Likelihood to Recommend This is the best possible solution for enterprise-level organizations where server counts will be in the thousands. To manage these and understand the communication can be very cumbersome without this tool. Ease of creation map zone and application-wise can be relaxing to OS teams and support teams as well. There is no limit to labeling schema of servers and it gives the freedom to do so.
Read full review FireMon is best used in a large environment (for example, I have >100 firewalls in my environment). It's best used when trying to improve security posture and showing changes in firewall security over time. It might not be the best choice for smaller environments or those that aren't concerned about security management.
Read full review Pros Network traffic flow within environment of organization. Creating maps for visibility and drill down is a key feature. Labelling of servers can be done via running script. Alerts can be sensitized for the traffic not seen. Read full review Give good real time reporting for anyone making a change to any of our firewalls Provides good reporting tools that are out of box Provide good customization tools that is specific to our needs Upgrades are a simple process and support does relatively well with assisting us. Read full review Cons Limited support to legacy infrastructure. Integration with third party is a bit tedious. Awaiting support for Kubernetes in the next version. Read full review Some features could be added to the existing functionality which include NAT rules usage Rule expiration normalization from firewalls rather than entering them in rule documentation .csv exports of the files from the firewall pane only gives usage for 30 days by default and that should be increased Read full review Likelihood to Renew The shell is locked out and we can't run any general centos commands. The implementation and maintainence of the arch is very complex. Even with the right identifiers on log messages the log collection keeps failing. The warning messages on the device are ambiguous. The log messages on firemon are a bit confusing and don't show the exact issue.
Read full review Usability The solution is deployed throughout the organization. Teams are working and integrating it with the help desk tool wherever required. Helps in identifying the network traffic flows in lateral movement and east and west as well. Allows policies by default and later fine-tuning to be done to narrow it and enforce blocking action. Exporting reports from the tool is easy and can be observed for any issues.
Read full review It save me time and I'm able to have the review - review the rule independently with using my time.
Read full review Reliability and Availability FireMon has been relatively stable overall. However, there have been a handful of times where we had issues with the console. For example, we couldn't update which devices to include in a security assessment. The initial suggestion from support was to just reboot it. It seems like there weren't many other options available such as to restart services before going to the extreme of a complete reboot.
Read full review Performance I'm not sure we have the largest implementation of FireMon out there but we do have a few 1000 devices being probed by FireMon. Overall, the system's performance has been rock solid. The console refreshes quickly and reports are generated within an expected timeframe.
Read full review Support Rating Support has been available 24*7. It also depends on criticality but support is available. Also, the right expertise from the team helps in identifying the issue quickly and this helps in less production downtime if required. The ticket is resolved with RCA.
Read full review FireMon technical support is awesome! They respond quickly to our requests and they are well trained and very knowledgeable about the tool. Some issues have to be referred to the development team, but technical support largely provides solutions for any issues that we may have.
Read full review Implementation Rating Implementation is fairly simple. Most issues can be resolved by referencing manuals.
Read full review Alternatives Considered 1) No limit to labeling schema. 2) Ease of creating maps with respect to zone, environment, subnets, etc. 3) Ease of creating policies and publishing the same. 4) Deception 5) Integration with monitoring tool (grafana) 6) Changes in the agent can be considered if there are legacy systems, time-consuming but can be achieved with the right information.
Read full review I has worked with
AlgoSec and while they are very similar product, I find the FireMon is easier to understand and get rolling with. While both require some learning, FireMon is by far the easier one. Once you have an understanding of how things are arranged and labeled you can easily import firewalls and begin to work on them to improve them
Read full review Scalability Firemon Is easily scalable and maintainable with any size team. Although it requires some tech debt, it is well worth the time to invest to ensure compliance is visible and reports are accurate. Although our environment is very large we do not fully utilize the scalability of the Firemon product.
Read full review Return on Investment Blocking unwarranted traffic can really boost security of organization. Alerts can be triggered to SIEM servers and help in timely action. Need to be very careful before configuring and publishing block policies in the production environment. Read full review FireMon's Compliance Reporting provided an immediate and tangible benefit FireMon helps identify egregious or erroneous rules quickly across multiple platforms FireMon took our audit process from an Excel spreadsheet into a far more advanced process with readily available context for reviewers Read full review ScreenShots