It was used for firewall change review. For our company, it became an invaluable tool for auditing purposes.
Information Security Analyst at a financial services firm with 1,001-5,000 employees
It was valuable for auditing purposes.
What is most valuable?
How has it helped my organization?
It allowed us to track every change made to the firewall. We were able to see who made the changes, when the changes were made, and exactly what was modified.
What needs improvement?
We monitored multiple firewalls. In the version we used, we had to check the changes made on each firewall individually. We didn’t see a condensed list of changes across our environment.
For how long have I used the solution?
I used it for 1.5 yrs.
Buyer's Guide
FireMon Security Manager
November 2024
Learn what your peers think about FireMon Security Manager. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,660 professionals have used our research since 2012.
What was my experience with deployment of the solution?
We encountered minor issues with FireMon and its collection of data from Palo Alto firewalls. It required a small amount of additional time with system engineers on our side and on FireMon’s side to complete the deployment.
How are customer service and support?
Customer Service:
The customer service was excellent.
Technical Support:At the time we were using the product, it did seem like the tech support staff was very limited in size. I am sure they have grown more since we used this product.
Which solution did I use previously and why did I switch?
We used another product (Tufin). For us, we needed to make a change because they lacked the ability to support Palo Alto (at that time). FireMon was a better fit with that firewall.
How was the initial setup?
The initial setup was straightforward. Minimal support was required to complete it.
What about the implementation team?
We implemented it through an in-house team. We required minimal assistance from the vendor.
What other advice do I have?
There are very few products that can do what FireMon can. I would definitely recommend it if there is a need to review firewall changes.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Compliant, stable, scalable, with good support
Pros and Cons
- "The most valuable feature is the Firewall reviews for our company compliance."
- "The advanced features are complex in setting up the rules."
What is most valuable?
The most valuable feature is the Firewall reviews for our company compliance.
What needs improvement?
The review process is an area that needs improvement. We would like to review the rules and be able to make comments.
The advanced features are complex in setting up the rules.
I would like to see level mapping available with other products improved, to allow other products to build the level mapping. It does not have an export in Visio.
For how long have I used the solution?
I have been working with FireMon for half a year.
We are using version 8.
What do I think about the stability of the solution?
This solution is stable.
What do I think about the scalability of the solution?
It's a scalable product. We have five to eight people who are using this solution in our company.
How are customer service and technical support?
Technical support is fine. I don't have any other issues.
Which solution did I use previously and why did I switch?
I have not worked with any product that is similar previously.
How was the initial setup?
Most of the setup was easy for us, but the advanced features are more complex.
What's my experience with pricing, setup cost, and licensing?
Pricing is reasonable.
Licensing fees are paid every year.
What other advice do I have?
It's a good solution that is stable, I would recommend this solution to others.
I would rate FireMon an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
FireMon Security Manager
November 2024
Learn what your peers think about FireMon Security Manager. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,660 professionals have used our research since 2012.
Network Solution Architect at a manufacturing company with 10,001+ employees
An agile network security policy platform that provides 360-degree views, but comes with limited functionality
Pros and Cons
- "FireMon is nice and provides 360-degree user views."
- "I don't like that it comes with bugs, constant issues, and limited functionality."
What is most valuable?
FireMon is nice and provides 360-degree user views. You can also find the information you're looking for pretty easily.
What needs improvement?
I don't like that it comes with bugs, constant issues, and limited functionality. I would like to have enhanced change management reporting support for UTM features in the next release.
For how long have I used the solution?
I have been using FireMon for six months.
What other advice do I have?
On a scale from one to ten, I would give FireMon a five.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Clinical Systems Engineer So Cal Regional Office at a healthcare company with 1,001-5,000 employees
Easy setup, where a non-IT person can install the tool
Pros and Cons
- "Vendor agnostic when it comes to integrating with other product."
- "A phone app would be nice. This is the reason why it is not perfect yet."
What is most valuable?
- Vendor agnostic when it comes to integrating with other product.
- Reliable
- Excellent customer support
How has it helped my organization?
This product has enabled Kaiser Permanente Clinical Technology technicians with proactive/remote monitoring of highly critical systems.
What needs improvement?
A phone app would be nice. This is the reason why it is not perfect yet.
For how long have I used the solution?
12 months.
What do I think about the stability of the solution?
No problems.
What do I think about the scalability of the solution?
No problems.
How are customer service and technical support?
A 10 out of 10.
Which solution did I use previously and why did I switch?
No previous solutions were used.
How was the initial setup?
Since a non-IT person like me was able to setup the system from scratch, I would say that it is not complex at all.
What's my experience with pricing, setup cost, and licensing?
Relative to what it offers, the price is fair.
Which other solutions did I evaluate?
FireMon Immediate Insight was the only product that would work for us, due to the limitations that the Clinical Technology Department has at KP.
What other advice do I have?
It is a very versatile and sustainable product.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
GISA at a tech vendor with 201-500 employees
Provides us with very good real-time compliance management
Pros and Cons
- "For the cleanup of firewall rules, it performs really well for us. We utilize it in our regular rule cleanup tasks, several times a year. FireMon is our primary tool when doing that, either by going through its out-of-the-box compliance rules or using it to search for certain things in our rules that we want to prune from our firewalls."
- "When it comes to real-time compliance management, something that is missing is alerting on certain, predefined controls. It would be good to have a predefined set of controls which, if not complied with in a newly set up rule, would create an alert for us. That is something that is missing, out-of-the-box."
What is our primary use case?
Our main use case is the monitoring of changes on our firewalls. Another of our use cases is keeping firewall rules in good shape by doing regular rule reviews, using FireMon's built-in categories for rules and even deploying our own. Additionally, we used FireMon when we did internal firewall migration, meaning we were switching to a new generation of firewalls.
How has it helped my organization?
The solution has decreased errors and misconfigurations that would otherwise increase risk in our environment.
In addition, when we migrated to a new generation of firewalls, FireMon was of help when doing a first benchmark of the new solution and the initial setup.
It also identifies risks in our environment and helps prioritize fixes for them. The compliance module in Security Manager does that by watching overall rules and any changes, and benchmarking them against a pre-setup set of controls. It notifies us if any control has failed. That's how we monitor whether our firewall rules are compliant with a pre-set benchmark.
Firewall policy rule cleanup doesn't need to be a priority for a company to justify using FireMon, given that it makes that job much easier and faster. That means you don't need to allocate as many resources to do that work. It's now incomparably easier to do things like a rule review.
Overall, our monitoring and compliance are on much higher levels. The visibility we have into our firewall rules is much better now than it was prior to having FireMon.
What is most valuable?
One of the most valuable features is the compliance feature, which is something that we really utilize in Security Manager. It has a set of controls that we tuned a little bit from the way they came out-of-the-box, and created a custom set of rules that we are monitoring and that we want to have inline in our environment. It's a very good solution for real-time compliance management.
And for the cleanup of firewall rules, it performs really well for us. We utilize it in our regular rule cleanup tasks, several times a year. FireMon is our primary tool when doing that, either by going through its out-of-the-box compliance rules or using it to search for certain things in our rules that we want to prune from our firewalls.
What needs improvement?
When it comes to real-time compliance management, something that is missing is alerting on certain, predefined controls. It would be good to have a predefined set of controls which, if not complied with in a newly set up rule, would create an alert for us. That is something that is missing, out-of-the-box. We have tried to work around it by setting up email notifications, but it would be nice if it came with the product. That would really turn it into real-time monitoring for us.
The workaround works for us, and the out-of-the-box setup is also good, but it expects you to be constantly watching and monitoring the solution itself. That's a bit hard when you have more than one solution to work on. You cannot just watch one and keep an eye on it for something that's non-compliant. Having an alert would be much easier for us. Still, it's a good tool for that kind of monitoring, for us.
For how long have I used the solution?
I have been using FireMon for about two years.
What do I think about the stability of the solution?
FireMon is quite stable. We haven't had any stability issues with it so far.
What do I think about the scalability of the solution?
It's quite scalable. The process of adding modules has gone quite well. Anytime we have needed to increase it, there hasn't been a problem.
We use it extensively; if not on a daily basis then on a weekly basis. There are periods when we use it even more intensely when doing reviews.
How are customer service and support?
They really give us great support. When thinking of the level of support that we get from some other vendors, FireMon's support is really good. They have a good, knowledgeable support team around the world. We have offices in Europe and California. Whenever we have had any type of issue and have needed their support, whether the issue is in Europe or California, we have had really great support from them.
Which solution did I use previously and why did I switch?
We did not have a previous solution.
How was the initial setup?
We had a FireMon support engineer for the initial setup and it looked fairly straightforward, but it definitely needed some FireMon knowledge. Since then, we have onboarded a number of new devices in FireMon on our own, and that part is quite straightforward. But setting up the system itself is something that requires the knowledge of a FireMon engineer.
For the deployment, there was a month of weekly sessions with the engineer to get it working.
We have three people, within our security staff, who are using FireMon regularly. The three of us were involved in deploying and we work on maintaining it. It's a shared effort. None of us is working full-time on FireMon.
What's my experience with pricing, setup cost, and licensing?
There are no costs in addition to the standard licensing fees.
Which other solutions did I evaluate?
We talked about other solutions with different partners, and based on that we decided to go with FireMon. We did have a proof of concept with them before going live, and we liked it and the options it had, so we decided to go forward.
Which deployment model are you using for this solution?
On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
CEO at REDSHIFT CONSULTING
Improved our network security
Pros and Cons
- "The firewall assessment feature is great."
- "FireMon could be easier to use and flexibility regarding reporting could be improved."
What is our primary use case?
We are resellers. All of our clients are enterprise companies.
What is most valuable?
The firewall assessment feature is great.
What needs improvement?
FireMon could be easier to use and flexibility regarding reporting could be improved.
For how long have I used the solution?
I have been using FireMon for six months.
What do I think about the scalability of the solution?
FireMon is both scalable and stable.
How are customer service and technical support?
I've never had to contact technical support.
Which solution did I use previously and why did I switch?
I used to work with AlgoSec. They are both very good products but they target different customers in our market. One is more expensive than the other. One is more simple than the other to use. For this reason, we decided to go with FireMon. The profile of our customers is more related to FireMon than AlgoSec.
How was the initial setup?
The initial setup was very easy.
What's my experience with pricing, setup cost, and licensing?
FireMon is cheaper than AlgoSec.
What other advice do I have?
My advice is to make sure you choose the right reseller because it's not a product you should use by itself.
Overall, on a scale from one to ten, I would give FireMon a rating of eight.
Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
Information Security Engineer at a energy/utilities company with 51-200 employees
It helped us identify unused rules, reducing the load on the firewalls.
What is most valuable?
The Configuration Change Management feature was something we were interested in as it helped us to identify who made the change, when and why. Also, the workflow was easy to set up to ease operations.
The second important feature I liked was determining unused rules - rules placed incorrectly in the ACL - this helped us to reduce the load on the firewalls, thus we didn’t have to buy a new firewall due to high CPU or memory consumption. With the help of FireMon, we fine-tuned the rules and were able to save money for buying a new firewall.
How has it helped my organization?
As mentioned, we were able to ease the operations and set up a workflow that allowed the firewall and other network-related requests to go through a formal approval process. This helped to track who, when and why the request was done.
Also, removing redundant rules and placing the rules at the correct place helped lower CPU and memory consumption.
What needs improvement?
I would have preferred fewer updates, as there were quite a few updates made every now and then. Secondly, the Risk Management Module didn’t work well until you have the all of the subnets mapped. This can be improved.
For how long have I used the solution?
I used it for two years.
What was my experience with deployment of the solution?
I didn’t really encounter any deployment issues. However, sometimes the GUI used to crash when it tried to populate the device map; we had a lot of devices. At times, the map displayed fine, even though it took some time to show up; and at other times, the GUI crashed. This should be fixed.
How are customer service and technical support?
Technical support was fine; they have good technical people. However, support can be improved, if they become more responsive.
Which solution did I use previously and why did I switch?
I did not previously use a different solution.
How was the initial setup?
Initial setup was fine; you just need to map certificates between the sensor and the Application Server, which was something different. It can be sorted out through some other methods as well. I don’t exactly remember, but we faced one issue and to resolve it, we had to install the certificates again to get it working.
What about the implementation team?
Implementation was done by the vendor team.
What's my experience with pricing, setup cost, and licensing?
Although I have left the company, I heard that since the license renewal cost was too high, management decided not to renew it. The vendor should reduce the license renewal cost.
Which other solutions did I evaluate?
I personally did not test any other alternative, but I heard management evaluated Skybox as well; they eventually chose FireMon. It was a management decision, so I don’t know why others were rejected.
What other advice do I have?
Check the renewal cost, and determine whether the Risk Management Module is mature enough and whether GUI crash issues have been fixed or not. Maybe for small companies, it comes up fine, but for large environments, it might cause issues.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Regional Manager Enterprise Data Infrastructure and Information Security at a comms service provider with 51-200 employees
RA excels at identifying risk exposure areas.
Valuable Features
Security Manager (SM) and Risk Analyzer (RA) are the most valuable features to me. SM assesses a network's security posture in terms of deployed policies, redundant policies, duplicate policies, etc. RA takes a snapshot of everything connected to and within the network down to the end points. It recommends security policies that would improve and further secure the network from potential threats etc.
Improvements to My Organization
The product is extremely helpful in policy analysis and improvement. RA was exceptional is identifying risk exposure areas.
Room for Improvement
Although there is nothing 'wrong' in FireMon's support for other vendors, with the advent of SDN, NGFW, etc., I think FireMon will have to cover more layer 3 devices from different vendors. Again, their current database covers almost all of the major vendors: Cisco, Juniper, Fortinet, etc. However, there is always room for growth in this particular area.
Use of Solution
I have used this solution since 2012.
Stability Issues
We have not encountered any issues with stability so far.
Scalability Issues
We have not encountered any issues with scalability so far.
Customer Service and Technical Support
Their technical support is superior.
Pricing, Setup Cost and Licensing
Pricing and licensing is structured well and FireMon was very helpful in meeting the target budget for this project.
Other Solutions Considered
We looked at AlgoSec before choosing FireMon.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free FireMon Security Manager Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Firewall Security ManagementPopular Comparisons
Tufin Orchestration Suite
Fortinet FortiGate Cloud
Skybox Security Suite
Palo Alto Networks Panorama
AWS Firewall Manager
Azure Firewall Manager
ManageEngine Firewall Analyzer
Cisco Defense Orchestrator
Cisco Secure Firewall Management Center
Buyer's Guide
Download our free FireMon Security Manager Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Tasks to Perform on Preventive Maintenance.
- From your experience, what are the technical differences between AlgoSec and FireMon?
- What Is The Biggest Difference Between AlgoSec and FireMon?
- Comparing network security vendors and devices
- When should companies use SSL Inspection?
- When evaluating Firewall Security Management, what aspect do you think is the most important to look for?
- What are the most important features you would be looking for in a firewall?
- How do I estimate the required firewall throughput for my organization?
- What are the pros and cons of Tufin, AlgoSec and RedSeal?
- Tasks to Perform on Preventive Maintenance.
Thank you for providing your detailed feedback on FireMon Security Manager. We truly appreciate the investment of your time to post a review.
In regards to your statement about issues displaying the device map; It is highly recommended to organize devices into device groups. This improves usability for organizations with a large number of devices, and reduces the amount of time taken to display the device map.