Try our new research platform with insights from 80,000+ expert users
IT Security Assistant Manager at Octopus Cards Limited
Real User
Compliant, stable, scalable, with good support
Pros and Cons
  • "The most valuable feature is the Firewall reviews for our company compliance."
  • "The advanced features are complex in setting up the rules."

What is most valuable?

The most valuable feature is the Firewall reviews for our company compliance.

What needs improvement?

The review process is an area that needs improvement. We would like to review the rules and be able to make comments.

The advanced features are complex in setting up the rules.

I would like to see level mapping available with other products improved, to allow other products to build the level mapping. It does not have an export in Visio.

For how long have I used the solution?

I have been working with FireMon for half a year.

We are using version 8.

What do I think about the stability of the solution?

This solution is stable.

Buyer's Guide
FireMon Security Manager
November 2024
Learn what your peers think about FireMon Security Manager. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.

What do I think about the scalability of the solution?

It's a scalable product. We have five to eight people who are using this solution in our company.

How are customer service and support?

Technical support is fine. I don't have any other issues.

Which solution did I use previously and why did I switch?

I have not worked with any product that is similar previously.

How was the initial setup?

Most of the setup was easy for us, but the advanced features are more complex.

What's my experience with pricing, setup cost, and licensing?

Pricing is reasonable.

Licensing fees are paid every year.

What other advice do I have?

It's a good solution that is stable, I would recommend this solution to others.

I would rate FireMon an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Network Solution Architect at a manufacturing company with 10,001+ employees
Real User
An agile network security policy platform that provides 360-degree views, but comes with limited functionality
Pros and Cons
  • "FireMon is nice and provides 360-degree user views."
  • "I don't like that it comes with bugs, constant issues, and limited functionality."

What is most valuable?

FireMon is nice and provides 360-degree user views. You can also find the information you're looking for pretty easily.

What needs improvement?

I don't like that it comes with bugs, constant issues, and limited functionality. I would like to have enhanced change management reporting support for UTM features in the next release.

For how long have I used the solution?

I have been using FireMon for six months.

What other advice do I have?

On a scale from one to ten, I would give FireMon a five.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
FireMon Security Manager
November 2024
Learn what your peers think about FireMon Security Manager. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.
it_user560244 - PeerSpot reviewer
Clinical Systems Engineer So Cal Regional Office at a healthcare company with 1,001-5,000 employees
Real User
Easy setup, where a non-IT person can install the tool
Pros and Cons
  • "Vendor agnostic when it comes to integrating with other product."
  • "A phone app would be nice. This is the reason why it is not perfect yet."

What is most valuable?

  • Vendor agnostic when it comes to integrating with other product.
  • Reliable
  • Excellent customer support

How has it helped my organization?

This product has enabled Kaiser Permanente Clinical Technology technicians with proactive/remote monitoring of highly critical systems.

What needs improvement?

A phone app would be nice. This is the reason why it is not perfect yet.

For how long have I used the solution?

12 months.

What do I think about the stability of the solution?

No problems.

What do I think about the scalability of the solution?

No problems.

How are customer service and technical support?

A 10 out of 10.

Which solution did I use previously and why did I switch?

No previous solutions were used.

How was the initial setup?

Since a non-IT person like me was able to setup the system from scratch, I would say that it is not complex at all.

What's my experience with pricing, setup cost, and licensing?

Relative to what it offers, the price is fair.

Which other solutions did I evaluate?

FireMon Immediate Insight was the only product that would work for us, due to the limitations that the Clinical Technology Department has at KP.

What other advice do I have?

It is a very versatile and sustainable product.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
GISA at a tech vendor with 201-500 employees
Real User
Top 20
Provides us with very good real-time compliance management
Pros and Cons
  • "For the cleanup of firewall rules, it performs really well for us. We utilize it in our regular rule cleanup tasks, several times a year. FireMon is our primary tool when doing that, either by going through its out-of-the-box compliance rules or using it to search for certain things in our rules that we want to prune from our firewalls."
  • "When it comes to real-time compliance management, something that is missing is alerting on certain, predefined controls. It would be good to have a predefined set of controls which, if not complied with in a newly set up rule, would create an alert for us. That is something that is missing, out-of-the-box."

What is our primary use case?

Our main use case is the monitoring of changes on our firewalls. Another of our use cases is keeping firewall rules in good shape by doing regular rule reviews, using FireMon's built-in categories for rules and even deploying our own. Additionally, we used FireMon when we did internal firewall migration, meaning we were switching to a new generation of firewalls.

How has it helped my organization?

The solution has decreased errors and misconfigurations that would otherwise increase risk in our environment.

In addition, when we migrated to a new generation of firewalls, FireMon was of help when doing a first benchmark of the new solution and the initial setup.

It also identifies risks in our environment and helps prioritize fixes for them. The compliance module in Security Manager does that by watching overall rules and any changes, and benchmarking them against a pre-setup set of controls. It notifies us if any control has failed. That's how we monitor whether our firewall rules are compliant with a pre-set benchmark.

Firewall policy rule cleanup doesn't need to be a priority for a company to justify using FireMon, given that it makes that job much easier and faster. That means you don't need to allocate as many resources to do that work. It's now incomparably easier to do things like a rule review.

Overall, our monitoring and compliance are on much higher levels. The visibility we have into our firewall rules is much better now than it was prior to having FireMon.

What is most valuable?

One of the most valuable features is the compliance feature, which is something that we really utilize in Security Manager. It has a set of controls that we tuned a little bit from the way they came out-of-the-box, and created a custom set of rules that we are monitoring and that we want to have inline in our environment. It's a very good solution for real-time compliance management.

And for the cleanup of firewall rules, it performs really well for us. We utilize it in our regular rule cleanup tasks, several times a year. FireMon is our primary tool when doing that, either by going through its out-of-the-box compliance rules or using it to search for certain things in our rules that we want to prune from our firewalls.

What needs improvement?

When it comes to real-time compliance management, something that is missing is alerting on certain, predefined controls. It would be good to have a predefined set of controls which, if not complied with in a newly set up rule, would create an alert for us. That is something that is missing, out-of-the-box. We have tried to work around it by setting up email notifications, but it would be nice if it came with the product. That would really turn it into real-time monitoring for us. 

The workaround works for us, and the out-of-the-box setup is also good, but it expects you to be constantly watching and monitoring the solution itself. That's a bit hard when you have more than one solution to work on. You cannot just watch one and keep an eye on it for something that's non-compliant. Having an alert would be much easier for us. Still, it's a good tool for that kind of monitoring, for us.

For how long have I used the solution?

I have been using FireMon for about two years.

What do I think about the stability of the solution?

FireMon is quite stable. We haven't had any stability issues with it so far.

What do I think about the scalability of the solution?

It's quite scalable. The process of adding modules has gone quite well. Anytime we have needed to increase it, there hasn't been a problem.

We use it extensively; if not on a daily basis then on a weekly basis. There are periods when we use it even more intensely when doing reviews.

How are customer service and support?

They really give us great support. When thinking of the level of support that we get from some other vendors, FireMon's support is really good. They have a good, knowledgeable support team around the world. We have offices in Europe and California. Whenever we have had any type of issue and have needed their support, whether the issue is in Europe or California, we have had really great support from them.

Which solution did I use previously and why did I switch?

We did not have a previous solution.

How was the initial setup?

We had a FireMon support engineer for the initial setup and it looked fairly straightforward, but it definitely needed some FireMon knowledge. Since then, we have onboarded a number of new devices in FireMon on our own, and that part is quite straightforward. But setting up the system itself is something that requires the knowledge of a FireMon engineer.

For the deployment, there was a month of weekly sessions with the engineer to get it working.

We have three people, within our security staff, who are using FireMon regularly. The three of us were involved in deploying and we work on maintaining it. It's a shared effort. None of us is working full-time on FireMon.

What's my experience with pricing, setup cost, and licensing?

There are no costs in addition to the standard licensing fees.

Which other solutions did I evaluate?

We talked about other solutions with different partners, and based on that we decided to go with FireMon. We did have a proof of concept with them before going live, and we liked it and the options it had, so we decided to go forward.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
it_user494046 - PeerSpot reviewer
Information Security Engineer at a energy/utilities company with 51-200 employees
Vendor
It helped us identify unused rules, reducing the load on the firewalls.

What is most valuable?

The Configuration Change Management feature was something we were interested in as it helped us to identify who made the change, when and why. Also, the workflow was easy to set up to ease operations.

The second important feature I liked was determining unused rules - rules placed incorrectly in the ACL - this helped us to reduce the load on the firewalls, thus we didn’t have to buy a new firewall due to high CPU or memory consumption. With the help of FireMon, we fine-tuned the rules and were able to save money for buying a new firewall.

How has it helped my organization?

As mentioned, we were able to ease the operations and set up a workflow that allowed the firewall and other network-related requests to go through a formal approval process. This helped to track who, when and why the request was done.

Also, removing redundant rules and placing the rules at the correct place helped lower CPU and memory consumption.

What needs improvement?

I would have preferred fewer updates, as there were quite a few updates made every now and then. Secondly, the Risk Management Module didn’t work well until you have the all of the subnets mapped. This can be improved.

For how long have I used the solution?

I used it for two years.

What was my experience with deployment of the solution?

I didn’t really encounter any deployment issues. However, sometimes the GUI used to crash when it tried to populate the device map; we had a lot of devices. At times, the map displayed fine, even though it took some time to show up; and at other times, the GUI crashed. This should be fixed.

How are customer service and technical support?

Technical support was fine; they have good technical people. However, support can be improved, if they become more responsive.

Which solution did I use previously and why did I switch?

I did not previously use a different solution.

How was the initial setup?

Initial setup was fine; you just need to map certificates between the sensor and the Application Server, which was something different. It can be sorted out through some other methods as well. I don’t exactly remember, but we faced one issue and to resolve it, we had to install the certificates again to get it working.

What about the implementation team?

Implementation was done by the vendor team.

What's my experience with pricing, setup cost, and licensing?

Although I have left the company, I heard that since the license renewal cost was too high, management decided not to renew it. The vendor should reduce the license renewal cost.

Which other solutions did I evaluate?

I personally did not test any other alternative, but I heard management evaluated Skybox as well; they eventually chose FireMon. It was a management decision, so I don’t know why others were rejected.

What other advice do I have?

Check the renewal cost, and determine whether the Risk Management Module is mature enough and whether GUI crash issues have been fixed or not. Maybe for small companies, it comes up fine, but for large environments, it might cause issues.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user630399 - PeerSpot reviewer
it_user630399FireMon Customer Success Manager at FireMon
Real User

Thank you for providing your detailed feedback on FireMon Security Manager. We truly appreciate the investment of your time to post a review.

In regards to your statement about issues displaying the device map; It is highly recommended to organize devices into device groups. This improves usability for organizations with a large number of devices, and reduces the amount of time taken to display the device map.

it_user489861 - PeerSpot reviewer
Regional Manager Enterprise Data Infrastructure and Information Security at a comms service provider with 51-200 employees
Vendor
RA excels at identifying risk exposure areas.

Valuable Features

Security Manager (SM) and Risk Analyzer (RA) are the most valuable features to me. SM assesses a network's security posture in terms of deployed policies, redundant policies, duplicate policies, etc. RA takes a snapshot of everything connected to and within the network down to the end points. It recommends security policies that would improve and further secure the network from potential threats etc.

Improvements to My Organization

The product is extremely helpful in policy analysis and improvement. RA was exceptional is identifying risk exposure areas.

Room for Improvement

Although there is nothing 'wrong' in FireMon's support for other vendors, with the advent of SDN, NGFW, etc., I think FireMon will have to cover more layer 3 devices from different vendors. Again, their current database covers almost all of the major vendors: Cisco, Juniper, Fortinet, etc. However, there is always room for growth in this particular area.

Use of Solution

I have used this solution since 2012.

Stability Issues

We have not encountered any issues with stability so far.

Scalability Issues

We have not encountered any issues with scalability so far.

Customer Service and Technical Support

Their technical support is superior.

Pricing, Setup Cost and Licensing

Pricing and licensing is structured well and FireMon was very helpful in meeting the target budget for this project.

Other Solutions Considered

We looked at AlgoSec before choosing FireMon.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user448857 - PeerSpot reviewer
Security Consultant at a tech services company with 501-1,000 employees
Consultant
Rule comparison and filters are an easy way to check if you policy is concise and clean.

Valuable Features

The instant and complete network graphical view it provides is amazing. Alerts give you complete control of firewall changes, its amazing for compliance and security policy validation. Rule comparison and filters are an easy way to check if you policy is concise and clean, giving your firewall the best performance and readability.

Improvements to My Organization

We managed around 70 different firewalls in more than 25 countries all over the world. The firewalls were from different vendors such as Palo Alto, Checkpoint, Cisco, Juniper, etc. FireMon helped to decrease the workload on risk analysis and also firewall rulebase review time by 50%, at least due to its very elaborate and easy to use filters.

Room for Improvement

It’s been a constant need not only to analyze firewall rules and configurations but also implement them, for which FireMon has no support. Also some of the firewall analysis involve weak password policy, FireMon could implement a way to send firewall hashes, when they exist, to third party cracking softwares.

Use of Solution

I used this solution for about three years in my previous job. I primarily used the Policy Planner and Policy Optimizer modules.

Deployment Issues

The deployment was already easy for v7.0, the upgrade to v8.0 is even easier.

Stability Issues

We had no issues with the performance.

Scalability Issues

It's been able to scale for our needs.

Customer Service and Technical Support

I would rate it 8/10. The only reason I don’t rate it 10/10 is because of the response time which, for us, sometimes took a little bit longer then expected. Customer service and technical support is very good.

Initial Setup

The initial setup was very easy and straightforward and we had no problems implementing it.

Implementation Team

It was initially implemented by a vendor team, but the implementation could easily be done in house.

Pricing, Setup Cost and Licensing

FireMon is not a cheap solution but its price is well balance for what it has to offer.

Other Solutions Considered

We have evaluated FireMon’s competitors like AlgoSec and others, but found FireMon to be the best solution for our needs due to having a complete set of tools.

Other Advice

Be sure you read all the specs, and test the application as deeply as you can to ensure it meets all your requirements.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user586950 - PeerSpot reviewer
it_user586950Customer Success Manager at FireMon
Real User

Felipe, thank you for taking the time to write a review of FireMon. I am glad to see you are finding overall satisfaction with the product. Please feel free to drop us a note at customersuccess@firemon.com with any future questions or concerns.

it_user453555 - PeerSpot reviewer
President at a tech services company with 51-200 employees
Consultant
efficient way to clean the firewall from unused, redundant, shadowed rules that create unnecessary risks and impacts performance.

What is most valuable?

  • Firewall cleanup - the best and most efficient way to clean the firewall from unused, redundant, shadowed rules that create unnecessary risks and impacts the firewalls performance overtime. Also, it helps with the PCI compliance.
  • Rule use analysis.

How has it helped my organization?

  • Improved change workflow
  • Optimized my firewalls
  • Meet PCI compliance
  • Enhanced security

What needs improvement?

Needs more functional basic workflow for the Policy Planner for those who do not need a fully customized workflow.

For how long have I used the solution?

One year.

What do I think about the stability of the solution?

No issues encountered.

What do I think about the scalability of the solution?

No issues encountered.

How is customer service and technical support?

I've found technical support to be a 9/10.

How was the initial setup?

Straightforward.

What's my experience with pricing, setup cost, and licensing?

Add infrastructure devices to the firewalls and negotiate an overall discount that way. Needed to get insight into configurations.

Which other solutions did I evaluate?

Tufin and AlgoSec were evaluated as well.

What other advice do I have?

The customized workflow is worth it. If you are considering to migrate to new firewalls, implement FireMon because it will make your migration much easier. Also, cleaning up some slow firewalls will help you extend its life.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partners
PeerSpot user
it_user586950 - PeerSpot reviewer
it_user586950Customer Success Manager at FireMon
Real User

Gus, thank you for taking the time to write a review of FireMon. I am glad to see you are finding overall satisfaction with the product. Please feel free to drop us a note at customersuccess@firemon.com with any future questions or concerns.

See all 2 comments
Buyer's Guide
Download our free FireMon Security Manager Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free FireMon Security Manager Report and get advice and tips from experienced pros sharing their opinions.