of the performance improvements and new features.

it_user613533 - PeerSpot reviewer
Sr. Systems and Network Engineer at a recruiting/HR firm with 1,001-5,000 employees
Vendor
The most valuable feature is more or less the ability to look for the shadowed-based rules or rules that are being used.

What is most valuable?

The most valuable feature is more or less the ability to look for the shadowed-based rules or rules that are being used, and also for change management, i.e., getting alerts from the system. This helps us to determine who is making the changes and have that historical information to give back to our auditors and say, "Okay, these are the changes that we've made and these are the corresponding service tickets that apply to them."

The ability for spotting the shadowed-based rules helps us to eliminate overlapping rules that may not be otherwise needed or maybe under-used. It helps us to identify that stuff and gives us the ability to go back and audit the firewalls.

On the whole, it gives us the ability to determine what our security architecture looks like, so as to help secure our company better.

How has it helped my organization?

It's kind of a two-fold type thing for us. We were in the middle of a project, where we were migrating from one set of firewalls that were old to a newer set. So, this tool has allowed us to go through and identify rules that we could get rid off and allowed our rule sets to be a lot smaller than we originally had intended them to be. This helps us with our ongoing maintenance of our firewalls, so as to understand what's being used and what's not.

It helps us to just do a research into what rules are already in place, so that way we don't have to add anything and it is a quick lookup for us. Instead of having to go through maybe 10 different firewalls, we can easily trace through our network and say, "Okay, it has to touch each one of these firewalls and these are the rules and this is maybe where it's blocked at." This is a feature that we like to use and it helps us save time.

What needs improvement?

So far, we're not too much into the product yet. However, we're not really liking the web interface. We enjoy the so-called fat client a lot better because it just gives a bit more of the opportunities to work with the software faster, whereas there's been a huge learning curve for us to use the web interface. Then, we also have to learn their query language or define the details that we need.

Unfortunately, we are such a fast-paced environment that we don't have a lot of time to spend with the software to really learn it the way it probably should be learned. We have to kind of go back and reinvent it every single time we have to go look for something in particular. That's the only downside I can mention that we're having with the GUI.

For how long have I used the solution?

It's going on for at least three years now, if not more.

What do I think about the stability of the solution?

There were a few issues with stability initially, but luckily FireMon is very supportive in terms of their support staff. They have been able to identify the issues that we've been having, and in turn implement some kind of compensating mechanism or come up with a solution in order to fix it, so as to help us resolve our issues. Overall, we've been pretty happy with the support team.

What do I think about the scalability of the solution?

We have not had any scalability issues and I've been very impressed in that aspect. At one point, we had a single server and we overloaded it pretty quickly, with the amount of logs that we sent to it. The firewalls generate a ton of traffic as far as syslog goes. So, I had to out-size our environment to compensate for the additional logs and had to deploy to a couple of other different sites, that initially we didn't imagine having a need for. However, it scaled up great and we've had no issues with it since then.

How are customer service and technical support?

Overall, I would give the technical support team a 10/10. There have been maybe a few issues, here and there. Unfortunately, it has taken some time for them to resolve and it goes back to them, i.e., asking for updates, and working with myself and the team to understand what issues we're having. They try to help us resolve issues either through training or going back to the development team and asking for a feature.

Which solution did I use previously and why did I switch?

We didn't previously use any other solution. This was definitely one of the best of its breed that we researched. Eventually, this tool is what we selected to go with.

How was the initial setup?

The setup was pretty straightforward. It was just a matter of pointing the logs to the device and setting up a few basic things, so that it could go out and fetch the configurations/settings. Thus, it was relatively easy.

Which other solutions did I evaluate?

I believe the other option that we looked at was Infoblox and maybe one other tool. However, Infoblox was just too cumbersome and didn't offer a lot of features. In comparison, we felt that FireMon had those out-of-the-box features built-in.

What other advice do I have?

Definitely, you should look into how many syslogs you're getting because there is a limitation on how many syslog messages it can handle per second. We felt in a more distributed environment, it allowed us to support our network more adequately. So even with our main data centers, we had to usually have three or more collectors in order to deal with the amount of syslogs we're sending. We also had to include a few different offices needing their own implementation of data collectors.

This company does a pretty solid job and they're always constantly wanting to improve their products.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
SecArch3081 - PeerSpot reviewer
SecArch3081IT Security Consultant and Platform Architect at a pharma/biotech company with 10,001+ employees
Real User

Policy Test is extremely useful, as well--we use that constantly in request design phase to quickly identify zones and policy placement. Object search/Omni search is invaluable, as well, providing the ability to find all the rules that may need updating when a server migrates or is decommissioned. it would take forever to manually retrieve and search across hundreds of firewall configs.

See all 2 comments
it_user620586 - PeerSpot reviewer
Works at a financial services firm with 501-1,000 employees
Vendor
The Security Manager is the most valuable feature. It's been pretty stable.

What is most valuable?

The Security Manager is the most valuable feature.

How has it helped my organization?

It helps us eliminate rules that are not needed on the firewall and to consolidate them. It saves us a lot of time and makes my work easier.

What needs improvement?

Make writing the reports easier. There's a lot of canned reports and if you want to write a specific report that you're interested in looking at, it's rather hard because I'm not a programmer. I don't know all the programming languages needed to do that. I can look at what reports exist and try to take that and kind of change it to something that I want to see and it doesn't always work. It's not real easy to do.

For how long have I used the solution?

I have been using FireMon for about six months.

What do I think about the stability of the solution?

It's been pretty stable.

What do I think about the scalability of the solution?

I have not had any scalability problems at all.

How are customer service and technical support?

We have called them and they've always been really helpful. They've resolved our issue in a timely manner. I would rate them a 4/5.

Which solution did I use previously and why did I switch?

We didn't have any other solution. This is the first of its kind.

How was the initial setup?

Setup was straightforward. The instructions were really simple. We put in the basic information and then they scheduled some time with us to go through the setup and walk us through each one of the screens, what they do, what to look for and things like that. They kind of gave a little bit of a training class or training session.

What's my experience with pricing, setup cost, and licensing?

They set a round of what we wanted to see. They didn't just come in and say, "Here's how it works", because different companies are different. Different companies want to use it in different ways, so they found out what we wanted and helped us set the training up to look at things that we want to be able to use it for. That was nice.

Which other solutions did I evaluate?

We didn't evaluate any other products.

What other advice do I have?

I think it's a good product. It's very stable. It's quick and it's easy to learn. It's easy to run reports. There are a lot of reports that you can run. That helps the management of your firewall.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
SecArch3081 - PeerSpot reviewer
SecArch3081IT Security Consultant and Platform Architect at a pharma/biotech company with 10,001+ employees
Real User

Be careful with the "clean-up" report recommendations. Firemon tends to recommend deleting the hidden or shadowed rules, but those are often the more restrictive (better) rules, shadowed by an overly permissive rule at the top. Consider removing the top rule, and keeping the more restrictive policies.

See all 2 comments
Buyer's Guide
Download our free FireMon Security Manager Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free FireMon Security Manager Report and get advice and tips from experienced pros sharing their opinions.