FireMon

FireMon

Top Rated
About TrustRadius Scoring
Score 8.1 out of 100
Top Rated
FireMon

Overview

What is FireMon?

FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments.

Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the entire IT landscape to...

Read more

Recent Reviews

Solid and reliable

9 out of 10
December 07, 2021
FireMon is a great product that compiles information for security and networking issues and is easy to use. Support is some of the best in …
Continue reading
Read all reviews

How FireMon Differs From Its Competitors

FireMon Hybrid Cloud Security

Best practice in this case is to put FireMon in the demilitarized zone or DMZ. So that you will be able to support your hybrid cloud infrastructure. In our case, we only put this inside our network since this is only our requirement in the organization.
Continue reading

FireMon Hybrid Cloud Security

We have a hybrid environment in our organization, we are using the Firemon solution for both our on-prem and cloud firewalls. The collectors have been deployed in both environments to collect from the firewalls.
Continue reading

Flexible Workflows

The above statement is absolutely true. Firemon does present the ability to be customized and work with most existing ticketing solutions to incorporate the approval process and identify the in-path firewalls and push relevant policies while maintaining an audit trail.
Continue reading

FireMon Compliance

Firemon does offer most PCI ISO audit compliance results as a report on the analysis for different firewalls. It tags risks based on the compliance model and offers solutions to remdiate the same. Not all of these can be achieved via the zero-touch automation though.
Continue reading

Firewall Policy Risk Management

The zero-touch policy automation does minimize the risks of mistakes over policies being pushed on the firewalls. It selects the right firewalls that fall in path and push only what is needed.
Continue reading

Flexible Workflows

not yet, installation is quite recent (within the last 3 months) so we will need to customize workflows and is on our roadmap
Continue reading

FireMon Compliance

we have used compliance reporting and so far that is the main use of FireMon initially. It has reduced our time to collect this type of information and handily reports these details. We have recently changed our compliance/monitoring tool and many hours per week are saved as a result.
Continue reading

FireMon Compliance

Between compliance and security, any number of reports can be produced and automated for emails being sent to anyone in the organization.
Continue reading

FireMon Hybrid Cloud Security

The system it was used on was very old and very unique software and traffic types/patterns. FireMon had no issues with the analyzing or monitoring of the same.
Continue reading

FireMon Compliance

Integrated with parts of the DOE Cyber Security framework easily. Can point to reports from FireMon for SOX compliance.
Continue reading

FireMon Compliance

The compliance in Security Manager is excellent. Being able to compare the firewall policy sets to industry standards provides and excellence guide on improving the environments security posture.
Continue reading

Firewall Policy Risk Management

We do not use this feature as much as we should. Since all firewall changes are validated by multiple team members are part of the workflow we don't have these scenarios.
Continue reading

FireMon Hybrid Cloud Security

We have yet to deploy FireMon into our public or hybrid cloud strategies, nor do we really need to support many vendors on premises. Our business does have another security department that finds great benefits from the vendor-agnostic support. I have seen what the product can do, and in time, as …
Continue reading

Flexible Workflows

We do not currently run the modules that automate workflows but we do have a massive suite of reports created that can actually help reduce mistakes by showing us some that were made the next day (or at some interval) allowing for quick remediation of human error. As for reducing cost, FireMon has …
Continue reading

FireMon Compliance

This question is asking for some concrete examples, which are hard to provide given the level of secrecy we are held to. What I will say is that our organization is a FinTech, and as such, it is regulated heavily by auditors from the Federal Reserve, other companies, internal groups, and more. I …
Continue reading

Firewall Policy Risk Management

FireMon, by its very nature, will reduce risk with firewall misconfigurations by simply installing the product and feeding it configurations. The reports included without charge or customization have been enough to protect us from certain downtime due to software/hardware failure from our vendor. …
Continue reading

FireMon Compliance

In today's PCI and/or SOX compliance world, having the visibility that FireMon provides is immeasurable. You can easily see which devices are causing a failed compliance control in detail. For example, FireMon will show you where there are any rules that are allowing more traffic than they should.
Continue reading

Firewall Policy Risk Management

We recently had an issue where our SIEM stopped receiving all syslog data from several devices. Within minutes of using FireMon, we were able to easily pinpoint what changes were made and restore functionality. What complicated matters was that a proper change control was not submitted to document …
Continue reading

FireMon Hybrid Cloud Security

No major benefits have been realized with the vendor a nice take approach however this has allowed us to choose Firemon do to ease of use,return on investment, and implementation. As a cloud software company, the designer Firemon works great!
Continue reading

Firewall Policy Risk Management

Firemon has allowed us to find configuration errors and process these compliance problems to our network teams. It has been a great help throughout the entire organization and our IT teams.
Continue reading

FireMon Hybrid Cloud Security

We have not delved into the cloud aspect of FireMon yet, but as our cloud footprint grows, and we need the ability to see what is happening 'up there' this should be a great additional to our arsenal.
Continue reading

Flexible Workflows

Again, not something we have dipped our toe in yet, but this is coming down the pipe and should be a great addition to our toolbelt. As firewalls become more plentiful in our environment, we will need to utilize automation to keep up with the constant changes
Continue reading

FireMon Compliance

This was an unexpected additional to our toolbelt that helped quiet a bit with our yearly compliance reviews. Being able to pull information quickly was of great benefit when the auditors came calling. Also being able to quickly answer their question about specific changes and issues in the …
Continue reading

Firewall Policy Risk Management

One of the main reason for the purchase of FireMon was the need to cleanup and management of firewall configs. With multiple teams and people touching in and around the firewalls, having a more consistent plan to push out change became more of a necessity. It also helped with the cleanup, as we …
Continue reading

FireMon Hybrid Cloud Security

FireMon has helped us consolidate our firewall configurations for similar devices. This promoted consistency and compliance. Most recently, we had upgraded our Cisco Firepower devices and FireMon was instrumental in helping us consolidate our configs.
Continue reading

Flexible Workflows

We have recently leveraged FireMon to point out inconsistencies in our configurations.
FireMon helped us ensure that they are in synch.
Continue reading

FireMon Compliance

We have benefitted with technical audits, we use the tool to provide evidence to vendors about our firewall posture
Continue reading

Flexible Workflows

We use FireMon for reporting. We do not have any automation set up to delete unused rules or create tickets to have them deleted. We view the reports manually and make the decision ourselves.
Continue reading

Firewall Policy Risk Management

When working correctly and the reports generate when a change is made, when we notice information not on the report, we can then follow up with the individual who staged those changes.
Continue reading

FireMon Hybrid Cloud Security

FireMon doesn't seem to work well with CheckPoint so maybe they should focus more on a specific vendor to be sure the tool works well with one vendor before moving to the next.
Continue reading

FireMon Compliance

Getting FireMon to consistently work has been a challenge, therefore the data can't be trusted and manual efforts are preferred for accuracy.
Continue reading

FireMon Hybrid Cloud Security

We only use FireMon for on-premise purposes at the moment. I'm not aware of any initiative to take it to another level, but if there's an opportunity we're aware the solution is well suited for all our needs, regardless of the environment where it is implemented and in which it is operating.
Continue reading

Flexible Workflows

We actually use FireMon between the Network and Security team to facilitate creation, deletion, review of our firewalls rules, but the whole workflow process is done and followed in our ticketing system instead of FireMon for centralization purposes. We're not looking to change this for now, but …
Continue reading

FireMon Compliance

We actually tried to use it for benchmarking purposes, but unfortunately CIS isn't supported right now, we are looking forward to it. Other compliance regulations are supported, but we don't use the tool in the regulated environments we have since they are managed differently by different teams …
Continue reading

Firewall Policy Risk Management

We use the tool to benchmark our firewalls based on the best practices of the industry when it comes to the configurations in place. Knowing that we consider the tool helped us establish recommendations faster and easier, as well as clear solutions presented by the solution itself inside the …
Continue reading

FireMon Hybrid Cloud Security

We have Fortinet, Cisco, and Palo Alto in-house, and FireMon works with all of these. We are moving into the cloud now using Palo Alto, and we don't see any Issue adding this to FireMon.
Continue reading

Flexible Workflows

We have daily reports (change reports delivered each morning and the color coding reduces the read time of these reports). We have weekly compliance and monthly unused reports that deduce staff time and in some cases show us information we would never have had the time to find without this tool.
Continue reading

FireMon Compliance

Change control is the key to every security audit, and FireMon allows us and auditors to research all changes done. We created a company best practices compliance report and deliver it weekly to security and management.
Continue reading

Flexible Workflows

Using FireMon's REST API we have integrated the platform into several workflows (Firewall Request Workflow, Audit Team Process) that benefit from the rule metadata stored in the platform.
Continue reading

FireMon Compliance

Compliance reporting is an area where FireMon provided immediate benefit upon implementation. In addition to having on-demand reports that satisfy PCI requirements, we created a tailored assessment that aligned with the company's firewall standards to measure compliance against this internal …
Continue reading

Firewall Policy Risk Management

We do not currently use FireMon for this purpose, though we have benefited from some of the related controls in building out our assessment reporting against our internal firewall standards.
Continue reading

Flexible Workflows

Automation of rule auditing with Policy Optimizer to meet PCI requirements and a culture of constantly monitoring Firewall rules for configuration mistakes and weak security.
Continue reading

FireMon Compliance

There was a multi-week process of reviewing firewall rules multiple times per year in the past, and FireMon has eliminated that. It is also easier to provide documentation to auditors because it is a matter of logging into FireMon and doing a PDF export.
Continue reading

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of FireMon, and make your voice heard!

Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is FireMon?

FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments. Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the…

Entry-level set up fee?

  • Setup fee optional
For the latest information on pricing, visithttps://www.firemon.com/request-a…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Would you like us to let the vendor know that you want pricing?

11 people want pricing too

Alternatives Pricing

What is ManageEngine ADAudit Plus?

ADAudit Plus offers real-time monitoring, user and entity behaviour analytics, and change audit reports that helps users keep AD and IT infrastructure secure and compliant.Track all changes to Windows AD objects including users, groups, computers, GPOs, and OUs.Achieve hybrid AD monitoring with a…

What is Nmap?

Nmap is a free, open source network discovery, mapper, and security auditing software. Its core features include port scanning identifying unknown devices, testing for security vulnerabilities, and identifying network issues.

Return to navigation

Product Demos

Improve Security Operations. Improve Security Outcomes.
01:46
Enforce Compliance
01:35
Manage Change
02:10
Return to navigation

Product Details

What is FireMon?

FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments.

Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the entire IT landscape to automate policy changes, meet compliance standards, to minimize policy-related risk.

Since creating their policy management solution in 2004, FireMon states they've helped more than 1,700 enterprises in nearly 70 countries secure their networks.

FireMon provides solutions that extend and integrate policy management with today’s latest technologies including SD-WAN, SASE, XDR, and SOAR.

The vendor states FireMon customers experience up to 90% improvements in network security policy efficiency while eliminating common misconfigurations which lead to breaches and compliance violations.

FireMon Features

  • Supported: KPI Dashboards: See the network at a glance with analysis, trending and key performance indicator widgets on a customizable dashboard.
  • Supported: Traffic Flow Analysis: Monitor network traffic behavior – down to the application level – to isolate overly permissive configurations.
  • Supported: Access Path Analysis: Trace every available access path across the network and visualize relationships between network devices to identify risk access points.
  • Supported: Network Mapping: Visualize and interact with highly complex network security environments or segmentations.
  • Supported: Change Detection & Reporting: Isolate, document and alert on every ongoing change implemented throughout an existing firewall policies.
  • Supported: Assessments & Controls: Define and employ unique security controls for customized, repeatable analysis and reporting on firewall policies.

FireMon Videos

Improve Security Operations. Improve Security Outcomes.
FireMon: Enforce Compliance
FireMon: Manage Change

FireMon Downloadables

FireMon Integrations

FireMon Competitors

FireMon Customer Size Distribution

Consumers0%
Small Businesses (1-50 employees)8%
Mid-Size Companies (51-500 employees)15%
Enterprises (more than 500 employees)77%

FireMon Technical Details

Deployment TypesOn-premise, Software as a Service (SaaS), Cloud, or Web-Based
Operating SystemsWeb based browser UI
Mobile ApplicationNo
Supported CountriesAll countries except North Korea, Iran, Sudan, Syria and Cuba
Supported LanguagesEnglish

Frequently Asked Questions

Tufin Orchestration Suite, AlgoSec, and RedSeal are common alternatives for FireMon.

Reviewers rate Product Scalability highest, with a score of 8.

The most common users of FireMon are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews

(1-25 of 62)
Companies can't remove reviews or game the system. Here's why
Jorge Pomachagua Sotomayor | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
We use the PCI reports available on the appliance in order to know the levels of compliance of our business.
  • Detailed reports
  • Unused firewall rules
  • Visibility of the whole configuration
  • Have one only access to configure the appliance and handle reports
Scenarios where any customer handle different brands of appliances this tool helps to get reports of all of them.
Scenarios where you only have one unique brand this tool may not be the best option.
Once you configure LDAP as an authentication server you are able to handle different access groups.
Actually we only used for private environments and with different brand this tool save so much time.
Score 9 out of 10
Vetted Review
Verified User
I use it for reporting and checking for unused firewall rules to do cleanup. I am still new to the Firemon product, so I have not used all of its functions.
  • Reporting
  • Dashboard
  • Rules changes.
  • SIQL query.
  • SIQL query is good but not easy to use.
  • Query interface for advanced does not always has basic query conversion.
  • The report have a lot of info that I need to filter it out.
The dashboard is very good, so you can get reporting in one central location for all company firewalls. You cannot make firewall rule change on Firemon Security Manager.
FireMon setup is very easy; you can add or remove firewall devices as needed.
We have not utilized FireMon on cloud environments.
October 14, 2022

Firemon! The time saver!

Score 9 out of 10
Vetted Review
Verified User
The issues are You have to learn new commands via CLI. There iS no tool to analyze the diagnostic file, you have to send it to Firemon support.
  • Visibility of firewall configuration
  • LDAP authentication server, it does not worked as other tools
  • SMTP configuration
The tool give the customer a lot of visibility about the appliances in general.
The customer asked for multiple reports from different departments and he always was able to get the information requested.
Yes private cloud, all the appliances are on-premise.
Score 9 out of 10
Vetted Review
Verified User
We used FireMon as a firewall analyzer of internal and external perimeters. We were able to gather relevant tcpdumps instead of looking directly in the firewall. This is very useful for executive managements, we can just provide them read only access and if someone in our organization asked them they can directly check for any network traffic on their own.
  • Straightforward firewall analyzer, executive management people can understand what's going on.
  • Provides risk rating for any allowed firewall policies
  • Easy dashboard management
  • Can connect to our SIEM
  • Had an issue integrating Checkpoint firewall, need to improve integration with it.
1. We used FireMon mainly on reviewing firewall policies that are high risk or that are not being used in the network anymore. We are able to configure several thresholds wherein once there are no hit counts for atleast 60 days (2 months) there will be an alert to us administrators. 2. We also use several dashboards that are shared to executive personnel for them to see what is going on in our internal and external perimeters.
FireMon is able to do what is expected and has improved our productivity. The reason that I gave 9 and not a perfect score is because of how costly it is, and how we had an issue when we were integrating Checkpoint firewall. Other than that I think this firewall analyzer should be on the top of the list.
Best practice in this case is to put FireMon in the demilitarized zone or DMZ. So that you will be able to support your hybrid cloud infrastructure. In our case, we only put this inside our network since this is only our requirement in the organization.
Score 7 out of 10
Vetted Review
Verified User
We use it to get an analysis of our firewall policies and get some recommendations on what policies have not been used for a long time and can be removed, policy re-ordering, optimization, and risks over risky protocols being allowed in policies like telnet or FTP. We use it to push policy automation changes, This enables a zero-touch framework to implement policy changes.
  • Policy overview and optimisation suggestions
  • Risk analysis over wide open policies, risky ports open on policies
  • Zero-touch automation for policies
  • Using with in house ticketing solution to make a framework for policy change approval.
  • The firemon had have some issues after almost every update. They need to improve on that.
  • Cisco is one of the products that has best support, The scope of other products can be improved.
  • Automation of policie implementation breaks very often
Firemon is a more budget option one can look up if they are looking to manage something like cisco, Paloalto, checkpoint or FortiGate. It is not that great with another brand of firewalls like NSX or other ones that are not that much out there.
Once provisioned the size of VMs cannot be changed, This is something that we heard they are working on. I haven't heard about a solution to this as of now. A number of collectors can be deployed without a need for extra licenses of you have remote firewalls.
We have a hybrid environment in our organization, we are using the Firemon solution for both our on-prem and cloud firewalls. The collectors have been deployed in both environments to collect from the firewalls.
Score 9 out of 10
Vetted Review
Verified User
Review FWs for Best Practices (Compliance and Assessment) and Policy Optimization (rule placement, rule review) for specific MSS customers. It is also useful to review policy changes as they can be quickly viewed for each domain.
  • viewing policy changes for a single FW over a period of time
  • reports look very professional
  • convenient and informative dashboards
  • initial configuration is time-consuming, maybe an option to import CVS file would be an option
  • navigation, layout and reporting can be confusing
good selection of canned reports in various areas, helpful in troubleshooting issues (firewall changes, health)
although we do not have a very large amount of devices configured on it, it seems to be fast and so far we have not had many issues I can think of.
FireMon is used for public (GCP, AWS), private and hybrid cloud within our organization.
December 07, 2021

Solid and reliable

Score 9 out of 10
Vetted Review
Verified User
FireMon is a great product that compiles information for security and networking issues and is easy to use. Support is some of the best in the industry, questions about the product or upgrades to the application are always answered promptly and with great detail. It is a must-have for any company that wants insight into their network traffic and is looking for added help to stay compliant.
  • traffic monitoring
  • compliance monitoring
  • Ease of use
  • A better customer update letter about upgrades .
The networking team needed insight into traffic for a particular application and had reached out to see if FireMon could provide insight into the traffic flow to help with troubleshooting. It simply made a traffic report that was auto emailed to the team about the issue, and it gave great insight on how often it was being used.
It has been used and proved its worth!
FireMon has proven its worth for the security team, networking team, and compliance team with the various tools it offers.
Score 10 out of 10
Vetted Review
Verified User
Old, not well-documented SCADA system. Helped identify and mitigate security issues, firewall rule optimizations, etc. Compliance with DOE security framework.
  • Fast, easy drill down to problem hosts
  • Central dashboard of multiple interfaces for ease of monitoring and tracking
  • Even with older, not widely used applications integration and use was easy
  • None, well laid out and logical to use
  • Easy to ask questions of support staff, not a negative but all I can think of
Great when testing new/changed firewall rules especially as a 'check and balance' with other network tools.
I was involved with only a small part of what would be considered a small network, yet it still covered two states and nearly every type of network traffic. At our transfer rates, FireMon had no problems that I could see.
The system it was used on was very old and very unique software and traffic types/patterns. FireMon had no issues with the analyzing or monitoring of the same.
Score 7 out of 10
Vetted Review
Verified User
Firewall audits and cleanup. Intake for firewall requests. Auditing overly permissive rules and policies.
  • Security Manager
  • Device Lists
  • Reporting
  • Excel tables
Firemon does a good job of a one page view dashboard. It is also useful when you have a multi-vendor environment,
There is a performance hit when you start creating too many TFAs
We have AWS PAN NFGWs
Score 9 out of 10
Vetted Review
Verified User
Business Units will request firewall changes using policy planner. This method allow us to ask for all details about what is required to implement the changes. It will also provide the end user a portal and SLA for completion. Auditors love this level of tracking and validation.
  • Tracking Changes
  • Clean UI
  • Good Reporting
  • Hard to Customize Policy Planner workflows
  • UI can be slow in Policy Planner
  • Upgrading FMOS has become more involved
Excellent for enterprise work intake for and managing SLAs.
It definitely meets the requirements of being scalable and flexible.
We have not integrated with cloud firewalls yet.
Score 10 out of 10
Vetted Review
Verified User
We use FireMon as a firewall configuration management tool as well as our primary software suite for responding to auditors regarding network security. Currently the product is mostly focused at the security administrator/engineer level but we have several users in less technical roles across different business units that have some limited but very useful information thanks to that extra level of deployment. This tool has been crucial in helping us keep our overall rule counts down and also restricting access to only applications that are still valid. Recently I've created controls that were pretty simple to make, they essentially evaluate any new rule created to see if it crosses from outside to inside which allows a tier 3 team to analyze those rules daily/weekly. Compared to how I was doing this in Splunk Firemon is 100x better.
  • Finds overly permissive rules
  • Finds redundant rules/unused object (junk)
  • Acts as a snapshot in time config repository (backup system)
  • Helps compare configs from one day to the next to see exactly what changed and who changed it
  • Creating controls for higher tier engineers to review to ensure policy is being followed in near real time.
  • There are a number of reports both built in and custom that can really help make sure company policy is being followed in rule creation.
  • The administration page alerts are pretty bad and need to be finely tuned.
  • Performance issues impacting large organizations with a massive amount of traffic passing over their firewalls
  • Cisco integration is less than Palo and Checkpoint in many areas; perhaps this is a Cisco side issue, but either way, it would be nice if all features worked with all vendors to the same degree
  • As of writing this you can't add Firepower devices directly to Firemon, you have to add a FMC and it can read the config from there. That works well for most people to be fair, but I am looking to kill FMC and use Cisco CDO instead. Firemon is adding support that will permit all of this which I'd estimate at 6 months. Keep that in mind when buying. That said, I'd try to work around the limitation as they add support.
FireMon is very well suited to handle small to midsize networks for total configuration management/rule deployment/reporting. I think where FireMon is less suited is handling larger networks with higher amounts of traffic. To be fair to FireMon, we probably should have been informed by the original sales team (no longer with the company) that we would need more hardware in order to function properly with our network. We've had to use clever workarounds to get basic data from our devices into the product. I do not think this is a problem in all larger organizations but in ours where firewall logging accounts for most logs in the environment, we do have some issues. Update: Firemon is using a lot of different scaling tricks so that you can dedicate servers to functions or load balance the same functions across multiple servers. This won't help with a large environment with routes that don't make much sense but it should help permit the ability to log a lot of traffic if you supply the correct hardware to do so.
Update: The ability to scale the product before deployment is very high, after deployment you can still add new servers and combine them to get "ultra" performance out of the product though it is more complicated so if I had to go back in time I'd have started with more hardware. Given the somewhat recent dedication to this (supporting large organizations), I am moving my rating from 8 to 9. I would still like to see some sort of magic plug and play for scaling which is probably unlikely especially since it's not really that hard.
We have yet to deploy FireMon into our public or hybrid cloud strategies, nor do we really need to support many vendors on premises. Our business does have another security department that finds great benefits from the vendor-agnostic support. I have seen what the product can do, and in time, as our need to support multiple vendors across different environments increases, I have no doubt it will get the job done very well.
Score 6 out of 10
Vetted Review
Verified User
FireMon is being used to provide detailed historical records of every change/revision made on every network appliance enterprise-wide. It provides instant visibility on what changed when issues arise. Considering outages and time to restoration are measured by duration, having a single pane of glass showing which firewall rule or ACL was updated is priceless. Without FireMon, we would go into every outage--both small and large--blind, trying to figure out where to start.
  • Tracking firewall rule changes.
  • Normalizing data so that it's easily understandable across different vendors and technologies.
  • Providing detailed or summary reports for the data you actually want.
  • It seems like their licensing model is constantly evolving.
  • Often, support will have to escalate cases to engineering.
  • Certifications are always geared to a particular version.
Better suited for:
  1. Compiling a historical record of changes/revisions of network appliances.
  2. Understanding rule set complexity in terms of overlapping rules and redundancy.
  3. Understanding and viewing rule usage.
  4. Understanding network flow--how packets will traverse from this hop to the next.
  5. What compliance risks are present due to failed controls.
FireMon's licensing model appears to constantly evolve, which at times can be frustrating when sizing your environment for scalability. I've experienced a situation where our organization was licensed for a particular feature with FireMon version X but not licensed for it in version Y. This caused a good amount of confusion when the procurement team got involved.
Score 8 out of 10
Vetted Review
Verified User
My team uses Firemon primarily for a firewall reviews due to PCI compliance. Firemon offers a great overview of how our network is built and how it can be utilized better for requirements one in the PCI – DSS. Currently, the software is being used by just a department and not the whole organization however, Firemon does impact the entire organization's compliance program.
  • Customer service
  • Sales presentations
  • Follow up
  • Implementation
  • Data storage
  • Swag
Within my industry I have multiple contacts that are looking for exactly what Firemon does. Not only can the software help compliance professional but also network engineers who need a better picture of how infrastructure is set up. As well as new employees that need to learn the environment quickly.
Firemon Is easily scalable and maintainable with any size team. Although it requires some tech debt, it is well worth the time to invest to ensure compliance is visible and reports are accurate. Although our environment is very large we do not fully utilize the scalability of the Firemon product.
No major benefits have been realized with the vendor a nice take approach however this has allowed us to choose Firemon do to ease of use,return on investment, and implementation. As a cloud software company, the designer Firemon works great!
Score 10 out of 10
Vetted Review
Verified User
We are currently using FireMon to monitor our primary corporate and DR firewalls. Also we use them to monitor our eCommerce environment firewalls. We are slowly expanding, as we have a number of retail locations, also with firewalls, and need to monitor them. We use this to push update and config changes, as well as backups and restores (when needed). We also use this to troubleshoot and test new policy implementations
  • Configure management - multiple firewalls made easy
  • Backups - a number of times this has come in handy
  • Troubleshooting - being able to chase down a path issue
  • Rule testing - planning before implementing
  • Initial setup requires quick a bit of legwork if you want to do it right
  • Definitely takes some learning if you are new to the system
  • Making sure everything is tagged and tagged correctly is important and time consuming
We have multiple firewalls in our corporate environment that are from the same vendor, and while this vendor does provide a single console for management, it falls short of being able to do the proper kind of management that you'd need to a large, complex network. FireMon allows for the firewall team to management and monitor the firewall, including rules, paths, and issues in a single environment. Along with the ability to test and troubleshoot route and path issues, which makes life much easy and makes fixing problem much quicker
Easily done scaling, ability to add devices quickly without too much hassle. Growing the products footprint is not difficult at all, and that allows for quick deployment in the case of need. While our setup has been static for about a year, we should be growing it as we add our retail stores to the pot, which will need additional resources to process all the additional data. This is easily done with FireMon
We have not delved into the cloud aspect of FireMon yet, but as our cloud footprint grows, and we need the ability to see what is happening 'up there' this should be a great additional to our arsenal.
May 04, 2021

Review for FireMon

Score 9 out of 10
Vetted Review
Verified User
We are primarily using FireMon for Quarterly Compliance.
  • Configuration pulls
  • Drop rule enabled
  • Change History
  • The requirement for syslogs when some of the firewalls are already displaying last hit date, etc. (palo alto)
I think the flexibility of scheduling the config pulls and the flexibility on the architecture (1 box versus as many as you want) are very nice.
We have used it across multiple vendors, but not in the cloud.
Score 9 out of 10
Vetted Review
Verified User
FireMon is being used to monitor changes to our existing firewalls. Our firewalls consist of various Palo Alto models.
  • Easy to create custom controls.
  • Good dashboards for visibility.
  • Easy to use interface.
  • Out of the box reporting for compliance needs.
  • Navigation can be daunting for new users.
  • Not enough granularity with regards to documentation.
FireMon is best suited for change control monitoring and compliance in our organization.
FireMon has enabled us to monitor firewalls from one console, and has support for new models from Palo Alto which we currently use.
We recently expanded our FireMon infrastructure, from a one node solution to a four node highly available solution deployment on prem.
The upgrade and migration took less than a week of planning and implementation.
FireMon has helped us consolidate our firewall configurations for similar devices. This promoted consistency and compliance. Most recently, we had upgraded our Cisco Firepower devices and FireMon was instrumental in helping us consolidate our configs.
December 16, 2020

Secure with Firemon

Score 8 out of 10
Vetted Review
Verified User
FireMon is being used by whole organization. It's a second source of firewall rules and we give access to people who can't be given access to firewalls to review the rules. That way many people are using FireMon.

We are also using it for Rule analysis and rule-recertification.
  • Filter search capabilties
  • Rule recertification using Policy Optimizer
  • Ease of use and interactive WEB UI
  • Some features could be added to the existing functionality which include NAT rules usage
  • Rule expiration normalization from firewalls rather than entering them in rule documentation
  • .csv exports of the files from the firewall pane only gives usage for 30 days by default and that should be increased
FireMon is well suited for rule analysis and compliance
Score 8 out of 10
Vetted Review
Verified User
FireMon is deployed by the Corporate Security Team, the network team will check in all of their firewalls and use the tool for audit purposes. The Security Team also aligns witth each Business Unit security leader, if that BU is audited they use the data produced from FireMon as evidence.
  • Firewall Auditing
  • Reporting
  • Ease of use
  • Resources, to much minimun hardware requirements to run
  • Architecture is to big, to many endpoints to deploy
  • Hosted Cloud solution could help in place of System deployments
FireMon is a great tool, but it is very expensive to run. Also the last sale rep we had was very aggresive and didnt respect the fact we told them that we were not interested at the time to upgrade or add any additional licensing.
Scalability is great, just need to deploy a collector locally and it gooes...the main APP + DB server is a resource hog.
We [haven't] deployed FireMon to any Cloud environments currently.
Score 7 out of 10
Vetted Review
Verified User
We use FireMon for compliance purposes. We use it to generate reports whenever a change is made to the Firewall. We can see who pushed policy in Checkpoint, what Change# it is associated with, and what was actually done compared to what the change ticket stated.
  • When working correctly, it generates reports for each firewall when a change is made.
  • It is a great tool to audit Firewall rules, redundant rules, and changes made
  • It doesn't always provide reports for when changes are made.
  • It only shows who pushed policy in the reports, not who made the actual changes to the firewall.
  • You can no longer drill down into reports at a granular level which back in Version 7 you were able to, which provided a great deal of information.
  • Seems to have some issues communicating with Checkpoint retrieving all reports that are split between two data centers.
When working correctly, it is great for audit purposes when you need to show when changes were made, what was made, who made them, and with what change. When the reports aren't working, you have to dig up all this information manually. Back in version 7, you were able to drill down in the reports that provided a very granular detailed information, now the newer version doesn't allow for this.
When working correctly, it can scale well to our environment which runs multiple Firewalls with backup Firewalls.
We use FireMon strictly for reporting purposes, only for audit reasons.
October 16, 2020

FireMon: Great Product

Score 9 out of 10
Vetted Review
Verified User
We currently use FireMon for reviewing/cleaning up rules and plan to implement policy planner by the EOY. It improves and simplifies documentation.
  • Lets you know what is unused so you can lock it down
  • Improves the process of review rules
  • Open up knowledge base on Google, to make searching easier with better results
Still learning the FireMon package, but the more I learn the better I like it. We have a small shop so I tend to jump between priorities.
Works great for our two failover pairs--this question may be better for a larger organization.
We are currently not using it for cloud support.
It save me time and I'm able to have the review - review the rule independently with using my time.
Score 4 out of 10
Vetted Review
Verified User
FireMon is being used within my team. It allows us to view all of our rules in one console and run queries against those rules.
  • Runs queries against existing rules.
  • Requires a lot of care and feeding, often our log collector disconnects and must be reconnected.
  • Service Packs are required to be added/updated much too often.
  • Whenever we make any changes in our firewall environment, FireMon takes a ton of time to get working properly again.
  • The canned queries are lacking, more should be added and improved.
If the information is in FireMon, I can run an unused rule report which helps with rule cleanup.
FireMon isn't an intuitive tool and wouldn't be much use across departments outside of IT.
FireMon doesn't seem to work well with CheckPoint so maybe they should focus more on a specific vendor to be sure the tool works well with one vendor before moving to the next.
Score 10 out of 10
Vetted Review
Verified User
FireMon is used in conjunction between the Network and Security team for security purposes like evaluating current security posture of the firewalls as far as rules and configurations in place. We are aiming to use it to automate yearly recurring review activities by our teams and to facilitate the amount of time it takes to complete them.
  • Rule review.
  • Best practice guidelines review.
  • Configuration review.
  • CIS benchmark integration would be great.
  • The reporting inside the platform is great, but the exported versions could be improved to facilitate reading and get a high summary executive view.
It is a nice monitor tool, don't expect anything more. Organisation processes are needed around its integration to enhance its use. Everything related to firewall optimization and cleanup is nicely done by FireMon, the solutions are also well presented and easy to implement. The reports are great, but it still require human interaction to fix things, don't expect the process to be automated.
We only use FireMon for on-premise purposes at the moment. I'm not aware of any initiative to take it to another level, but if there's an opportunity we're aware the solution is well suited for all our needs, regardless of the environment where it is implemented and in which it is operating.
August 03, 2020

FireMon Review

Score 10 out of 10
Vetted Review
Verified User
Cybersecurity and Network departments use the product, for auditing, keeping track of changes, security, real-time change information, historic log information, dupe rules/object cleanup. and long term trend reports.
  • Correlate large rule sets and uncountable objects into a human usable format
  • Allows you to pick a supplied compliance assessment and allows you to create a custom one to fulfill your needs
  • Gives you an Enterprise dashboard with percentages that you can drill down to the devices--as the rules are constantly changing to fit business needs this helps reduce security flaws a human will miss.
  • It centers on policy, compliance, and change--the three areas we all need help in.
  • Setting up a new compliance assessment or modifying an existing one
It's a must-have tool for the security department.
You count the current and new devices for the years and you're done. Not a set as in most other applications where you buy 10, 25, or 100, and end up paying for something you are not using.
We have Fortinet, Cisco, and Palo Alto in-house, and FireMon works with all of these. We are moving into the cloud now using Palo Alto, and we don't see any Issue adding this to FireMon.
July 28, 2020

A Review of FireMon

Score 9 out of 10
Vetted Review
Verified User
FireMon is used for firewall governance, including the creation of reports to satisfy PCI requirements, to identify and prioritize remediation of overly permissive rules and rulesets, and as the principal platform for performing firewall policy audits against internal standards.
  • PCI Reporting - After identifying which firewalls and rulesets are in scope, producing a report artifact to satisfy PCI requirements on Firewall reviews is literally a two-click operation.
  • Storing Rule Metadata - FireMon stores metadata (prefilled fields, standard fields, and custom fields) for each rule in each policy which is valuable for context during firewall reviews in particular
  • API - FireMon exposes most if not all of its functionality via REST API
  • FireMon does not yet support URL filtering (the identification of or implementation of) for Palo Alto firewalls
  • Direct integration with other systems takes place through workflows, which are not documented (the intent I believe is Pro Services should be engaged in order to do integrations, e.g. with ServiceNow).
I would strongly recommend FireMon for any IT/Security department that must maintain and support multiple firewall platforms. FireMon's ability to create a unified interface to view, audit, and even implement rules in a vendor-agnostic manner is excellent.

If PCI audits are an issue, and providing firewall reports for PCI is difficult, FireMon solves this immediately out of the box.

If a business is entirely using a single firewall platform, FireMon still provides benefits, but the recommendation would not be quite as strong depending on the capabilities of the native management platform.
With a distributed architecture available for larger deployments, FireMon is excellent at scaling during or after implementation.
We do not use multiple vendors for cloud, so I cannot speak to this aspect.
Score 9 out of 10
Vetted Review
Verified User
Currently, we are using FireMon to catalogue our firewall policies, assign owners to rules, and audit those rules.
  • Policy Optimization - helping us remove shadow rules
  • Rule analysis for gaps in security
  • Unused rule identification
  • Bugs, Bugs, Bugs, Bugs, Bugs
  • Upgrades are often problematic.
  • Sometimes what the reports show isn't what's in the database.
Firewall rule analysis, removing shadow rules, finding gaps in policies are all great areas for FireMon use. We have limited use of FireMon in our organization because we don't have a good understanding of the product and its capabilities (outside of one or two individuals). It would be good for FireMon to look at our setup and advise us on what we can use it for.
Easily understanding how many firewalls, routers, switches, etc. can be used from a hardware/CPU/memory perspective has been challenging. The real reason I gave the "8" is because of all the bugs in the systems that we encounter when we upgrade. It's guaranteed we run into a minimum of two to three bugs immediately after upgrading.
We have not used that to my knowledge yet. But, I know it's coming.
Return to navigation