Cisco Security Cloud Control helps the user consistently manage policies across Cisco security products. It is a cloud-based application that cuts through complexity to save time and keep your organization protected against the latest threats.
N/A
FireMon
Score 7.9 out of 10
Enterprise companies (1,001+ employees)
FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments. Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the entire IT landscape to automate policy changes, meet compliance standards, to minimize policy-related risk. Since creating their policy management solution in 2004, FireMon states they've helped…
To be blunt, at the time of purchase most of these products appeared to do the same things in the same ways. What really brought us to the table with FireMon six years ago was their willingness to earn our business, and to this day they remain just as committed to keeping our …
Cisco Defense Orchestrator is an ideal software to easily manage firewalls at the enterprise level, as well as to implement security policies that allow the corporate infrastructure to remain free of threats that can put at risk all the devices that are handled on a daily basis. For example, it is ideal for preventing network intrusions, since it has the ability to block malware and any suspicious activity. In addition, the fact that it is based on a single console provides the benefit of keeping all devices under view and thus preventing any threat in the simplest way.
FireMon is best used in a large environment (for example, I have >100 firewalls in my environment). It's best used when trying to improve security posture and showing changes in firewall security over time. It might not be the best choice for smaller environments or those that aren't concerned about security management.
I give this score because I believe that Cisco Defense Orchestrator helps our company to be resilient, this is because this software is also focused on offering security resilience at the enterprise level, that is, through its features such as high visibility, acceleration of threat detection and response, simple management, and end-to-end protection. By having it, it is more feasible to avoid disasters or risks in the devices that are handled daily and of course avoid data loss and, given this, be able to recover quickly if something happens.
The shell is locked out and we can't run any general centos commands. The implementation and maintainence of the arch is very complex. Even with the right identifiers on log messages the log collection keeps failing. The warning messages on the device are ambiguous. The log messages on firemon are a bit confusing and don't show the exact issue.
I believe that Cisco Defense Orchestrator is available when needed, this solution has allowed the security team to have better productivity thanks to the fact that their workflow is less intense because they can carry out their tasks with the help of this software, in addition to the presence If there is an error, they can be overcome quickly because their support team is efficient.
FireMon has been relatively stable overall. However, there have been a handful of times where we had issues with the console. For example, we couldn't update which devices to include in a security assessment. The initial suggestion from support was to just reboot it. It seems like there weren't many other options available such as to restart services before going to the extreme of a complete reboot.
I'm not sure we have the largest implementation of FireMon out there but we do have a few 1000 devices being probed by FireMon. Overall, the system's performance has been rock solid. The console refreshes quickly and reports are generated within an expected timeframe.
FireMon technical support is awesome! They respond quickly to our requests and they are well trained and very knowledgeable about the tool. Some issues have to be referred to the development team, but technical support largely provides solutions for any issues that we may have.
Cisco Defense Orchestrator is a software that is easy to implement, although knowledge is required for it, but if you do not have it, going to its valuable support team is very helpful. If done knowingly, this process can take less than two hours. Having a simple implementation is a valuable feature because it saves time and expense.
We used the on box management platform. This required API usage for automating things. It was not scalable and a lot of features are not there. There are platforms like manage engine, but they are not Cisco FP native and had limitations as well.
I has worked with AlgoSec and while they are very similar product, I find the FireMon is easier to understand and get rolling with. While both require some learning, FireMon is by far the easier one. Once you have an understanding of how things are arranged and labeled you can easily import firewalls and begin to work on them to improve them
Firemon Is easily scalable and maintainable with any size team. Although it requires some tech debt, it is well worth the time to invest to ensure compliance is visible and reports are accurate. Although our environment is very large we do not fully utilize the scalability of the Firemon product.
