Overview
What is FireMon?
FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments. Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the entire IT landscape to…
FireMon in a 100+ firewall environment.
Firemon - A reliable source for your audit needs
FireMon - Powerful compliance audit and rule automation
Blind to what changes are being made in your network? FireMon is the answer!
Long time User. The value is worth it, despite challenges.
Work in progress
Cost effective and operationaly acceptable for basic operations
Network Security Compliance and Audit
Firemon a multiple brand integrator
FireMon Security Manager that will help you.
Firemon! The time saver!
FireMon Firewall Analyzer Review
FireMon: Comprehensive and Great Addition to your Security Arsenal
Solid and reliable
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Reviewer Pros & Cons
Pricing
What is FireMon?
FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments. Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the…
Entry-level set up fee?
- Setup fee optional
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
24 people also want pricing
Alternatives Pricing
What is ManageEngine ADAudit Plus?
ADAudit Plus offers real-time monitoring, user and entity behaviour analytics, and change audit reports that helps users keep AD and IT infrastructure secure and compliant.Track all changes to Windows AD objects including users, groups, computers, GPOs, and OUs.Achieve hybrid AD monitoring with a…
What is Speedify VPN?
Speedify is a new kind of bonding VPN designed from the ground up for speed, security, and reliability. The vendor says Speedify's bonding protocol lets it do things no other VPN can: switching between Wi-Fi and Cellular without breaking sockets, and bonding connections together for speed…
Product Details
- About
- Integrations
- Competitors
- Tech Details
- Downloadables
- FAQs
What is FireMon?
FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments.
Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the entire IT landscape to automate policy changes, meet compliance standards, to minimize policy-related risk.
Since creating their policy management solution in 2004, FireMon states they've helped more than 1,700 enterprises in nearly 70 countries secure their networks.
FireMon provides solutions that extend and integrate policy management with today’s latest technologies including SD-WAN, SASE, XDR, and SOAR.
The vendor states FireMon customers experience up to 90% improvements in network security policy efficiency while eliminating common misconfigurations which lead to breaches and compliance violations.
FireMon Features
- Supported: KPI Dashboards: See the network at a glance with analysis, trending and key performance indicator widgets on a customizable dashboard.
- Supported: Traffic Flow Analysis: Monitor network traffic behavior – down to the application level – to isolate overly permissive configurations.
- Supported: Access Path Analysis: Trace every available access path across the network and visualize relationships between network devices to identify risk access points.
- Supported: Network Mapping: Visualize and interact with highly complex network security environments or segmentations.
- Supported: Change Detection & Reporting: Isolate, document and alert on every ongoing change implemented throughout an existing firewall policies.
- Supported: Assessments & Controls: Define and employ unique security controls for customized, repeatable analysis and reporting on firewall policies.
FireMon Videos
FireMon Integrations
- Palo Alto Networks Next-Generation Firewalls - PA Series
- Palo Alto Networks Advanced URL Filtering
- Palo Alto Networks Virtualized Next-Generation Firewalls - VM Series
- VMware NSX
- VMware ESXi
- Check Point Quantum Security Gateway Next Generation Firewall
- Check Point Quantum Smart-1 Security Management
- AhnLab TrusGuard
- Check Point FireWall-1 / SmartCenter / VPN-1 Edge including VSX
- Cisco ASA / PIX / FWSM / ASA Context
- Dell SonicWall
- F5 AFM
- Fortinet Fortigate / VDOM
- Huawei USG / Eduemon
- Hillstone SG-6000 series
- IBM Proventia MFS
- Juniper Netscreen / SRX / ScreenOS / VSYS
- Secui NXG / MF2
- Stonesoft Management Center and detected firewalls
- Topsec Firewall
- WeGuardia FW
FireMon Competitors
FireMon Technical Details
Deployment Types | On-premise, Software as a Service (SaaS), Cloud, or Web-Based |
---|---|
Operating Systems | Web based browser UI |
Mobile Application | No |
Supported Countries | All countries except North Korea, Iran, Sudan, Syria and Cuba |
Supported Languages | English |
FireMon Downloadables
Frequently Asked Questions
FireMon Customer Size Distribution
Consumers | 0% |
---|---|
Small Businesses (1-50 employees) | 8% |
Mid-Size Companies (51-500 employees) | 15% |
Enterprises (more than 500 employees) | 77% |
Comparisons
Compare with
Reviews and Ratings
(113)Attribute Ratings
Reviews
(1-25 of 69)FireMon: Igniting Innovation, Guarding Security.
- Cleaning policy sets.
- Policy set automation.
- Detailed analysis of the policies to be implemented.
- Keep up with new features implemented by security vendors.
FireMon in a 100+ firewall environment.
- Regular reporting.
- Dashboarding
- When my query is too complicated, the search bar changes to an advanced mode. I'd love for it to always be capable of the beginner mode since it takes a long time to get all the pieces of the query I need in advanced mode.
- Sometimes our active VPN tunnels will show "unused" in FireMon when they are used.
- I use the allowlisting feature frequently, but it's not possible to bulk-allowlist items.
- I'd love to be able to report on new control failures. There are a lot of reporting options available, but it seems like a manual export of a CSV is my only choice if I want to look at control failures.
Firemon - A reliable source for your audit needs
- Give good real time reporting for anyone making a change to any of our firewalls
- Provides good reporting tools that are out of box
- Provide good customization tools that is specific to our needs
- Upgrades are a simple process and support does relatively well with assisting us.
- There support could be better in terms of having more SME's for their product.
- FireMon should have a video repository to make it easier on how to use their product
- customizing reports should be made simpler. If we are looking for a specific date range (e.g., 90 day report on what rules have been used, then it should be able to give us this information) however in our past experience this hasn't always been the case
FireMon - Powerful compliance audit and rule automation
- Rule analysis
- Compliance
- Identify errors
- Automation
- Reporting
- Alerting
- Single pane-of-glass console for unified visibility and management
- Policy standardization and automation tools simplify and decrease the time to create and deploy rules
- Preconfigured control sets and scheduling for on-demand and automated PCI-DSS compliance report generation
Room for improvement:
- Policy management for cloud vendors
- Tracking firewall rule changes.
- Normalizing data so that it's easily understandable across different vendors and technologies.
- Providing detailed or summary reports for the data you actually want.
- It seems like their licensing model is constantly evolving.
- Often, support will have to escalate cases to engineering.
- Certifications are always geared to a particular version.
Long time User. The value is worth it, despite challenges.
- Hitcount Data and Integrity checks of Firewall Rules
- Traffic Flow Analysis and Rule Usage Reports to help clean up overly permissive rules.
- Easy way to check specific access allowed in a company across multiple vendors.
- Automate reviews of Rules with Policy Optimizer tickets.
- Focus on the 20% of the product that appears unpolished, such as Mapping and Risk Analyzer
- Understand that certain changes might benefit compatibility with one vendor, but hurt compatibility with another
- Add more support for more advanced features that vendors have to offer
- Clean up deployment images, such as wasted disk space on directories not applicable to a server role
Work in progress
- TFA and TFA output is fantastic
- Finding misconfigured rules is very easy
- We arent leveraging very much from FireMon
- The support site isnt the best
Cost effective and operationaly acceptable for basic operations
- Policy overview and optimisation suggestions
- Risk analysis over wide open policies, risky ports open on policies
- Zero-touch automation for policies
- Using with in house ticketing solution to make a framework for policy change approval.
- The firemon had have some issues after almost every update. They need to improve on that.
- Cisco is one of the products that has best support, The scope of other products can be improved.
- Automation of policie implementation breaks very often
Network Security Compliance and Audit
- Audit
- Identify traffic
- Hardening Firewall Rules
- NAT logging seems to be not supported
- It is able to draw the network's topology. However, because it can't see certain things, it doesn't draw the full story but it is still extremely helpful. We also have asymmetric routing, which causes a challenge. FireMon could improve its end-user practices. As an end user, I am just trying to catch up on all the alerts. There are so many, and you still have to go through them and document what was found
- FireMon could be easier to use and flexibility regarding reporting could be improved.
Firemon a multiple brand integrator
- Detailed reports
- Unused firewall rules
- Visibility of the whole configuration
- Have one only access to configure the appliance and handle reports
Scenarios where you only have one unique brand this tool may not be the best option.
FireMon Security Manager that will help you.
- Reporting
- Dashboard
- Rules changes.
- SIQL query.
- SIQL query is good but not easy to use.
- Query interface for advanced does not always has basic query conversion.
- The report have a lot of info that I need to filter it out.
Firemon! The time saver!
- Visibility of firewall configuration
- LDAP authentication server, it does not worked as other tools
- SMTP configuration
FireMon Firewall Analyzer Review
- Straightforward firewall analyzer, executive management people can understand what's going on.
- Provides risk rating for any allowed firewall policies
- Easy dashboard management
- Can connect to our SIEM
- Had an issue integrating Checkpoint firewall, need to improve integration with it.
FireMon: Comprehensive and Great Addition to your Security Arsenal
- viewing policy changes for a single FW over a period of time
- reports look very professional
- convenient and informative dashboards
- initial configuration is time-consuming, maybe an option to import CVS file would be an option
- navigation, layout and reporting can be confusing
Solid and reliable
- traffic monitoring
- compliance monitoring
- Ease of use
- A better customer update letter about upgrades .
Solid product, great intel of your threat landscape
- Fast, easy drill down to problem hosts
- Central dashboard of multiple interfaces for ease of monitoring and tracking
- Even with older, not widely used applications integration and use was easy
- None, well laid out and logical to use
- Easy to ask questions of support staff, not a negative but all I can think of
FM for Multi-vendor Environment
- Security Manager
- Device Lists
- Reporting
- Excel tables
- Tracking Changes
- Clean UI
- Good Reporting
- Hard to Customize Policy Planner workflows
- UI can be slow in Policy Planner
- Upgrading FMOS has become more involved
FireMon benefits any organization without configuration management right out of the box
- Finds overly permissive rules
- Finds redundant rules/unused object (junk)
- Acts as a snapshot in time config repository (backup system)
- Helps compare configs from one day to the next to see exactly what changed and who changed it
- Creating controls for higher tier engineers to review to ensure policy is being followed in near real time.
- There are a number of reports both built in and custom that can really help make sure company policy is being followed in rule creation.
- The administration page alerts are pretty bad and need to be finely tuned.
- Performance issues impacting large organizations with a massive amount of traffic passing over their firewalls
- Cisco integration is less than Palo and Checkpoint in many areas; perhaps this is a Cisco side issue, but either way, it would be nice if all features worked with all vendors to the same degree
- As of writing this you can't add Firepower devices directly to Firemon, you have to add a FMC and it can read the config from there. That works well for most people to be fair, but I am looking to kill FMC and use Cisco CDO instead. Firemon is adding support that will permit all of this which I'd estimate at 6 months. Keep that in mind when buying. That said, I'd try to work around the limitation as they add support.
Firemon Catches them All!
- Customer service
- Sales presentations
- Follow up
- Implementation
- Data storage
- Swag
- Configure management - multiple firewalls made easy
- Backups - a number of times this has come in handy
- Troubleshooting - being able to chase down a path issue
- Rule testing - planning before implementing
- Initial setup requires quick a bit of legwork if you want to do it right
- Definitely takes some learning if you are new to the system
- Making sure everything is tagged and tagged correctly is important and time consuming
Review for FireMon
- Configuration pulls
- Drop rule enabled
- Change History
- The requirement for syslogs when some of the firewalls are already displaying last hit date, etc. (palo alto)
- Easy to create custom controls.
- Good dashboards for visibility.
- Easy to use interface.
- Out of the box reporting for compliance needs.
- Navigation can be daunting for new users.
- Not enough granularity with regards to documentation.
FireMon has enabled us to monitor firewalls from one console, and has support for new models from Palo Alto which we currently use.
Secure with Firemon
We are also using it for Rule analysis and rule-recertification.
- Filter search capabilties
- Rule recertification using Policy Optimizer
- Ease of use and interactive WEB UI
- Some features could be added to the existing functionality which include NAT rules usage
- Rule expiration normalization from firewalls rather than entering them in rule documentation
- .csv exports of the files from the firewall pane only gives usage for 30 days by default and that should be increased
Firemon is great tool but expensive
- Firewall Auditing
- Reporting
- Ease of use
- Resources, to much minimun hardware requirements to run
- Architecture is to big, to many endpoints to deploy
- Hosted Cloud solution could help in place of System deployments