FireMon: Igniting Innovation, Guarding Security.
We currently use the security manager modules to clean and fine-tune our set of policies centrally. We additionally use a policy planner …
Overview
What is FireMon?
FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments. Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the entire IT landscape to…
Recent Reviews
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Reviewer Pros & Cons
Pricing
N/A
Unavailable
What is FireMon?
FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments. Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the…
Entry-level set up fee?
- Setup fee optional
For the latest information on pricing, visithttps://www.firemon.com/request-a…
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
24 people also want pricing
Alternatives Pricing
What is ManageEngine ADAudit Plus?
ADAudit Plus offers real-time monitoring, user and entity behaviour analytics, and change audit reports that helps users keep AD and IT infrastructure secure and compliant.Track all changes to Windows AD objects including users, groups, computers, GPOs, and OUs.Achieve hybrid AD monitoring with a…
What is Perimeter 81?
Perimeter 81 is a Zero Trust Network as a Service from the company of the same name in Tel Aviv, designed to simplify secure network, cloud and application access for the modern and distributed workforce.
Product Details
- About
- Integrations
- Competitors
- Tech Details
- Downloadables
- FAQs
What is FireMon?
FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments.
Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the entire IT landscape to automate policy changes, meet compliance standards, to minimize policy-related risk.
Since creating their policy management solution in 2004, FireMon states they've helped more than 1,700 enterprises in nearly 70 countries secure their networks.
FireMon provides solutions that extend and integrate policy management with today’s latest technologies including SD-WAN, SASE, XDR, and SOAR.
The vendor states FireMon customers experience up to 90% improvements in network security policy efficiency while eliminating common misconfigurations which lead to breaches and compliance violations.
FireMon Features
- Supported: KPI Dashboards: See the network at a glance with analysis, trending and key performance indicator widgets on a customizable dashboard.
- Supported: Traffic Flow Analysis: Monitor network traffic behavior – down to the application level – to isolate overly permissive configurations.
- Supported: Access Path Analysis: Trace every available access path across the network and visualize relationships between network devices to identify risk access points.
- Supported: Network Mapping: Visualize and interact with highly complex network security environments or segmentations.
- Supported: Change Detection & Reporting: Isolate, document and alert on every ongoing change implemented throughout an existing firewall policies.
- Supported: Assessments & Controls: Define and employ unique security controls for customized, repeatable analysis and reporting on firewall policies.
FireMon Videos
Improve Security Operations. Improve Security Outcomes.
FireMon: Enforce Compliance
FireMon: Manage Change
FireMon Integrations
- Palo Alto Networks Next-Generation Firewalls - PA Series
- Palo Alto Networks Advanced URL Filtering
- Palo Alto Networks Virtualized Next-Generation Firewalls - VM Series
- VMware NSX
- VMware ESXi
- Check Point Quantum Security Gateway Next Generation Firewall
- Check Point Quantum Smart-1 Security Management
- AhnLab TrusGuard
- Check Point FireWall-1 / SmartCenter / VPN-1 Edge including VSX
- Cisco ASA / PIX / FWSM / ASA Context
- Dell SonicWall
- F5 AFM
- Fortinet Fortigate / VDOM
- Huawei USG / Eduemon
- Hillstone SG-6000 series
- IBM Proventia MFS
- Juniper Netscreen / SRX / ScreenOS / VSYS
- Secui NXG / MF2
- Stonesoft Management Center and detected firewalls
- Topsec Firewall
- WeGuardia FW
FireMon Competitors
FireMon Technical Details
| Deployment Types | On-premise, Software as a Service (SaaS), Cloud, or Web-Based |
|---|---|
| Operating Systems | Web based browser UI |
| Mobile Application | No |
| Supported Countries | All countries except North Korea, Iran, Sudan, Syria and Cuba |
| Supported Languages | English |
FireMon Downloadables
Frequently Asked Questions
Reviewers rate Support Rating highest, with a score of 7.7.
The most common users of FireMon are from Enterprises (1,001+ employees).
FireMon Customer Size Distribution
| Consumers | 0% |
|---|---|
| Small Businesses (1-50 employees) | 8% |
| Mid-Size Companies (51-500 employees) | 15% |
| Enterprises (more than 500 employees) | 77% |
Comparisons
Compare with
Reviews and Ratings
(113)Attribute Ratings
Reviews
(1-23 of 23)Companies can't remove reviews or game the system. Here's why
October 23, 2023
FireMon in a 100+ firewall environment.
We use FireMon to track changes in traffic, find rules that we can clean up and restrict, and report to higher-ups. I personally use it to export lists of potential rules to change based on control failures. We use it in most of our separate business units for a variety of reasons, but most are using it to improve security posture.
- Regular reporting.
- Dashboarding
- When my query is too complicated, the search bar changes to an advanced mode. I'd love for it to always be capable of the beginner mode since it takes a long time to get all the pieces of the query I need in advanced mode.
- Sometimes our active VPN tunnels will show "unused" in FireMon when they are used.
- I use the allowlisting feature frequently, but it's not possible to bulk-allowlist items.
- I'd love to be able to report on new control failures. There are a lot of reporting options available, but it seems like a manual export of a CSV is my only choice if I want to look at control failures.
FireMon is being used to provide detailed historical records of every change/revision made on every network appliance enterprise-wide. It provides instant visibility on what changed when issues arise. Considering outages and time to restoration are measured by duration, having a single pane of glass showing which firewall rule or ACL was updated is priceless. Without FireMon, we would go into every outage--both small and large--blind, trying to figure out where to start.
- Tracking firewall rule changes.
- Normalizing data so that it's easily understandable across different vendors and technologies.
- Providing detailed or summary reports for the data you actually want.
- It seems like their licensing model is constantly evolving.
- Often, support will have to escalate cases to engineering.
- Certifications are always geared to a particular version.
February 25, 2023
Long time User. The value is worth it, despite challenges.
We use FireMon Daily. It helps to organize and monitor Firewall policy Health, identify issues and act on them. It is great for rule cleanup and compliance checks. It generates data that can be given to management as well as auditors. Policy Optimizer as well as Custom Reports free up a lot of time that engineers can spend on more valuable tasks.
- Hitcount Data and Integrity checks of Firewall Rules
- Traffic Flow Analysis and Rule Usage Reports to help clean up overly permissive rules.
- Easy way to check specific access allowed in a company across multiple vendors.
- Automate reviews of Rules with Policy Optimizer tickets.
- Focus on the 20% of the product that appears unpolished, such as Mapping and Risk Analyzer
- Understand that certain changes might benefit compatibility with one vendor, but hurt compatibility with another
- Add more support for more advanced features that vendors have to offer
- Clean up deployment images, such as wasted disk space on directories not applicable to a server role
February 25, 2023
Work in progress
We use FireMon to validate rules, test traffic pathing and to do TFAs for minimizing overly permissive rules.
- TFA and TFA output is fantastic
- Finding misconfigured rules is very easy
- We arent leveraging very much from FireMon
- The support site isnt the best
February 24, 2023
Cost effective and operationaly acceptable for basic operations
We use it to get an analysis of our firewall policies and get some recommendations on what policies have not been used for a long time and can be removed, policy re-ordering, optimization, and risks over risky protocols being allowed in policies like telnet or FTP. We use it to push policy automation changes, This enables a zero-touch framework to implement policy changes.
- Policy overview and optimisation suggestions
- Risk analysis over wide open policies, risky ports open on policies
- Zero-touch automation for policies
- Using with in house ticketing solution to make a framework for policy change approval.
- The firemon had have some issues after almost every update. They need to improve on that.
- Cisco is one of the products that has best support, The scope of other products can be improved.
- Automation of policie implementation breaks very often
February 15, 2023
Network Security Compliance and Audit
Firemon is an awesome Audit tool, recently this tool has helped us to identify the traffic that is hitting a particular rule. I highly recommend Firemon when it comes to hardening the firewall rules.
- Audit
- Identify traffic
- Hardening Firewall Rules
- NAT logging seems to be not supported
- It is able to draw the network's topology. However, because it can't see certain things, it doesn't draw the full story but it is still extremely helpful. We also have asymmetric routing, which causes a challenge. FireMon could improve its end-user practices. As an end user, I am just trying to catch up on all the alerts. There are so many, and you still have to go through them and document what was found
- FireMon could be easier to use and flexibility regarding reporting could be improved.
March 01, 2022
FireMon Firewall Analyzer Review
Score 9 out of 10
Vetted Review
Verified User
We used FireMon as a firewall analyzer of internal and external perimeters. We were able to gather relevant tcpdumps instead of looking directly in the firewall. This is very useful for executive managements, we can just provide them read only access and if someone in our organization asked them they can directly check for any network traffic on their own.
- Straightforward firewall analyzer, executive management people can understand what's going on.
- Provides risk rating for any allowed firewall policies
- Easy dashboard management
- Can connect to our SIEM
- Had an issue integrating Checkpoint firewall, need to improve integration with it.
December 07, 2021
Solid and reliable
FireMon is a great product that compiles information for security and networking issues and is easy to use. Support is some of the best in the industry, questions about the product or upgrades to the application are always answered promptly and with great detail. It is a must-have for any company that wants insight into their network traffic and is looking for added help to stay compliant.
- traffic monitoring
- compliance monitoring
- Ease of use
- A better customer update letter about upgrades .
December 05, 2021
Solid product, great intel of your threat landscape
Old, not well-documented SCADA system. Helped identify and mitigate security issues, firewall rule optimizations, etc. Compliance with DOE security framework.
- Fast, easy drill down to problem hosts
- Central dashboard of multiple interfaces for ease of monitoring and tracking
- Even with older, not widely used applications integration and use was easy
- None, well laid out and logical to use
- Easy to ask questions of support staff, not a negative but all I can think of
June 04, 2021
FireMon benefits any organization without configuration management right out of the box
We use FireMon as a firewall configuration management tool as well as our primary software suite for responding to auditors regarding network security. Currently the product is mostly focused at the security administrator/engineer level but we have several users in less technical roles across different business units that have some limited but very useful information thanks to that extra level of deployment. This tool has been crucial in helping us keep our overall rule counts down and also restricting access to only applications that are still valid. Recently I've created controls that were pretty simple to make, they essentially evaluate any new rule created to see if it crosses from outside to inside which allows a tier 3 team to analyze those rules daily/weekly. Compared to how I was doing this in Splunk Firemon is 100x better.
- Finds overly permissive rules
- Finds redundant rules/unused object (junk)
- Acts as a snapshot in time config repository (backup system)
- Helps compare configs from one day to the next to see exactly what changed and who changed it
- Creating controls for higher tier engineers to review to ensure policy is being followed in near real time.
- There are a number of reports both built in and custom that can really help make sure company policy is being followed in rule creation.
- The administration page alerts are pretty bad and need to be finely tuned.
- Performance issues impacting large organizations with a massive amount of traffic passing over their firewalls
- Cisco integration is less than Palo and Checkpoint in many areas; perhaps this is a Cisco side issue, but either way, it would be nice if all features worked with all vendors to the same degree
- As of writing this you can't add Firepower devices directly to Firemon, you have to add a FMC and it can read the config from there. That works well for most people to be fair, but I am looking to kill FMC and use Cisco CDO instead. Firemon is adding support that will permit all of this which I'd estimate at 6 months. Keep that in mind when buying. That said, I'd try to work around the limitation as they add support.
July 03, 2020
FireMon provides a nice view
FireMon is used for firewall change management from request to implementation and verification. Security Manager is used extensively for policy test, and to enable cleanup and migration.
- FireMon provides a live view in to firewalls across the enterprise in a single tool.
- Policy Planner is customizable, and can be fit to your company's workflow requirements, to include API for Service Now.
- FireMon provides policy testing capability, and traffic flow analysis, which is critical for timely troubleshooting.
- The FireMon interface has evolved from a desktop client to a browser-based portal, but added many layers to navigating commands. A simpler interface with most commands and functions one click deep (and all visible) would be more efficient for daily ops workflow.
- Policy test is great, but doesn't differentiate when a policy is a user-auth rule, so the result may show that policy is already in place, when it is actually not usable.
June 26, 2020
FireMon – Bringing the heat!!
FireMon is actively being used by our security team to enforce oversight and compliance standards for our firewall environment. Additional business units are also leveraging the solution to help with reporting. Change management will use the tool to identify rogue changes or changes that may have been implemented outside of our internal change management guidelines. Firewall admins will use the solution to improve the quality of the rules that they generate and to assist with the review and approval workflow. Compliance leverages the solution to help prioritize which devices may need more assistance or a greater amount of overhead needed to remediate.
The main benefit at this time is that it helps us help ourselves and reduce the amount of calories we burn each month or quarter in identifying what issues we need to address in our environment. Getting ready for audit, or quarterly reviews of devices is exponentially easier. Having the ability to automate many of our controls into our workflow on an ongoing basis also reduces the amount of time spent in each of those scheduled reviews/clean up efforts.
- BU Reporting - Concerned about role segmentation? Want other business units to peek into how things are going on your devices but without having to give everyone under the sun admin credentials for those devices? FireMon accomplishes that for us. I'm able to take this solution to various business units and shop it around...and increase its ROI by getting additional processes or procedures built around its functionality.
- Remediation Reporting - A flexible interface allows for very granular information to be generated, exported, and manipulated. Want to export a list of expired rules, done. Rules that allow traffic but don't have logging enabled, done. Find a change that took place outside of your change window and identify who's manager to speak to - done.
- Support - Although this isn't a "Security Manager" specific example its worth emphasizing that with such a flexible and vestal tool there are multiple ways of doing things. Usually there is the way that I can find to fit my needs right now - but the support staff have been amazing as offering improvement suggestions for the way that I use the tool to accomplish the tasks I have to complete. Quick turnaround on tickets, and no micro-managing of prerequisites before offering a to schedule a webex or best guess first step.
- More granular documentation - A flexible tool is great, but with flexibility comes gaps in documentation. Nothing serious, but I have found myself asking questions to support on more than one occasion because I couldn't independently find the solution in the default documentation. "How can I generate a query that uses this argument rather than this one..." kinda stuff.
- More granular ability to "whitelist" specific rules - If security teams had perfect security, the business wouldn't be allowed to operate. That being the case there will always be compromises. Although I may care about a specific control as far as my environment is concerned, I will find myself with a laundry list of rules that will take an extended effort to clean up, or there is no good way around. Being able to acknowledge these and then circle back to them at regular intervals for review would be good - as opposed to having to make sure I filter those specific rules out of larger exports that I may dump into a ticket for remediation.
April 13, 2019
FireMon consolidates well
Both the networking and security departments utilize FireMon to do configuration and rule reporting across multiple firewall products and vendors. This includes utilizing FireMon to check for changes in firewall policy or troubleshooting if a connection should be allowed/denied through multiple firewalls.
- It finds unused or shadowed rules and shows them to you well.
- It makes auditing of baseline standards easy.
- Makes it easy to search across multiple firewalls.
- Makes it easy to see if traffic should get through the firewalls.
- Sometimes the search filter syntax doesn't make it easy to find what you are looking for. It uses its own syntax.
- Lacks the ability to go back in time and create a compliance report from older data.
April 10, 2019
Another Fire-something, but a good one!
FireMon is a global tool that has been purchased to get a centralized view of our firewalls. This enables us to review our security posture and implement a compliance strategy with our customers.
- Customization of reporting is a nice feature. This is not available with other similar tools in the industry.
- Traffic Flow Analysis is widely used for looking at overly permissive rules.
- The dashboards are simple and enable us to do a presentation for non-technical audiences.
- The integration of firewalls is quite easy.
- Support is fast to respond and generally knowledgeable.
- The main area where FireMon will need improvement is a true knowledge base for customers and users. There is a lack of documentation and known facts. This means that as a user, the need for opening tickets for simple tasks is sometimes frustrating.
January 24, 2019
FireMon is excellent, but review my comments
Well, we are using FireMon in our IT department only. I would like to share my latest concern about it. Since the last major upgrade of FireMon, I am facing a major problem where all my devices are showing the Critical button. While some are having serious issues, others are not but it keeps showing up as Critical. In the last versions, we had three icons and we could directly identify and prioritize the criticality of each. This is my major concern with the update. FireMon also does not recognize Source Object group difference and thus makes my reports unreliable and I have to double check! Otherwise, I love working with FireMon.
- Redundancy checks
- Cleaning rules
- Keep consistency on your firewalls
- Tracking problems
- Compliance check
- For redundant rules, adding source object group check
January 23, 2019
A Life with FireMon.
We are a product distributor of Firemon, we were able to sell Firemon to some of our customers, from telecoms, banks and call centers. I am the one providing the walkthrough and guide the customers on how to integrate the FireMon security manager to the Firewall devices. FireMon addresses a lot of difficulties that the firewall administrator faces, a lot of firewall devices are not optimized. FireMon can help a lot on this department. Though FireMon has other add on modules from the security manager. I did not see an aggressive positioning of the other modules.
- Configuration changes, it can monitor and alerts any change on the firewall through email alerts.
- Optimised firewall rules , FireMon easily identify the unused firewall rules, duplicate rules, shadowed rules.
- Traffic Flow Analysis help a lot to further discover, tightening rules such as ANY rules configured on the firewall.
- Needs more supported devices and firewall supported vendors.
- Needs to push other add on modules to show the full capability of the FireMon Security Manager. eg policy planner, policy optimiser, risk analysis.
- Needs aggressive marketing in the Philippine Market. A lot of customers are not aware that there is a solution for firewall optimization and management.
- A lot of add on features are not introduced or not being used by the customer.
January 22, 2019
FireMon, great tools for managing cyber security devices!
We have used FireMon for our MSS clients, including managed firewalls from a different vendor. It's mainly used to manage firewalls, policy review and integrate into the CAB approval process, it went well and provided an easy solution for us and accurate report to clients. Friendly user interfaces are easy to use and system was stable all the time.
- Automate validation of compliance feature saved us time for auditing. It will generate report so we can provide to auditor for further review.
- Traffic flow analysis is one of the feature we used on daily basis, especially when there is a new request for adding policy for a complex environment, this feature provided accurate information on which security device is passing the traffic.
- Firewall cleanup recommendations helped us to improve firewall efficiency and avoid unnecessary changes. We scheduled to using this feature every 6 months to clean up zero hit rules and firewalls performance have been improved since.
- We had an issue when FireMon takes a long time to process the logs from over a dozen chatty firewalls. I understand when there are huge data sending to FireMon it needs time to process it, but FireMon might need to optimize how the data is handled.
January 16, 2019
FireMon - Great Enterprise Tool
FireMon is being leveraged across several IT Departments, including IT Security, Risk Management, Engineering, and Architecture teams. For us, it helps across many of our business models. We are in a highly regulated industry, SOX, MICS (gaming), and PCI, to name a few. For security best practices, we leverage integrated reports to help identify unused rules and objects. From an engineering and architectural approach, we leverage anything from policy creation and optimization, to ping path analysts to make sure the correct firewalls and policies are submitted the first time. With close to 100 firewalls, this helps streamline the process.
- Built-in compliance and security reporting - By scheduling reports, we automate the information gathered and get it to the correct department for remediation, freeing up resources for other tasks.
- Ping Path Analysts - this plays a big help in our environment. With over 300 IT personnel, communication is sometimes lost. Changes to architecture happen frequently with our dynamic and worldwide presence, including cloud. It is important to get it right the first time, in a secure and efficient manner.
- Security Manager - Organization, optimization, and metrics that can easily be tracked and help make future decisions on the appropriate coarse of action. For example, I've taken multiple firewalls which had high CPU and memory utilization, reprioritized the policies, and cut those metrics in half.
- Licensing is a nightmare - Depending on the 'size' of your firewall, there are different scu's. There are also costs associated with adding router/switches, as well as centralized management.
- System status and health - while there are ways to display the metrics, you have to go to a different URL and to each appliance. It would be nice if the manager had a health check for all of the collectors associated with it on it dashboard.
- MFA / SSO /SAML2.0 integration - It would be valuable to integrate the before mentioned integrations for secure access and flexibility.
January 13, 2017
FireMon Review
It is used by our IT department to audit existing firewall configurations. It is helpful in finding redundant or unused rules in the configuration. We also find the traffic flow analysis tool extremely helpful. When creating new rules for new applications we find a lot of required ports are not properly documented and the flow analysis provides a great way to audit the rules traffic and narrow down the exact ports required for an application.
- Traffic Flow Analysis is an invaluable tool.
- The ability to run reports on PCI audits has been very useful.
- The logged connections history is great for showing management metrics.
- AD integration was a little difficult to set up.
- Upgrading was tricky but FireMon support did a great job working with us to complete an upgrade.
January 13, 2017
Best in class!
We are using FireMon to monitor firewall changes as well as to improve the rule base.
It is a really efficient tool, which helps us by having a slimmer and more responsive firewall, which is not cluttered by redundant rules.
- Firewall Optimization
- Audit
- Tracing traffic
- The install on column from firewall is not filtered, making it a bit difficult to analyze some rules
January 09, 2017
Reliable IT Security Tool
FireMon Security Manager is being used within my organization for several purposes. I specifically utilize FireMon 8 in order to gain long-term information about the traffic hitting the firewalls within the network. The reports that I'm able to run using FireMon 8 give allow me to better analyze the firewalls in order to remediate rules within the firewalls.
- Provides well organized, easy to read reports such as rule usage and object usage.
- Provides ability to quickly run a query to identify where particular objects are being used.
- Logging of firewalls over time gives long-term status on rule use on the firewalls.
- Learning how to write syntax to query information was difficult.
- Difficult to rely solely on the results from queries run in FireMon. I have seen different results from FireMon and what is on the firewall using another tool and FireMon was inaccurate.
- Logging stops or malfunctions on FireMon.
January 05, 2017
Going beyond the simplicity
We use FireMon to monitor any changes that are made to our network. We reference the changes against our change management to make sure that the change was authorized and nothing was added or subtracted without prior approval.
- I love the insight into what is being done on the network. I can make sure that our network team is doing what they say they are doing. It also gives us the security controls to see what the network team keeps from us.
- The GUI is easy to use.
- I would like to be able to update certain fields, for example the reference field for tickets.
We utilize FireMon to monitor the changes to our critical firewalls within the Company. We also use it to perform our bi-annual firewall review to show us easily and readily what objects and ACL's are not being used within a certain timeframe. It also allows us to document in detail who the owner of the rule is as well as document the change number associated with the rule/change.
- Monitor changes
- Provides easy review of the configuration
- Shows if there are duplicate rules
- The way it is licensed. It is licensed by device type and IP address.
- Process to upgrade to major versions. Right now you have to reimage the appliance or VM and it is not always just an update.