Cisco routers support secure, reliable enterprise connections. These enterprise routers help users implement an intent-based, future-ready WAN that is constantly learning, adapting, and protecting. Deploy routers for the branch, cloud, co-location, or the data center with any type of connectivity, including MPLS, Internet, and 4G LTE. With over 30 years of experience and an end-to-end portfolio, Cisco routing solutions can deliver for today’s networking needs. The vendor promises to help…
N/A
FireMon
Score 7.9 out of 10
Enterprise companies (1,001+ employees)
FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments. Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the entire IT landscape to automate policy changes, meet compliance standards, to minimize policy-related risk. Since creating their policy management solution in 2004, FireMon states they've helped…
Cisco Routers, particularly ASRs, are well suited at the edge or perimeter of your network topology since they're capable of aggregating large data and performing fast packet processing. To be even more specific, they are great at handling full internet BGP route tables and aggregating multiple WAN connections. Some scenarios where they may be less appropriate might be for much smaller sites running less critical services that may not need "state of the art" enterprise routers.
FireMon is best used in a large environment (for example, I have >100 firewalls in my environment). It's best used when trying to improve security posture and showing changes in firewall security over time. It might not be the best choice for smaller environments or those that aren't concerned about security management.
We are extremely likely to renew, as we have been very happy with our Cisco Routers for over 10 years. Their uptime as well as stable nature makes them ideal for us, as we are an industry that cannot afford downtime. We trust our partner to recommend our next model Cisco, when the time comes.
The shell is locked out and we can't run any general centos commands. The implementation and maintainence of the arch is very complex. Even with the right identifiers on log messages the log collection keeps failing. The warning messages on the device are ambiguous. The log messages on firemon are a bit confusing and don't show the exact issue.
The best thing about Cisco products is their presence in community. When you have a problem you can do quick search and find whoever else had the same question and expert answer for that question. Other thing is there are Cisco certified people we can find very easily if want some help with comissioning these products
FireMon has been relatively stable overall. However, there have been a handful of times where we had issues with the console. For example, we couldn't update which devices to include in a security assessment. The initial suggestion from support was to just reboot it. It seems like there weren't many other options available such as to restart services before going to the extreme of a complete reboot.
I'm not sure we have the largest implementation of FireMon out there but we do have a few 1000 devices being probed by FireMon. Overall, the system's performance has been rock solid. The console refreshes quickly and reports are generated within an expected timeframe.
Cisco support is very good. Of course, sometime you will run into support guy that isn't up to the task. Buf overall, the support system is well structure. You know if this support isn't able to help, you can esclate the situation to find another help. Also, their documentation is well developed and can be very useful.
FireMon technical support is awesome! They respond quickly to our requests and they are well trained and very knowledgeable about the tool. Some issues have to be referred to the development team, but technical support largely provides solutions for any issues that we may have.
Other vendors definitely bring some great features. We've gone from Fortinet to HPE, to Ruckus. Each product has benefits to consider. For us, Cisco is a trusted brand that's used about thousands of customers and many fortune companies. While some of the newer or smaller players have great features, Cisco has most of the same plus time in the trenches.
I has worked with AlgoSec and while they are very similar product, I find the FireMon is easier to understand and get rolling with. While both require some learning, FireMon is by far the easier one. Once you have an understanding of how things are arranged and labeled you can easily import firewalls and begin to work on them to improve them
Firemon Is easily scalable and maintainable with any size team. Although it requires some tech debt, it is well worth the time to invest to ensure compliance is visible and reports are accurate. Although our environment is very large we do not fully utilize the scalability of the Firemon product.
