Likelihood to Recommend FireMon is best used in a large environment (for example, I have >100 firewalls in my environment). It's best used when trying to improve security posture and showing changes in firewall security over time. It might not be the best choice for smaller environments or those that aren't concerned about security management.
Read full review Trellix (FireEye + McAfee)
It provides great web security and will protect your devices against viruses and malware when paired with other security software and hardware. For instance, we have multiple layers of security set up so if McAfee misses something then one of our other barriers will catch the infection or intrusion before it reaches the network. I would not suggest using this product as a standalone agent because I do not think it will be as effective when working by itself. The dashboard also makes it convenient to manage devices, policies, and settings from wherever you are so it's an ideal solution for any IT department to use. I would just suggest using something else as a backup so your network isn't left vulnerable.
Read full review Pros Give good real time reporting for anyone making a change to any of our firewalls Provides good reporting tools that are out of box Provide good customization tools that is specific to our needs Upgrades are a simple process and support does relatively well with assisting us. Read full review Trellix (FireEye + McAfee)
Provides high fidelity alerting. Allows CSOC analysts to perform forensic triage and alert investigations through containment from a single pane of glass. Provides alert telemetry across on-disk and in-memory attacks. Supports many additional 'bolt-on' modules to provide additional alert context or capabilities. Read full review Cons Some features could be added to the existing functionality which include NAT rules usage Rule expiration normalization from firewalls rather than entering them in rule documentation .csv exports of the files from the firewall pane only gives usage for 30 days by default and that should be increased Read full review Trellix (FireEye + McAfee)
The amount of false detections especially the negative ones needed to be reduced. It requires more optimization. It tends to make the PCs slower. It almost doesn't have the ability to heal. This is very important as we need our sensitive data to be recoverable. It doesn't have any free scanning functionality. Our users using personal machines cannot scan in case of an incident. This could be added like Malwarebytes. Read full review Likelihood to Renew The shell is locked out and we can't run any general centos commands. The implementation and maintainence of the arch is very complex. Even with the right identifiers on log messages the log collection keeps failing. The warning messages on the device are ambiguous. The log messages on firemon are a bit confusing and don't show the exact issue.
Read full review Trellix (FireEye + McAfee)
Usability It save me time and I'm able to have the review - review the rule independently with using my time.
Read full review Trellix (FireEye + McAfee)
Reliability and Availability FireMon has been relatively stable overall. However, there have been a handful of times where we had issues with the console. For example, we couldn't update which devices to include in a security assessment. The initial suggestion from support was to just reboot it. It seems like there weren't many other options available such as to restart services before going to the extreme of a complete reboot.
Read full review Trellix (FireEye + McAfee)
Performance I'm not sure we have the largest implementation of FireMon out there but we do have a few 1000 devices being probed by FireMon. Overall, the system's performance has been rock solid. The console refreshes quickly and reports are generated within an expected timeframe.
Read full review Trellix (FireEye + McAfee)
Support Rating FireMon technical support is awesome! They respond quickly to our requests and they are well trained and very knowledgeable about the tool. Some issues have to be referred to the development team, but technical support largely provides solutions for any issues that we may have.
Read full review Trellix (FireEye + McAfee)
The support of product was very good when we initially implemented the solution. We were getting fats replies and could see the customer approach. After a while the level of support was not following the SLA's and the replies were getting very confusing and late.
Read full review Implementation Rating Implementation is fairly simple. Most issues can be resolved by referencing manuals.
Read full review Trellix (FireEye + McAfee)
Alternatives Considered I has worked with
AlgoSec and while they are very similar product, I find the FireMon is easier to understand and get rolling with. While both require some learning, FireMon is by far the easier one. Once you have an understanding of how things are arranged and labeled you can easily import firewalls and begin to work on them to improve them
Read full review Trellix (FireEye + McAfee)
Unlike Trellix Endpoint Security Symantec Endpoint provides less information about events on the user side. Trellix give an opportunity to see information about virus detection on a user machine as quick as it possible, so we were able to catch the signs of virus propagation early and prevent the spread of damage
Read full review Scalability Firemon Is easily scalable and maintainable with any size team. Although it requires some tech debt, it is well worth the time to invest to ensure compliance is visible and reports are accurate. Although our environment is very large we do not fully utilize the scalability of the Firemon product.
Read full review Trellix (FireEye + McAfee)
Return on Investment FireMon's Compliance Reporting provided an immediate and tangible benefit FireMon helps identify egregious or erroneous rules quickly across multiple platforms FireMon took our audit process from an Excel spreadsheet into a far more advanced process with readily available context for reviewers Read full review Trellix (FireEye + McAfee)
From an auditing standpoint, we can show that our workstations/servers are protected. Even though it cant identify more advanced/targeted malware, it is still good to identify the more obvious malware which occurs daily in my enterprise. Since it can be easily deployed, the products can easily get deployed on all systems in the environment for optimal anti-malware protection. Read full review ScreenShots Trellix Endpoint Security ENS Screenshots