FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments. Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the entire IT landscape to automate policy changes, meet compliance standards, to minimize policy-related risk. Since creating their policy management solution in 2004, FireMon states they've helped…
N/A
MikroTik CRS Series
Score 9.0 out of 10
N/A
MikroTik offers a series of Cloud Router Switches (or their CRS series), their flagship products.
FireMon is best used in a large environment (for example, I have >100 firewalls in my environment). It's best used when trying to improve security posture and showing changes in firewall security over time. It might not be the best choice for smaller environments or those that aren't concerned about security management.
MikroTik Cloud Router Switch work very well as layer2/3 switches in enterprise environments, aggregation or distribution layers. Example: in our case (ISP) we use CRS326 and CRS317 at multi-dwelling units to finish the customer lines, manage vlans of service and apply basic qos. They offer a good variety of ports 1/10G, which is perfect for connecting other ISPs or connecting corporate end users. MikroTik Cloud Router Switch would work fine in low-traffic Routing and Switching, you could configure L3 Hardware offloading and serve some significant traffic, but you may missing some features like, mangle, nat, firewall or other things that may be solved with other device in an upper layer of infrastructure. Based on our experience MikroTik Cloud Router Switch is not good for high performance traffic, they are not optimized for heavy L3 routing task. Example: if you use a CRS as core or router in a small DC or IX the result is traduced on high cpu usage and load performance. If you are looking for special works, MikroTik Cloud Router Switch in this aspect is out.
The shell is locked out and we can't run any general centos commands. The implementation and maintainence of the arch is very complex. Even with the right identifiers on log messages the log collection keeps failing. The warning messages on the device are ambiguous. The log messages on firemon are a bit confusing and don't show the exact issue.
Powerful features at a low price: MikroTik Cloud Router Switch provides a good variety of features that are not present on more expensive brands. Flexible deployment options: SwOS for simple switching use cases and RouterOS for more advanced configurations. Winbox is a fast and responsive tool for configuring, maintain and monitoring the traffic or other variable. Why it doesn't score higher, we think that the learning curve for new users could be hard. Sometimes the logic configuration can be unintuitive example: bridge filtering, vlan interfaces. Inconsistent UX Across RouterOS versions, some features may change without clear documentation causing confusion missconfig or incompatibility between versions. Documentation and support are poor, official documentation is fragmented and depht in some cases, the active community should be your best friend.
FireMon has been relatively stable overall. However, there have been a handful of times where we had issues with the console. For example, we couldn't update which devices to include in a security assessment. The initial suggestion from support was to just reboot it. It seems like there weren't many other options available such as to restart services before going to the extreme of a complete reboot.
I'm not sure we have the largest implementation of FireMon out there but we do have a few 1000 devices being probed by FireMon. Overall, the system's performance has been rock solid. The console refreshes quickly and reports are generated within an expected timeframe.
FireMon technical support is awesome! They respond quickly to our requests and they are well trained and very knowledgeable about the tool. Some issues have to be referred to the development team, but technical support largely provides solutions for any issues that we may have.
I has worked with AlgoSec and while they are very similar product, I find the FireMon is easier to understand and get rolling with. While both require some learning, FireMon is by far the easier one. Once you have an understanding of how things are arranged and labeled you can easily import firewalls and begin to work on them to improve them
We chose MikroTik Cloud Router Switch because it met our technical requirements without significantly affecting our budget. MikroTik Cloud Router Switch offers a performance reliable and scalable for access and aggregation roles and is easy to integrate with our existing infrastructure (Mikrotik CCR). While it doesn't offer enterprise-class UX, or automation frameworks out the box, its disruptive focus, control and granular configuration convert it in an attractive option for ISP operations.
Firemon Is easily scalable and maintainable with any size team. Although it requires some tech debt, it is well worth the time to invest to ensure compliance is visible and reports are accurate. Although our environment is very large we do not fully utilize the scalability of the Firemon product.
