Likelihood to Recommend FireMon is best used in a large environment (for example, I have >100 firewalls in my environment). It's best used when trying to improve security posture and showing changes in firewall security over time. It might not be the best choice for smaller environments or those that aren't concerned about security management.
Read full review The thing I mentioned earlier where we're constantly dealing with federal regulations or new agents that they want us to install and deploy and just getting those out in a consistent manner in a canned installation via Playbook is ideal
Read full review Pros Give good real time reporting for anyone making a change to any of our firewalls Provides good reporting tools that are out of box Provide good customization tools that is specific to our needs Upgrades are a simple process and support does relatively well with assisting us. Read full review Makes it easy to create and share automation in one central hub. Ansible content collections give me the ability to reuse code, making it rapid to carry out complex IT processes. Event-driven automation allows me to reduce manual tasks: it is rapid to know which action to take and respond automatically by receiving events from external apps automatically. Read full review Cons Some features could be added to the existing functionality which include NAT rules usage Rule expiration normalization from firewalls rather than entering them in rule documentation .csv exports of the files from the firewall pane only gives usage for 30 days by default and that should be increased Read full review Workflows should have more flexible paths than just success or failure. The upgrade process can be challenging with differences in security and environment. There is an opportunity to add CICD functionality into the tool. For development, it would be nice to have the option of editing a repo directly from AAP to allow quick tests/reruns. Then, allow it to push the updates back or create a new branch/PR in GitHub. The RBAC is good but could use improvements. One example would be an option that allows admins to assume the access of another user to validate it works as expected. Read full review Likelihood to Renew The shell is locked out and we can't run any general centos commands. The implementation and maintainence of the arch is very complex. Even with the right identifiers on log messages the log collection keeps failing. The warning messages on the device are ambiguous. The log messages on firemon are a bit confusing and don't show the exact issue.
Read full review We are deploying Ansible at all levels of the organization
Read full review Usability It save me time and I'm able to have the review - review the rule independently with using my time.
Read full review the yaml is easy to write and most people can be taught to write basic playbooks in a few weeks
Read full review Reliability and Availability FireMon has been relatively stable overall. However, there have been a handful of times where we had issues with the console. For example, we couldn't update which devices to include in a security assessment. The initial suggestion from support was to just reboot it. It seems like there weren't many other options available such as to restart services before going to the extreme of a complete reboot.
Read full review Performance I'm not sure we have the largest implementation of FireMon out there but we do have a few 1000 devices being probed by FireMon. Overall, the system's performance has been rock solid. The console refreshes quickly and reports are generated within an expected timeframe.
Read full review Great in almost every way compared to any other configuration management software. The only thing I wish for is python3 support. Other than that, YAML is much improved compared to the Ruby of Chef. The agentless nature is incredibly convenient for managing systems quickly, and if a member of your term has no terminal experience whatsoever they can still use the UI.
Read full review Support Rating FireMon technical support is awesome! They respond quickly to our requests and they are well trained and very knowledgeable about the tool. Some issues have to be referred to the development team, but technical support largely provides solutions for any issues that we may have.
Read full review There is a lot of good documentation that Ansible and Red Hat provide which should help get someone started with making Ansible useful. But once you get to more complicated scenarios, you will benefit from learning from others. I have not used Red Hat support for work with Ansible, but many of the online resources are helpful.
Read full review Implementation Rating Implementation is fairly simple. Most issues can be resolved by referencing manuals.
Read full review I spoke on this topic today!
Read full review Alternatives Considered I has worked with
AlgoSec and while they are very similar product, I find the FireMon is easier to understand and get rolling with. While both require some learning, FireMon is by far the easier one. Once you have an understanding of how things are arranged and labeled you can easily import firewalls and begin to work on them to improve them
Read full review AAP doesn't truly stack up against any of the products mentioned except for
Aria Automation. But, it is extensible and open and has a lower cost to entry.
Read full review Scalability Firemon Is easily scalable and maintainable with any size team. Although it requires some tech debt, it is well worth the time to invest to ensure compliance is visible and reports are accurate. Although our environment is very large we do not fully utilize the scalability of the Firemon product.
Read full review Return on Investment FireMon's Compliance Reporting provided an immediate and tangible benefit FireMon helps identify egregious or erroneous rules quickly across multiple platforms FireMon took our audit process from an Excel spreadsheet into a far more advanced process with readily available context for reviewers Read full review Red Hat Ansible Automation Platform offers automation and ML tools that allow me to automate complex IT tasks. Through automation analytics, it is seamless to gain full visibility into automation performance allowing me to make informed decisions. Red Hat Ansible Automation Platform allows me to move rapidly from insights to action. Creating and sharing automation content in one place unify a team in one place hence enhancing real-time collaboration. Read full review ScreenShots