Likelihood to Recommend FireMon is best used in a large environment (for example, I have >100 firewalls in my environment). It's best used when trying to improve security posture and showing changes in firewall security over time. It might not be the best choice for smaller environments or those that aren't concerned about security management.
Read full review To help the Infosec Team Scale & create a seamless consolidated threat response. FortiDeceptor all the Security analysts to manually investigate & manual remediation or automatically block these attacks based on severity before actual damage occurs via integration with Fortigate to quarantine the IP address of the threat actor, FortiNAC to isolate devices within an organization with FortiSOAR to trigger appropriate playbooks for an orchestrated response and with 3rd party solutions to trigger a response action via built-in fabric connector API. FortiDeceptor needs other FortiFabric Devices to respond well, however, FortiDeceptor also connects with other solutions via built-in fabric connector API, but you may miss the real-time data flow or may be delayed in response.
Read full review Pros Give good real time reporting for anyone making a change to any of our firewalls Provides good reporting tools that are out of box Provide good customization tools that is specific to our needs Upgrades are a simple process and support does relatively well with assisting us. Read full review Protects against all types of malware. Provides visibility to potential attacks to your network. Blocks access to inappropriate websites. Read full review Cons Some features could be added to the existing functionality which include NAT rules usage Rule expiration normalization from firewalls rather than entering them in rule documentation .csv exports of the files from the firewall pane only gives usage for 30 days by default and that should be increased Read full review FortiSandbox integration has limited/basic Next Generation Firewall (NGFW) capabilities. Read full review Likelihood to Renew The shell is locked out and we can't run any general centos commands. The implementation and maintainence of the arch is very complex. Even with the right identifiers on log messages the log collection keeps failing. The warning messages on the device are ambiguous. The log messages on firemon are a bit confusing and don't show the exact issue.
Read full review Usability It save me time and I'm able to have the review - review the rule independently with using my time.
Read full review Reliability and Availability FireMon has been relatively stable overall. However, there have been a handful of times where we had issues with the console. For example, we couldn't update which devices to include in a security assessment. The initial suggestion from support was to just reboot it. It seems like there weren't many other options available such as to restart services before going to the extreme of a complete reboot.
Read full review Performance I'm not sure we have the largest implementation of FireMon out there but we do have a few 1000 devices being probed by FireMon. Overall, the system's performance has been rock solid. The console refreshes quickly and reports are generated within an expected timeframe.
Read full review Support Rating FireMon technical support is awesome! They respond quickly to our requests and they are well trained and very knowledgeable about the tool. Some issues have to be referred to the development team, but technical support largely provides solutions for any issues that we may have.
Read full review Implementation Rating Implementation is fairly simple. Most issues can be resolved by referencing manuals.
Read full review Alternatives Considered I has worked with
AlgoSec and while they are very similar product, I find the FireMon is easier to understand and get rolling with. While both require some learning, FireMon is by far the easier one. Once you have an understanding of how things are arranged and labeled you can easily import firewalls and begin to work on them to improve them
Read full review Since we have other Fortinet solutions like Fortigate NGFW & FortiSIEM in place, they share the threat intelligence with each other, and FortiDeceptor works very well in FortiFabric environments, We decided to go with FortiDeceptor for Deception technology. In the case of Rapid7 & Smokescreen, we had to counter the integration issue with existing IT infra, Security solutions should not work in silos, they need to share intelligence with each other to get the best from the existing Solution & to get the best ROI.
Read full review Scalability Firemon Is easily scalable and maintainable with any size team. Although it requires some tech debt, it is well worth the time to invest to ensure compliance is visible and reports are accurate. Although our environment is very large we do not fully utilize the scalability of the Firemon product.
Read full review Return on Investment FireMon's Compliance Reporting provided an immediate and tangible benefit FireMon helps identify egregious or erroneous rules quickly across multiple platforms FireMon took our audit process from an Excel spreadsheet into a far more advanced process with readily available context for reviewers Read full review Internet security is a gamble. It's hard to know the cost of a "would-be" attack. FortiDeceptor is basically an insurance policy and for that, it is a great investment. Read full review ScreenShots