FireMon: Igniting Innovation, Guarding Security.
We currently use the security manager modules to clean and fine-tune our set of policies centrally. We additionally use a policy planner …
Overview
What is FireMon?
FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments. Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the entire IT landscape to…
Recent Reviews
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Reviewer Pros & Cons
Pricing
N/A
Unavailable
What is FireMon?
FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments. Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the…
Entry-level set up fee?
- Setup fee optional
For the latest information on pricing, visithttps://www.firemon.com/request-a…
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
24 people also want pricing
Alternatives Pricing
What is ManageEngine ADAudit Plus?
ADAudit Plus offers real-time monitoring, user and entity behaviour analytics, and change audit reports that helps users keep AD and IT infrastructure secure and compliant.Track all changes to Windows AD objects including users, groups, computers, GPOs, and OUs.Achieve hybrid AD monitoring with a…
What is Speedify VPN?
Speedify is a new kind of bonding VPN designed from the ground up for speed, security, and reliability. The vendor says Speedify's bonding protocol lets it do things no other VPN can: switching between Wi-Fi and Cellular without breaking sockets, and bonding connections together for speed…
Product Details
- About
- Integrations
- Competitors
- Tech Details
- Downloadables
- FAQs
What is FireMon?
FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments.
Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the entire IT landscape to automate policy changes, meet compliance standards, to minimize policy-related risk.
Since creating their policy management solution in 2004, FireMon states they've helped more than 1,700 enterprises in nearly 70 countries secure their networks.
FireMon provides solutions that extend and integrate policy management with today’s latest technologies including SD-WAN, SASE, XDR, and SOAR.
The vendor states FireMon customers experience up to 90% improvements in network security policy efficiency while eliminating common misconfigurations which lead to breaches and compliance violations.
FireMon Features
- Supported: KPI Dashboards: See the network at a glance with analysis, trending and key performance indicator widgets on a customizable dashboard.
- Supported: Traffic Flow Analysis: Monitor network traffic behavior – down to the application level – to isolate overly permissive configurations.
- Supported: Access Path Analysis: Trace every available access path across the network and visualize relationships between network devices to identify risk access points.
- Supported: Network Mapping: Visualize and interact with highly complex network security environments or segmentations.
- Supported: Change Detection & Reporting: Isolate, document and alert on every ongoing change implemented throughout an existing firewall policies.
- Supported: Assessments & Controls: Define and employ unique security controls for customized, repeatable analysis and reporting on firewall policies.
FireMon Videos
Improve Security Operations. Improve Security Outcomes.
FireMon: Enforce Compliance
FireMon: Manage Change
FireMon Integrations
- Palo Alto Networks Next-Generation Firewalls - PA Series
- Palo Alto Networks Advanced URL Filtering
- Palo Alto Networks Virtualized Next-Generation Firewalls - VM Series
- VMware NSX
- VMware ESXi
- Check Point Quantum Security Gateway Next Generation Firewall
- Check Point Quantum Smart-1 Security Management
- AhnLab TrusGuard
- Check Point FireWall-1 / SmartCenter / VPN-1 Edge including VSX
- Cisco ASA / PIX / FWSM / ASA Context
- Dell SonicWall
- F5 AFM
- Fortinet Fortigate / VDOM
- Huawei USG / Eduemon
- Hillstone SG-6000 series
- IBM Proventia MFS
- Juniper Netscreen / SRX / ScreenOS / VSYS
- Secui NXG / MF2
- Stonesoft Management Center and detected firewalls
- Topsec Firewall
- WeGuardia FW
FireMon Competitors
FireMon Technical Details
| Deployment Types | On-premise, Software as a Service (SaaS), Cloud, or Web-Based |
|---|---|
| Operating Systems | Web based browser UI |
| Mobile Application | No |
| Supported Countries | All countries except North Korea, Iran, Sudan, Syria and Cuba |
| Supported Languages | English |
FireMon Downloadables
Frequently Asked Questions
Reviewers rate Support Rating highest, with a score of 7.7.
The most common users of FireMon are from Enterprises (1,001+ employees).
FireMon Customer Size Distribution
| Consumers | 0% |
|---|---|
| Small Businesses (1-50 employees) | 8% |
| Mid-Size Companies (51-500 employees) | 15% |
| Enterprises (more than 500 employees) | 77% |
Comparisons
Compare with
Reviews and Ratings
(113)Attribute Ratings
Reviews
(1-25 of 49)Companies can't remove reviews or game the system. Here's why
November 07, 2023
FireMon: Igniting Innovation, Guarding Security.
We currently use the security manager modules to clean and fine-tune our set of policies centrally. We additionally use a policy planner to automate our process of routine operations in policy sets.
- Cleaning policy sets.
- Policy set automation.
- Detailed analysis of the policies to be implemented.
- Keep up with new features implemented by security vendors.
October 23, 2023
FireMon in a 100+ firewall environment.
We use FireMon to track changes in traffic, find rules that we can clean up and restrict, and report to higher-ups. I personally use it to export lists of potential rules to change based on control failures. We use it in most of our separate business units for a variety of reasons, but most are using it to improve security posture.
- Regular reporting.
- Dashboarding
- When my query is too complicated, the search bar changes to an advanced mode. I'd love for it to always be capable of the beginner mode since it takes a long time to get all the pieces of the query I need in advanced mode.
- Sometimes our active VPN tunnels will show "unused" in FireMon when they are used.
- I use the allowlisting feature frequently, but it's not possible to bulk-allowlist items.
- I'd love to be able to report on new control failures. There are a lot of reporting options available, but it seems like a manual export of a CSV is my only choice if I want to look at control failures.
FireMon is being used to provide detailed historical records of every change/revision made on every network appliance enterprise-wide. It provides instant visibility on what changed when issues arise. Considering outages and time to restoration are measured by duration, having a single pane of glass showing which firewall rule or ACL was updated is priceless. Without FireMon, we would go into every outage--both small and large--blind, trying to figure out where to start.
- Tracking firewall rule changes.
- Normalizing data so that it's easily understandable across different vendors and technologies.
- Providing detailed or summary reports for the data you actually want.
- It seems like their licensing model is constantly evolving.
- Often, support will have to escalate cases to engineering.
- Certifications are always geared to a particular version.
February 25, 2023
Long time User. The value is worth it, despite challenges.
We use FireMon Daily. It helps to organize and monitor Firewall policy Health, identify issues and act on them. It is great for rule cleanup and compliance checks. It generates data that can be given to management as well as auditors. Policy Optimizer as well as Custom Reports free up a lot of time that engineers can spend on more valuable tasks.
- Hitcount Data and Integrity checks of Firewall Rules
- Traffic Flow Analysis and Rule Usage Reports to help clean up overly permissive rules.
- Easy way to check specific access allowed in a company across multiple vendors.
- Automate reviews of Rules with Policy Optimizer tickets.
- Focus on the 20% of the product that appears unpolished, such as Mapping and Risk Analyzer
- Understand that certain changes might benefit compatibility with one vendor, but hurt compatibility with another
- Add more support for more advanced features that vendors have to offer
- Clean up deployment images, such as wasted disk space on directories not applicable to a server role
February 24, 2023
Cost effective and operationaly acceptable for basic operations
We use it to get an analysis of our firewall policies and get some recommendations on what policies have not been used for a long time and can be removed, policy re-ordering, optimization, and risks over risky protocols being allowed in policies like telnet or FTP. We use it to push policy automation changes, This enables a zero-touch framework to implement policy changes.
- Policy overview and optimisation suggestions
- Risk analysis over wide open policies, risky ports open on policies
- Zero-touch automation for policies
- Using with in house ticketing solution to make a framework for policy change approval.
- The firemon had have some issues after almost every update. They need to improve on that.
- Cisco is one of the products that has best support, The scope of other products can be improved.
- Automation of policie implementation breaks very often
February 15, 2023
Network Security Compliance and Audit
Firemon is an awesome Audit tool, recently this tool has helped us to identify the traffic that is hitting a particular rule. I highly recommend Firemon when it comes to hardening the firewall rules.
- Audit
- Identify traffic
- Hardening Firewall Rules
- NAT logging seems to be not supported
- It is able to draw the network's topology. However, because it can't see certain things, it doesn't draw the full story but it is still extremely helpful. We also have asymmetric routing, which causes a challenge. FireMon could improve its end-user practices. As an end user, I am just trying to catch up on all the alerts. There are so many, and you still have to go through them and document what was found
- FireMon could be easier to use and flexibility regarding reporting could be improved.
October 19, 2022
FireMon Security Manager that will help you.
I use it for reporting and checking for unused firewall rules to do cleanup. I am still new to the Firemon product, so I have not used all of its functions.
- Reporting
- Dashboard
- Rules changes.
- SIQL query.
- SIQL query is good but not easy to use.
- Query interface for advanced does not always has basic query conversion.
- The report have a lot of info that I need to filter it out.
December 11, 2021
FireMon: Comprehensive and Great Addition to your Security Arsenal
Score 9 out of 10
Vetted Review
Verified User
Review FWs for Best Practices (Compliance and Assessment) and Policy Optimization (rule placement, rule review) for specific MSS customers. It is also useful to review policy changes as they can be quickly viewed for each domain.
- viewing policy changes for a single FW over a period of time
- reports look very professional
- convenient and informative dashboards
- initial configuration is time-consuming, maybe an option to import CVS file would be an option
- navigation, layout and reporting can be confusing
December 07, 2021
Solid and reliable
FireMon is a great product that compiles information for security and networking issues and is easy to use. Support is some of the best in the industry, questions about the product or upgrades to the application are always answered promptly and with great detail. It is a must-have for any company that wants insight into their network traffic and is looking for added help to stay compliant.
- traffic monitoring
- compliance monitoring
- Ease of use
- A better customer update letter about upgrades .
December 05, 2021
Solid product, great intel of your threat landscape
Old, not well-documented SCADA system. Helped identify and mitigate security issues, firewall rule optimizations, etc. Compliance with DOE security framework.
- Fast, easy drill down to problem hosts
- Central dashboard of multiple interfaces for ease of monitoring and tracking
- Even with older, not widely used applications integration and use was easy
- None, well laid out and logical to use
- Easy to ask questions of support staff, not a negative but all I can think of
December 01, 2021
FM for Multi-vendor Environment
Firewall audits and cleanup. Intake for firewall requests. Auditing overly permissive rules and policies.
- Security Manager
- Device Lists
- Reporting
- Excel tables
June 04, 2021
FireMon benefits any organization without configuration management right out of the box
We use FireMon as a firewall configuration management tool as well as our primary software suite for responding to auditors regarding network security. Currently the product is mostly focused at the security administrator/engineer level but we have several users in less technical roles across different business units that have some limited but very useful information thanks to that extra level of deployment. This tool has been crucial in helping us keep our overall rule counts down and also restricting access to only applications that are still valid. Recently I've created controls that were pretty simple to make, they essentially evaluate any new rule created to see if it crosses from outside to inside which allows a tier 3 team to analyze those rules daily/weekly. Compared to how I was doing this in Splunk Firemon is 100x better.
- Finds overly permissive rules
- Finds redundant rules/unused object (junk)
- Acts as a snapshot in time config repository (backup system)
- Helps compare configs from one day to the next to see exactly what changed and who changed it
- Creating controls for higher tier engineers to review to ensure policy is being followed in near real time.
- There are a number of reports both built in and custom that can really help make sure company policy is being followed in rule creation.
- The administration page alerts are pretty bad and need to be finely tuned.
- Performance issues impacting large organizations with a massive amount of traffic passing over their firewalls
- Cisco integration is less than Palo and Checkpoint in many areas; perhaps this is a Cisco side issue, but either way, it would be nice if all features worked with all vendors to the same degree
- As of writing this you can't add Firepower devices directly to Firemon, you have to add a FMC and it can read the config from there. That works well for most people to be fair, but I am looking to kill FMC and use Cisco CDO instead. Firemon is adding support that will permit all of this which I'd estimate at 6 months. Keep that in mind when buying. That said, I'd try to work around the limitation as they add support.
FireMon is being used to monitor changes to our existing firewalls. Our firewalls consist of various Palo Alto models.
- Easy to create custom controls.
- Good dashboards for visibility.
- Easy to use interface.
- Out of the box reporting for compliance needs.
- Navigation can be daunting for new users.
- Not enough granularity with regards to documentation.
December 04, 2020
Firemon is great tool but expensive
FireMon is deployed by the Corporate Security Team, the network team will check in all of their firewalls and use the tool for audit purposes. The Security Team also aligns witth each Business Unit security leader, if that BU is audited they use the data produced from FireMon as evidence.
- Firewall Auditing
- Reporting
- Ease of use
- Resources, to much minimun hardware requirements to run
- Architecture is to big, to many endpoints to deploy
- Hosted Cloud solution could help in place of System deployments
October 15, 2020
The honest FireMon review
FireMon is used in conjunction between the Network and Security team for security purposes like evaluating current security posture of the firewalls as far as rules and configurations in place. We are aiming to use it to automate yearly recurring review activities by our teams and to facilitate the amount of time it takes to complete them.
- Rule review.
- Best practice guidelines review.
- Configuration review.
- CIS benchmark integration would be great.
- The reporting inside the platform is great, but the exported versions could be improved to facilitate reading and get a high summary executive view.
August 03, 2020
FireMon Review
Cybersecurity and Network departments use the product, for auditing, keeping track of changes, security, real-time change information, historic log information, dupe rules/object cleanup. and long term trend reports.
- Correlate large rule sets and uncountable objects into a human usable format
- Allows you to pick a supplied compliance assessment and allows you to create a custom one to fulfill your needs
- Gives you an Enterprise dashboard with percentages that you can drill down to the devices--as the rules are constantly changing to fit business needs this helps reduce security flaws a human will miss.
- It centers on policy, compliance, and change--the three areas we all need help in.
- Setting up a new compliance assessment or modifying an existing one
July 28, 2020
A Review of FireMon
FireMon is used for firewall governance, including the creation of reports to satisfy PCI requirements, to identify and prioritize remediation of overly permissive rules and rulesets, and as the principal platform for performing firewall policy audits against internal standards.
- PCI Reporting - After identifying which firewalls and rulesets are in scope, producing a report artifact to satisfy PCI requirements on Firewall reviews is literally a two-click operation.
- Storing Rule Metadata - FireMon stores metadata (prefilled fields, standard fields, and custom fields) for each rule in each policy which is valuable for context during firewall reviews in particular
- API - FireMon exposes most if not all of its functionality via REST API
- FireMon does not yet support URL filtering (the identification of or implementation of) for Palo Alto firewalls
- Direct integration with other systems takes place through workflows, which are not documented (the intent I believe is Pro Services should be engaged in order to do integrations, e.g. with ServiceNow).
July 27, 2020
FireMon, but without bugs
Currently, we are using FireMon to catalogue our firewall policies, assign owners to rules, and audit those rules.
- Policy Optimization - helping us remove shadow rules
- Rule analysis for gaps in security
- Unused rule identification
- Bugs, Bugs, Bugs, Bugs, Bugs
- Upgrades are often problematic.
- Sometimes what the reports show isn't what's in the database.
July 24, 2020
One more step in protecting firewalls
FireMon is used for tracking and reviewing firewall rules on a regular basis. It is used to save an old process of manually tracking all of the firewall rules.
- It can be customized in a lot of ways because you can write your own queries and assign them to controls.
- When the system has proper resources, FireMon is quite reliable and quick to pull new firewall rules.
- The user interfaces has a lot of options to use like revisions. It is helpful to look at revisions before and after changes to make sure everything went as planned. It also has some pie graphs that are good for showing in reports.
- There needs to be functionality to roll back changes to FireMon, or save copies of firewall documentation that can be reverted back. There are some manual fields you can fill in for firewall rules in FireMon (things such as notes about audits of the rules, when they were last audited, etc). If they are removed, there is no way to re-add them. There also needs to be an option to copy documentation from one firewall to another in case you have to RMA a firewall. I have been advised that the development team is adding these features sometime in the next year, but it has bit us a few times.
- I get the impression that the development team needs to give better documentation to the support team.
- No root access to the box. This has caused some issues such as not being able to eject a CD rom from a VM and not being able to install a backup client requiring us to code a backup script in house. There used to be sudo access, but it was removed.
FireMon is being used for firewall optimization and activity monitoring. It also leverages the firewall operations management supporting daily operations and assisting the firewall security team focusing on the exact activities needed. Audit teams are getting the outputs of firewall operations. It’s an effective tool to be compliant with several regulations and determining which items/rules should be changed or modified to be compliant. Additional controls can be integrated throughout the firewall operations from the very beginning to the last degree. Overall solutions decrease the auditing of firewalls internally as well as externally. Hidden risks are visible through FireMon to the operation team as well as to information security and upper-level management.
- Integration with different vendors
- Enrichment capabilities
- Risk analyzer
- Global dashboard
- Reporting features
- GUI is somewhat cumbersome for the beginners
- Policy planner has a lack of customization. The templates are very strict.
- Again for the beginners, it has its own custom language and familiarization takes time.
- Planning and deployment guide is lacking.
- Local support should be improved or additional support options could be offered.
July 03, 2020
FireMon provides a nice view
FireMon is used for firewall change management from request to implementation and verification. Security Manager is used extensively for policy test, and to enable cleanup and migration.
- FireMon provides a live view in to firewalls across the enterprise in a single tool.
- Policy Planner is customizable, and can be fit to your company's workflow requirements, to include API for Service Now.
- FireMon provides policy testing capability, and traffic flow analysis, which is critical for timely troubleshooting.
- The FireMon interface has evolved from a desktop client to a browser-based portal, but added many layers to navigating commands. A simpler interface with most commands and functions one click deep (and all visible) would be more efficient for daily ops workflow.
- Policy test is great, but doesn't differentiate when a policy is a user-auth rule, so the result may show that policy is already in place, when it is actually not usable.
July 01, 2020
Secure through a glass of FireMon
We use FireMon Security Manager, not only for our internal FW administration but also as part of our Managed Services. More specifically, it's part of our offer for managed firewalls service. This allows us to include more task to offer in the service like periodically cleaning firewall policies and other complains repots, i.e PCI reports.
- TFA reports - show very detailed information that allows the admin to replace a wide-open FW policy to one or several accurate and narrow FW policies.
- Change reports - In a very simple way, shows clearly who made what change and when. Also, it's able to highlight changes made between not consecutive configurations.
- Dashboards - Allows us to drill-down in a simple and intuitive way, find the information needed in an investigation or any other search.
- For TFA logging if we can have more options to run to choose, not only 1 day, 1 week, 1 month.
June 26, 2020
FireMon – Bringing the heat!!
FireMon is actively being used by our security team to enforce oversight and compliance standards for our firewall environment. Additional business units are also leveraging the solution to help with reporting. Change management will use the tool to identify rogue changes or changes that may have been implemented outside of our internal change management guidelines. Firewall admins will use the solution to improve the quality of the rules that they generate and to assist with the review and approval workflow. Compliance leverages the solution to help prioritize which devices may need more assistance or a greater amount of overhead needed to remediate.
The main benefit at this time is that it helps us help ourselves and reduce the amount of calories we burn each month or quarter in identifying what issues we need to address in our environment. Getting ready for audit, or quarterly reviews of devices is exponentially easier. Having the ability to automate many of our controls into our workflow on an ongoing basis also reduces the amount of time spent in each of those scheduled reviews/clean up efforts.
- BU Reporting - Concerned about role segmentation? Want other business units to peek into how things are going on your devices but without having to give everyone under the sun admin credentials for those devices? FireMon accomplishes that for us. I'm able to take this solution to various business units and shop it around...and increase its ROI by getting additional processes or procedures built around its functionality.
- Remediation Reporting - A flexible interface allows for very granular information to be generated, exported, and manipulated. Want to export a list of expired rules, done. Rules that allow traffic but don't have logging enabled, done. Find a change that took place outside of your change window and identify who's manager to speak to - done.
- Support - Although this isn't a "Security Manager" specific example its worth emphasizing that with such a flexible and vestal tool there are multiple ways of doing things. Usually there is the way that I can find to fit my needs right now - but the support staff have been amazing as offering improvement suggestions for the way that I use the tool to accomplish the tasks I have to complete. Quick turnaround on tickets, and no micro-managing of prerequisites before offering a to schedule a webex or best guess first step.
- More granular documentation - A flexible tool is great, but with flexibility comes gaps in documentation. Nothing serious, but I have found myself asking questions to support on more than one occasion because I couldn't independently find the solution in the default documentation. "How can I generate a query that uses this argument rather than this one..." kinda stuff.
- More granular ability to "whitelist" specific rules - If security teams had perfect security, the business wouldn't be allowed to operate. That being the case there will always be compromises. Although I may care about a specific control as far as my environment is concerned, I will find myself with a laundry list of rules that will take an extended effort to clean up, or there is no good way around. Being able to acknowledge these and then circle back to them at regular intervals for review would be good - as opposed to having to make sure I filter those specific rules out of larger exports that I may dump into a ticket for remediation.
June 01, 2020
Firemon Security Manager v7/v8
FireMon Policy Planner (version 7) is currently being used as our firewall request system across the IT organization. This allows us to have a central location for managing and tracking all firewall change requests. The workflow allows tickets to proceed through various levels of approval prior to implementation. Maintaining audit records of firewall changes is a business requirement, FireMon Security Manager (versions 7 and 8) is currently being used by our security team to satisfy audit requirements through compliance assessments and reports.
- Version 8 addressed some shortcomings of the previous version regarding response time and administration capabilities. Reports are generated quickly and there are more customization options for administrators.
- New dashboards provide a quick overview that is much more informative than the previous version.
- The enterprise view is a nice way to view devices across the organization at a glance.
- The search functionality is much improved in version 8 and allows you to search across all devices if you so choose. It is quick and has a query syntax builder that is a vast improvement over searching capabilities in version 7.
- Creating custom controls is much better in the newer version. The syntax helper will build the correct query for you.
- When they moved from version 7 to version 8 there were some areas that seemed neglected. The generated reports did not always render properly when viewed as a PDF, though they looked fine in HTML. Another lost function was reporting usage on NAT rules in firewalls.
- The scheduling function for reports/assessments is not the easiest thing to find or administer. It would be nice to be able to schedule reports directly from the Security Manager without having to go to Administration.
- I would like to see customizable reports. Right now you must create custom controls and add them to custom assessments.
- The GUI does not always maintain your filters or settings if you drill down into an object and then return.
- There are not always enough search filter options and they are sometimes hard to view.
- Some reports are not very useful. It would be nice to see those re-evaluated or re-worked into a usable report.
May 18, 2020
FireMon - Great tool for a clean environment
Currently, FireMon is used as an auditing tool to track all changes. Also, we use it for quarterly reviews to do rule cleanup on firewall rules. It is only being used by our IT Security Team for our firewall assets. This tool is required for record retention.
- Tracking all changes that occur on assets.
- Able to quickly identify duplicate or unused rules.
- Automation and workflow.
- Network maps have a lot of room for improvement
- How FireMon is updated; not able to pull updates directly from the system.