FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments. Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the entire IT landscape to automate policy changes, meet compliance standards, to minimize policy-related risk. Since creating their policy management solution in 2004, FireMon states they've helped…
N/A
ManageEngine Firewall Analyzer
Score 9.0 out of 10
N/A
ManageEngine offers Firewall Analyzer, a firewall security and policy management option supporting change and compliance of network security devices.
$395
per year
Pricing
FireMon
ManageEngine Firewall Analyzer
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
FireMon
ManageEngine Firewall Analyzer
Free Trial
Yes
Yes
Free/Freemium Version
No
No
Premium Consulting/Integration Services
Yes
No
Entry-level Setup Fee
Optional
Optional
Additional Details
—
—
More Pricing Information
Community Pulse
FireMon
ManageEngine Firewall Analyzer
Considered Both Products
FireMon
Verified User
Team Lead
Chose FireMon
Firewall Rule analyzer was used before I joined the company, but I have no experience with it.
ManageEngine Firewall Analyzer
Verified User
Executive
Chose ManageEngine Firewall Analyzer
Good cost/benefit ratio. We
didn’t want to pay much, we are a small company but, and the same time we
wanted to have paid support to fastly solve problems.
Features
FireMon
ManageEngine Firewall Analyzer
Firewall Security Management
Comparison of Firewall Security Management features of Product A and Product B
FireMon is best used in a large environment (for example, I have >100 firewalls in my environment). It's best used when trying to improve security posture and showing changes in firewall security over time. It might not be the best choice for smaller environments or those that aren't concerned about security management.
Offering enhanced network security, performance, and connectivity, it is well as used in a business setting. Features including application control, web content filtering, firewall, IP address, application control, VPN, and good advanced threat protection. With enhanced features and advanced threat protection you get an awesome performance cost effective firewall device.
Live traffic monitor: Firewall Analyzer lets us monitor traffic as it flows through the firewalls. It also breaks it down according to what type of traffic (e.g., web, mail, FTP, etc.) it is. It lists the tops hosts, the top users from traffic, and a lot of other useful statistics, all in a very visual format.
Security Monitoring: Another good visual graph Firewall Analyzer provides is the security one, which shows us if we're being attacked, from where, by what, how many, etc. It will also send us alerts when there's an alarm of any kind on the firewall.
Reporting: We can run all sorts of custom reports, and that helps us both with compliance and informing management as to what's going on. It would be difficult to describe all the various kinds of things we can include in these reports, but they are extensive.
The shell is locked out and we can't run any general centos commands. The implementation and maintainence of the arch is very complex. Even with the right identifiers on log messages the log collection keeps failing. The warning messages on the device are ambiguous. The log messages on firemon are a bit confusing and don't show the exact issue.
It is fast to download the test software and implement. It takes some sometime to understand the ways you have to on board your firewalls into it. It is nice to buy and just activate the product that you have already installed. Maybe some wizards could be improved in order to accelerate these tasks.
FireMon has been relatively stable overall. However, there have been a handful of times where we had issues with the console. For example, we couldn't update which devices to include in a security assessment. The initial suggestion from support was to just reboot it. It seems like there weren't many other options available such as to restart services before going to the extreme of a complete reboot.
I'm not sure we have the largest implementation of FireMon out there but we do have a few 1000 devices being probed by FireMon. Overall, the system's performance has been rock solid. The console refreshes quickly and reports are generated within an expected timeframe.
FireMon technical support is awesome! They respond quickly to our requests and they are well trained and very knowledgeable about the tool. Some issues have to be referred to the development team, but technical support largely provides solutions for any issues that we may have.
I has worked with AlgoSec and while they are very similar product, I find the FireMon is easier to understand and get rolling with. While both require some learning, FireMon is by far the easier one. Once you have an understanding of how things are arranged and labeled you can easily import firewalls and begin to work on them to improve them
ManageEngine was chosen over the use of AlgoSec as it slotted nicely with other Manage engine services we use for services such as active directory management. Other benefits include how lightweight and easy to install and set up it is. You can install it inside your network and start testing within 20 minutes.
Firemon Is easily scalable and maintainable with any size team. Although it requires some tech debt, it is well worth the time to invest to ensure compliance is visible and reports are accurate. Although our environment is very large we do not fully utilize the scalability of the Firemon product.
Firewall Analyzer has definitely freed up a lot of IT's time, by congregating logs and displaying them in a more useful, visual way.
The cost for licenses and proactive alerting, compared to the man-hours spent reactively through data, paid for itself in a few months.
There was no negative impact to users, and only some to IT staff who had to train on the software, which mostly consisted of videos and playing around with the software.
