F5 BIG-IP software from Seattle-based F5 Networks is a load balancing and application protection solution suite available on cloud or via virtual editions, on a subscription or perpetual licensing basis.
N/A
FireMon
Score 7.9 out of 10
Enterprise companies (1,001+ employees)
FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments. Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the entire IT landscape to automate policy changes, meet compliance standards, to minimize policy-related risk. Since creating their policy management solution in 2004, FireMon states they've helped…
LTM's scope of action goes beyond load balancing. Tools for control, governance, and application enhancement, as well as APIs like iRULE, are very important for day-to-day operations. Furthermore, the F5 BIG-IP WAF offers exceptional security. Advanced firewall and routing functionalities are helpful in more complex environments. O LTM possui um escopo de atuacao que vai alem do balanceamento. Ferramentas para controle, governanca e aprimoramento de aplicacoes e API como iRULE sao muito iportantes para o dia a dia a operacao. Alem disso o WAF do F5 BIG-IP tem uma qualidade de seguranca exceptional. As funcionalidades avancadas de firewall e roteamento ajudam em ambientes mais complexos. This review was originally written in Portuguese and has been translated into English using a third-party translation tool. While we strive for accuracy, some nuances or meanings may not be perfectly captured.
FireMon is best used in a large environment (for example, I have >100 firewalls in my environment). It's best used when trying to improve security posture and showing changes in firewall security over time. It might not be the best choice for smaller environments or those that aren't concerned about security management.
My company is kind of like it's a safe thing if you log in and you provide another second login to get the code to log in, confirm that it's a correct that you are logged into the account and it just provides more for the company
I think a couple of challenges. One, I mean the cost, it's not an inexpensive product, but I think it's probably parity with value, maybe a little on the pricey side of things.
As far as features and what we'd like to see more cloud native type experiences like where NGINX and F5 kind of come together, we're moving more of the cloud just like everybody else, and it's a little clunky right now.
Stability of product and easy way to have account manager contact. F5 support team is also always available to help with major issues. Last year during the major OS upgrade F5 team and F5 leadership always shared clear information and F5 team was dedicated to help us to have it closed in record time
The shell is locked out and we can't run any general centos commands. The implementation and maintainence of the arch is very complex. Even with the right identifiers on log messages the log collection keeps failing. The warning messages on the device are ambiguous. The log messages on firemon are a bit confusing and don't show the exact issue.
It is a good product to use but right now it is lacking the automation of certificates, management of iRules and automation of certain configuration. Also creating an APM policy from scratch with many APM agents take a long time due to slow load times of the GUI and the need to create everything from scratch every time. It's tough to reuse the configuration.
FireMon has been relatively stable overall. However, there have been a handful of times where we had issues with the console. For example, we couldn't update which devices to include in a security assessment. The initial suggestion from support was to just reboot it. It seems like there weren't many other options available such as to restart services before going to the extreme of a complete reboot.
I'm not sure we have the largest implementation of FireMon out there but we do have a few 1000 devices being probed by FireMon. Overall, the system's performance has been rock solid. The console refreshes quickly and reports are generated within an expected timeframe.
I've supported F5 for three different companies. Our F5 support has been very consistent, regardless who the customer is. F5 technicians are very experienced and provide good support, even when issues are more related to knowledge than they are with the ability of the product to do what you need it to do.
FireMon technical support is awesome! They respond quickly to our requests and they are well trained and very knowledgeable about the tool. Some issues have to be referred to the development team, but technical support largely provides solutions for any issues that we may have.
I has worked with AlgoSec and while they are very similar product, I find the FireMon is easier to understand and get rolling with. While both require some learning, FireMon is by far the easier one. Once you have an understanding of how things are arranged and labeled you can easily import firewalls and begin to work on them to improve them
Firemon Is easily scalable and maintainable with any size team. Although it requires some tech debt, it is well worth the time to invest to ensure compliance is visible and reports are accurate. Although our environment is very large we do not fully utilize the scalability of the Firemon product.
The F5 BIG-IP has improved all our load balancing needs, we have over 400 LTM VIPs in our environment this all use to be done with DNS round Robin configurations.
we have created unique APM solutions to support our external customer base
