FireMon Security Manager Reviews

It was used for firewall change review. For our company, it became an invaluable tool for auditing purposes.

It allowed us to track every change made to the firewall. We were able to see who made the changes, when the changes were made, and exactly what was modified.

We monitored multiple firewalls. In the version we used, we had to check the changes made on each firewall individually. We didn’t see a condensed list of changes across our environment.

I used it for 1.5 yrs.

We encountered minor issues with FireMon and its collection of data from Palo Alto firewalls. It required a small amount of additional time with system engineers on our side and on FireMon’s side to complete the deployment.

The customer service was excellent.

At the time we were using the product, it did seem like the tech support staff was very limited in size. I am sure they have grown more since we used this product.

We used another product (Tufin). For us, we needed to make a change because they lacked the ability to support Palo Alto (at that time). FireMon was a better fit with that firewall.

The initial setup was straightforward. Minimal support was required to complete it.

We implemented it through an in-house team. We required minimal assistance from the vendor.

There are very few products that can do what FireMon can. I would definitely recommend it if there is a need to review firewall changes.

The most valuable feature is the Firewall reviews for our company compliance.

The review process is an area that needs improvement. We would like to review the rules and be able to make comments.

The advanced features are complex in setting up the rules.

I would like to see level mapping available with other products improved, to allow other products to build the level mapping. It does not have an export in Visio.

I have been working with FireMon for half a year.

We are using version 8.

This solution is stable.

It's a scalable product. We have five to eight people who are using this solution in our company.

Technical support is fine. I don't have any other issues.

I have not worked with any product that is similar previously.

Most of the setup was easy for us, but the advanced features are more complex.

Pricing is reasonable.

Licensing fees are paid every year.

It's a good solution that is stable, I would recommend this solution to others.

I would rate FireMon an eight out of ten.

FireMon is nice and provides 360-degree user views. You can also find the information you're looking for pretty easily.

I don't like that it comes with bugs, constant issues, and limited functionality. I would like to have enhanced change management reporting support for UTM features in the next release.

I have been using FireMon for six months.

On a scale from one to ten, I would give FireMon a five.

• Vendor agnostic when it comes to integrating with other product.
• Reliable
• Excellent customer support

This product has enabled Kaiser Permanente Clinical Technology technicians with proactive/remote monitoring of highly critical systems.

A phone app would be nice. This is the reason why it is not perfect yet.

12 months.

No problems.

No problems.

A 10 out of 10.

No previous solutions were used.

Since a non-IT person like me was able to setup the system from scratch, I would say that it is not complex at all.

Relative to what it offers, the price is fair.

FireMon Immediate Insight was the only product that would work for us, due to the limitations that the Clinical Technology Department has at KP.

It is a very versatile and sustainable product.

Our main use case is the monitoring of changes on our firewalls. Another of our use cases is keeping firewall rules in good shape by doing regular rule reviews, using FireMon's built-in categories for rules and even deploying our own. Additionally, we used FireMon when we did internal firewall migration, meaning we were switching to a new generation of firewalls.

The solution has decreased errors and misconfigurations that would otherwise increase risk in our environment.

In addition, when we migrated to a new generation of firewalls, FireMon was of help when doing a first benchmark of the new solution and the initial setup.

It also identifies risks in our environment and helps prioritize fixes for them. The compliance module in Security Manager does that by watching overall rules and any changes, and benchmarking them against a pre-setup set of controls. It notifies us if any control has failed. That's how we monitor whether our firewall rules are compliant with a pre-set benchmark.

Firewall policy rule cleanup doesn't need to be a priority for a company to justify using FireMon, given that it makes that job much easier and faster. That means you don't need to allocate as many resources to do that work. It's now incomparably easier to do things like a rule review.

Overall, our monitoring and compliance are on much higher levels. The visibility we have into our firewall rules is much better now than it was prior to having FireMon.

One of the most valuable features is the compliance feature, which is something that we really utilize in Security Manager. It has a set of controls that we tuned a little bit from the way they came out-of-the-box, and created a custom set of rules that we are monitoring and that we want to have inline in our environment. It's a very good solution for real-time compliance management.

And for the cleanup of firewall rules, it performs really well for us. We utilize it in our regular rule cleanup tasks, several times a year. FireMon is our primary tool when doing that, either by going through its out-of-the-box compliance rules or using it to search for certain things in our rules that we want to prune from our firewalls.

When it comes to real-time compliance management, something that is missing is alerting on certain, predefined controls. It would be good to have a predefined set of controls which, if not complied with in a newly set up rule, would create an alert for us. That is something that is missing, out-of-the-box. We have tried to work around it by setting up email notifications, but it would be nice if it came with the product. That would really turn it into real-time monitoring for us. 

The workaround works for us, and the out-of-the-box setup is also good, but it expects you to be constantly watching and monitoring the solution itself. That's a bit hard when you have more than one solution to work on. You cannot just watch one and keep an eye on it for something that's non-compliant. Having an alert would be much easier for us. Still, it's a good tool for that kind of monitoring, for us.

I have been using FireMon for about two years.

FireMon is quite stable. We haven't had any stability issues with it so far.

It's quite scalable. The process of adding modules has gone quite well. Anytime we have needed to increase it, there hasn't been a problem.

We use it extensively; if not on a daily basis then on a weekly basis. There are periods when we use it even more intensely when doing reviews.

They really give us great support. When thinking of the level of support that we get from some other vendors, FireMon's support is really good. They have a good, knowledgeable support team around the world. We have offices in Europe and California. Whenever we have had any type of issue and have needed their support, whether the issue is in Europe or California, we have had really great support from them.

We did not have a previous solution.

We had a FireMon support engineer for the initial setup and it looked fairly straightforward, but it definitely needed some FireMon knowledge. Since then, we have onboarded a number of new devices in FireMon on our own, and that part is quite straightforward. But setting up the system itself is something that requires the knowledge of a FireMon engineer.

For the deployment, there was a month of weekly sessions with the engineer to get it working.

We have three people, within our security staff, who are using FireMon regularly. The three of us were involved in deploying and we work on maintaining it. It's a shared effort. None of us is working full-time on FireMon.

There are no costs in addition to the standard licensing fees.

We talked about other solutions with different partners, and based on that we decided to go with FireMon. We did have a proof of concept with them before going live, and we liked it and the options it had, so we decided to go forward.

We are resellers. All of our clients are enterprise companies. 

The firewall assessment feature is great.

FireMon could be easier to use and flexibility regarding reporting could be improved. 

I have been using FireMon for six months.

FireMon is both scalable and stable. 

I've never had to contact technical support. 

I used to work with AlgoSec. They are both very good products but they target different customers in our market. One is more expensive than the other. One is more simple than the other to use. For this reason, we decided to go with FireMon. The profile of our customers is more related to FireMon than AlgoSec.

The initial setup was very easy.

FireMon is cheaper than AlgoSec.

My advice is to make sure you choose the right reseller because it's not a product you should use by itself.

Overall, on a scale from one to ten, I would give FireMon a rating of eight. 

The Configuration Change Management feature was something we were interested in as it helped us to identify who made the change, when and why. Also, the workflow was easy to set up to ease operations.

The second important feature I liked was determining unused rules - rules placed incorrectly in the ACL - this helped us to reduce the load on the firewalls, thus we didn’t have to buy a new firewall due to high CPU or memory consumption. With the help of FireMon, we fine-tuned the rules and were able to save money for buying a new firewall.

As mentioned, we were able to ease the operations and set up a workflow that allowed the firewall and other network-related requests to go through a formal approval process. This helped to track who, when and why the request was done.

Also, removing redundant rules and placing the rules at the correct place helped lower CPU and memory consumption.

I would have preferred fewer updates, as there were quite a few updates made every now and then. Secondly, the Risk Management Module didn’t work well until you have the all of the subnets mapped. This can be improved.

I used it for two years.

I didn’t really encounter any deployment issues. However, sometimes the GUI used to crash when it tried to populate the device map; we had a lot of devices. At times, the map displayed fine, even though it took some time to show up; and at other times, the GUI crashed. This should be fixed.

Technical support was fine; they have good technical people. However, support can be improved, if they become more responsive.

I did not previously use a different solution.

Initial setup was fine; you just need to map certificates between the sensor and the Application Server, which was something different. It can be sorted out through some other methods as well. I don’t exactly remember, but we faced one issue and to resolve it, we had to install the certificates again to get it working.

Implementation was done by the vendor team.

Although I have left the company, I heard that since the license renewal cost was too high, management decided not to renew it. The vendor should reduce the license renewal cost.

I personally did not test any other alternative, but I heard management evaluated Skybox as well; they eventually chose FireMon. It was a management decision, so I don’t know why others were rejected.

Check the renewal cost, and determine whether the Risk Management Module is mature enough and whether GUI crash issues have been fixed or not. Maybe for small companies, it comes up fine, but for large environments, it might cause issues.

Security Manager (SM) and Risk Analyzer (RA) are the most valuable features to me. SM assesses a network's security posture in terms of deployed policies, redundant policies, duplicate policies, etc. RA takes a snapshot of everything connected to and within the network down to the end points. It recommends security policies that would improve and further secure the network from potential threats etc.

The product is extremely helpful in policy analysis and improvement. RA was exceptional is identifying risk exposure areas.

Although there is nothing 'wrong' in FireMon's support for other vendors, with the advent of SDN, NGFW, etc., I think FireMon will have to cover more layer 3 devices from different vendors. Again, their current database covers almost all of the major vendors: Cisco, Juniper, Fortinet, etc. However, there is always room for growth in this particular area.

I have used this solution since 2012.

We have not encountered any issues with stability so far.

We have not encountered any issues with scalability so far.

Their technical support is superior.

Pricing and licensing is structured well and FireMon was very helpful in meeting the target budget for this project.

We looked at AlgoSec before choosing FireMon.