FireMon: Igniting Innovation, Guarding Security.
We currently use the security manager modules to clean and fine-tune our set of policies centrally. We additionally use a policy planner …
Overview
What is FireMon?
FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments. Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the entire IT landscape to…
Recent Reviews
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Reviewer Pros & Cons
Pricing
N/A
Unavailable
What is FireMon?
FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments. Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the…
Entry-level set up fee?
- Setup fee optional
For the latest information on pricing, visithttps://www.firemon.com/request-a…
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
24 people also want pricing
Alternatives Pricing
What is ManageEngine ADAudit Plus?
ADAudit Plus offers real-time monitoring, user and entity behaviour analytics, and change audit reports that helps users keep AD and IT infrastructure secure and compliant.Track all changes to Windows AD objects including users, groups, computers, GPOs, and OUs.Achieve hybrid AD monitoring with a…
What is Speedify VPN?
Speedify is a new kind of bonding VPN designed from the ground up for speed, security, and reliability. The vendor says Speedify's bonding protocol lets it do things no other VPN can: switching between Wi-Fi and Cellular without breaking sockets, and bonding connections together for speed…
Product Details
- About
- Integrations
- Competitors
- Tech Details
- Downloadables
- FAQs
What is FireMon?
FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments.
Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the entire IT landscape to automate policy changes, meet compliance standards, to minimize policy-related risk.
Since creating their policy management solution in 2004, FireMon states they've helped more than 1,700 enterprises in nearly 70 countries secure their networks.
FireMon provides solutions that extend and integrate policy management with today’s latest technologies including SD-WAN, SASE, XDR, and SOAR.
The vendor states FireMon customers experience up to 90% improvements in network security policy efficiency while eliminating common misconfigurations which lead to breaches and compliance violations.
FireMon Features
- Supported: KPI Dashboards: See the network at a glance with analysis, trending and key performance indicator widgets on a customizable dashboard.
- Supported: Traffic Flow Analysis: Monitor network traffic behavior – down to the application level – to isolate overly permissive configurations.
- Supported: Access Path Analysis: Trace every available access path across the network and visualize relationships between network devices to identify risk access points.
- Supported: Network Mapping: Visualize and interact with highly complex network security environments or segmentations.
- Supported: Change Detection & Reporting: Isolate, document and alert on every ongoing change implemented throughout an existing firewall policies.
- Supported: Assessments & Controls: Define and employ unique security controls for customized, repeatable analysis and reporting on firewall policies.
FireMon Videos
Improve Security Operations. Improve Security Outcomes.
FireMon: Enforce Compliance
FireMon: Manage Change
FireMon Integrations
- Palo Alto Networks Next-Generation Firewalls - PA Series
- Palo Alto Networks Advanced URL Filtering
- Palo Alto Networks Virtualized Next-Generation Firewalls - VM Series
- VMware NSX
- VMware ESXi
- Check Point Quantum Security Gateway Next Generation Firewall
- Check Point Quantum Smart-1 Security Management
- AhnLab TrusGuard
- Check Point FireWall-1 / SmartCenter / VPN-1 Edge including VSX
- Cisco ASA / PIX / FWSM / ASA Context
- Dell SonicWall
- F5 AFM
- Fortinet Fortigate / VDOM
- Huawei USG / Eduemon
- Hillstone SG-6000 series
- IBM Proventia MFS
- Juniper Netscreen / SRX / ScreenOS / VSYS
- Secui NXG / MF2
- Stonesoft Management Center and detected firewalls
- Topsec Firewall
- WeGuardia FW
FireMon Competitors
FireMon Technical Details
| Deployment Types | On-premise, Software as a Service (SaaS), Cloud, or Web-Based |
|---|---|
| Operating Systems | Web based browser UI |
| Mobile Application | No |
| Supported Countries | All countries except North Korea, Iran, Sudan, Syria and Cuba |
| Supported Languages | English |
FireMon Downloadables
Frequently Asked Questions
Reviewers rate Support Rating highest, with a score of 7.7.
The most common users of FireMon are from Enterprises (1,001+ employees).
FireMon Customer Size Distribution
| Consumers | 0% |
|---|---|
| Small Businesses (1-50 employees) | 8% |
| Mid-Size Companies (51-500 employees) | 15% |
| Enterprises (more than 500 employees) | 77% |
Comparisons
Compare with
Reviews and Ratings
(113)Attribute Ratings
Reviews
(51-69 of 69)Companies can't remove reviews or game the system. Here's why
January 20, 2017
FireMon Excellence!
FireMon Security Manager is currently utilized for change management across all of our firewall systems. The reporting and assessment facilities also provide essential information to assist us with ensuring our firewall environment is at its most efficient. FireMon is utilized by the security and network management teams in our organization.
- Security Manager provides a graphical map of your infrastructure and allows you to do a path analysis through the firewall infrastructure.
- Security Manager allows you to view every change made on the specified device. This includes the day, date, time, and user who made the change. You can drill down to detailed information concerning exactly what the change was.
- Security Manager allows you to view all firewall policies including Security Rules, Objects, NAT Rules and more.
- While FireMon provides great reports, the reports that we utilize often can not be edited. We would like to see the reports in an editable format allowing us to remove content that is not relevant or add relevant content to the report for presentation to management.
- A recent change was made in a update to Security Manager that caused problems with the LDAP authentication of users. This change was not adequately communicated to us before the update and took several sessions with Technical Support to correct. A better job of updating the customer of major changes is required.
January 17, 2017
Comprehensive firewall management tool review.
FireMon Security Manager is used to monitor our internal firewall usage, daily firewall changes, and is also used for firewall report creation. It is currently used just by the information technology department, although it is used by various users including technicians, administrators, and analysts. FireMon Security Manager helps the business comply with payment card industry data security standard compliance.
- Real-Time email alerting for firewall changes and the availability to review the new configuration and the previous one side by side is one of FireMon Security Manager’s strengths.
- Easy to read Overview Dashboard provides at a glance report charts of the Top 5 devices including control failures, firewall rule complexity and rules available for removal.
- The interactive network topology device mapping feature clearly shows network segments, firewall locations and external access points with the ability to access firewall rules with one click.
- The out of the box reporting is a nice feature, but the ability to build customized report with a report "wizard" would be an added benefit.
January 13, 2017
FireMon Security Manager - An Awesome Tool
We have customers that have this product and we help them with the installation. For one of them we have a managed service, and it means we manage the tool with tasks like doing firmware upgrades, adding/deleting devices and helping them with reports and other configurations. It is also used for training the customer’s users to and understand the reports and other features FireMon Security Manager has.
- Custom compliance assessments. Even [though] FireMon Security Manager has a complete suite of compliance assessments, it's a strength that we are able to build custom compliance assessments to review the status of the network based on our internal policies.
- Rule Search. Is an awesome tool because we can verify before creating a new firewall policy in the network if there is any other policy that is already created that fulfills the request. It lets you keep your firewalls clean.
- Building the maps is still a complex task to complete. It requires a lot of time to do it and it's not too intuitive.
January 13, 2017
Quick and dirty on FireMon
FireMon Security Manager is used for audit archival and compliance. The software allows us to log changes in firewall policies and track who and when. When configurations are audited, the software allows us to compare changes made over a specific time period.
- Logging policy changes.
- Providing insight into change process.
- Expansion to other products.
- Interface is very cluttered, could use streamlining.
January 13, 2017
Streamline Firewall Management with Firemon
FireMon is very useful for reporting any changes made to firewall policies in real-time. It sends an email of who, what, and when the change was made. Very using for alerting other network admins. Reports also show which firewall rules may be too open. Firewall rule cleanup is important to keep up with. FireMon makes it easier.
Another feature I like is the API. Checkpoint doesn't have an easy way to search for NATed IP addresses associated with host objects. In v7 we use a PHP script to compile the real IP address, NAT IP address, name, and comment data to be easily searchable to help find available NAT addresses to use. Unfortunately, v8 doesn't pull the NAT data from Checkpoint at this time. Support said they are working on it.
Another feature I like is the API. Checkpoint doesn't have an easy way to search for NATed IP addresses associated with host objects. In v7 we use a PHP script to compile the real IP address, NAT IP address, name, and comment data to be easily searchable to help find available NAT addresses to use. Unfortunately, v8 doesn't pull the NAT data from Checkpoint at this time. Support said they are working on it.
- The API is very useful for extracting data.
- The reporting feature is very usful for finding weaknesses in the firewall rule base.
- Notification of firewall changes to keep administrators abreast of what was changed including rule, objects, etc.
- v8 doesn't import the translated NAT address from Checkpoint like v7 does. This needs to be added back.
January 13, 2017
Firemon Security Manager Higher Education Review
We're utilizing this only within IT. We track changes to the firewall with it as well as using it to track access list usage and current openings. We're using the product to make the auditing of firewall openings much easier. Rather than having to track need for openings manually, we're able to identify whether an opening is being used and how much it is used.
- It does a good job of tracking usage of firewall openings. This gives us much better reporting than traditional firewall logs.
- It does a good job of tracking firewall changes. We are able to determine when changes were made and by whom.
- The interface makes it easier to determine which openings are currently present.
- We've occasionally had issues where the product stops receiving and recording access control list hits.
- Sometimes we have issues with comments populating correctly into the FireMon config.
- We've run into a few issues when the system became unavailable.
January 13, 2017
FireMon Review
It is used by our IT department to audit existing firewall configurations. It is helpful in finding redundant or unused rules in the configuration. We also find the traffic flow analysis tool extremely helpful. When creating new rules for new applications we find a lot of required ports are not properly documented and the flow analysis provides a great way to audit the rules traffic and narrow down the exact ports required for an application.
- Traffic Flow Analysis is an invaluable tool.
- The ability to run reports on PCI audits has been very useful.
- The logged connections history is great for showing management metrics.
- AD integration was a little difficult to set up.
- Upgrading was tricky but FireMon support did a great job working with us to complete an upgrade.
January 13, 2017
Best in class!
We are using FireMon to monitor firewall changes as well as to improve the rule base.
It is a really efficient tool, which helps us by having a slimmer and more responsive firewall, which is not cluttered by redundant rules.
- Firewall Optimization
- Audit
- Tracing traffic
- The install on column from firewall is not filtered, making it a bit difficult to analyze some rules
January 13, 2017
PCI review
It's being used to monitor our firewalls for changes and keep track of the requests for new changes. It's primarily just for the IT security department. The primary problem it addresses is PCI compliance.
- Tracks all changes made to the firewalls.
- Fairly easy to use ticket request system (policy planner).
- Need to be able to support more types of firewalls (for example the new FTD code for the Cisco ASA's and the NSX firewalls).
- Need better integration between data submitted in policy planner tickets to the security manager (not all the data from those tickets are saved in the security manager).
- Need more customization options on policy planner (require certain fields to be filled out).
I am a network security engineer for a large ISP and we recently implemented FireMon in our network to help manage our firewalls. We are a growing company and this product helps us consolidate our firewalls to give us a better understanding of how they are being used and how often.
- FireMon gives a great overview of all firewalls on the network.
- FireMon tells us what rules are and aren't being used to help us keep our policies manageable.
- FireMon gives us a better understanding of what areas might need more security.
- It's great that it can tell us what rules are redundant but it doesn't lay out the rules side by side.
- Could provide more online training like videos and documentation, to maximize our use of FireMon.
January 11, 2017
Great Resource and a Reasonable Cost
The IT Perimeter Security Team uses FireMon to clean up unused Rules and ports not being used by the Firewalls along with running compliance checks against the firewalls to insure they are in line with best practices.
- Tracks Firewall rule usage.
- Tracks and documents all Firewall changes.
- Holds all Firewall ACLs in one centralized location.
- Compatibility to see VPN tunnel ACLs.
- Reports could be easier to customize.
- Single licensing Enterprise option. Added other firewalls and needed another license - cumbersome.
January 10, 2017
Overall very satisfying
FireMon Security Manager is being used across the whole organization. It is used to keep track of every firewall policy and what each one does. With more than 23,000 employees, there are a lot of firewalls used on our network.
- FireMon Security Manager does a great job in validating firewall policies against regulatory requirements and in the utility business there is a lot of regulation to comply to. I think this is a strength because it's getting harder and harder to follow up on all regulation that applies.
- FireMon Security Manager does a pretty good analysis of all the firewall configurations and it helps to identify rules that are hidden, too permissive or shadowed. It helps keep the firewall configurations clean at all time.
January 10, 2017
FireMon Security Manager Review
FireMon Security Manager is being used by the security operations team to audit firewall configurations and determine access for firewall change requests. The network team uses it for configuration and reporting.
- Auditing of configurations
- Policy planning for firewall change requests
- Reporting
- AD authentication setup is somewhat challenging
- Licensing model is confusing
January 10, 2017
If you're looking for insight, FireMon is the tool for you
FireMon is a big help in our efforts to clean up our ruleset. The ability to see exactly what ports and services are being allowed versus what is being used is extremely helpful.
- Reporting
- Visibility
- Centralized network security monitoring
- The reporting takes a long time to load.
January 10, 2017
FireMon is Best but can improve
We use Firemon security Manager to maintain all the Cisco based firewalls across our organization. It is used to check the daily reports updates and changes on each and every firewall.
Mainly we use FireMon to get the audit reports on the firewalls.
Mainly we use FireMon to get the audit reports on the firewalls.
- Audit Reports
- Control Failures
- Policy Planner
- Policy Planner needs to be updated as per the organization
- More Detailed Reports for Auditing
January 10, 2017
Not bad
FireMon is only being used for firewall configuration monitoring purposes. In other words, any changes on the firewall we would check on FireMon.
- FireMon does a great job at monitoring any changes on the firewall rules
- Monitor any user accounts that perform the changes on the firewall
- Easy to set up
- Collecting logs of logs usage on the firewall from a SIEM device would be useful
- A report to generate all firewall rule changes within the last year
January 09, 2017
Reliable IT Security Tool
FireMon Security Manager is being used within my organization for several purposes. I specifically utilize FireMon 8 in order to gain long-term information about the traffic hitting the firewalls within the network. The reports that I'm able to run using FireMon 8 give allow me to better analyze the firewalls in order to remediate rules within the firewalls.
- Provides well organized, easy to read reports such as rule usage and object usage.
- Provides ability to quickly run a query to identify where particular objects are being used.
- Logging of firewalls over time gives long-term status on rule use on the firewalls.
- Learning how to write syntax to query information was difficult.
- Difficult to rely solely on the results from queries run in FireMon. I have seen different results from FireMon and what is on the firewall using another tool and FireMon was inaccurate.
- Logging stops or malfunctions on FireMon.
January 05, 2017
Going beyond the simplicity
We use FireMon to monitor any changes that are made to our network. We reference the changes against our change management to make sure that the change was authorized and nothing was added or subtracted without prior approval.
- I love the insight into what is being done on the network. I can make sure that our network team is doing what they say they are doing. It also gives us the security controls to see what the network team keeps from us.
- The GUI is easy to use.
- I would like to be able to update certain fields, for example the reference field for tickets.
We utilize FireMon to monitor the changes to our critical firewalls within the Company. We also use it to perform our bi-annual firewall review to show us easily and readily what objects and ACL's are not being used within a certain timeframe. It also allows us to document in detail who the owner of the rule is as well as document the change number associated with the rule/change.
- Monitor changes
- Provides easy review of the configuration
- Shows if there are duplicate rules
- The way it is licensed. It is licensed by device type and IP address.
- Process to upgrade to major versions. Right now you have to reimage the appliance or VM and it is not always just an update.