All in one firewall compliance and reporting that really works!https://www.trustradius.com/firewall-security-managementFireMonUnspecified7.8561012019-01-25T20:15:39.524Z
January 25, 2019
All in one firewall compliance and reporting that really works!
Score 10 out of 101
- Security Manager
- Policy Planner
Overall Satisfaction with FireMon
As the complexity of our environment has increased, we found it difficult to audit our firewalls and keep track of changes. Most importantly was the compliance aspect. Traditionally this has been done with a manual review, but as we have added firewalls and from different vendors, this had become a time-consuming process that was unsustainable. With FireMon we are able to continually audit our firewalls and flag any issues that would cause a problem with a security audit. The initial remediation was difficult, but we are now able to quickly identify any issues and get them remediated quickly. It also gives us the ability to supply reports to our auditors to address any questions they may have about the security of our network.
- From Cisco to Palo Alto and AWS Security Groups, we are able to pull in all of this information into a centralized location. From the list of supported vendors, we feel like we are not limited to any one firewall vendor. This is very important to us as we are always looking into the best technology to support our ongoing growth.
- The ability to create custom reports or to use the pre-built templates was a very nice feature for us, we want to make sure that our baseline is in line with the compliance standards we are audited against and go the extra mile in some cases to make sure that we are always safe. We are always confident that we are compliant across the organization with the reporting that Firemon provides.
- As we have matured as a company we have adopted a security first policy when it comes to firewall rules. In the past firewall rules were approved and implemented without much thought given to process and tracking. With Policy Planner we are able to track those changes pre-implementation and post implementation to ensure that no changes are made without authorization and they are correctly implemented.
- Upgrades almost always require support intervention if you're going more than a few releases newer, and even then the upgrade process could use improving. Luckily it really doesn't have to be done often if you're happy with your implementation. For us, the only reason to upgrade would be to address security with the product itself.
- It can be a little overwhelming the first time you start to get reporting, especially if the environment has been around awhile. We had difficulty at first because we were overwhelmed by the amount of information we were seeing and we needed pro services to train our staff to use Firemon effectively. We found that even with this assistance it still took time before we were able to wrap our heads around getting everything remediated.
- Some of the built-in templates for things such as PCI remediation are locked from changes and prevented from duplicating, we had to make our own using those standards so that we could begin reporting with it. This took a little time to do and we feel that we should be able to work with it out of the box. It wasn't a big problem but something to look out for.
It has some hefty requirements for system specs, but that's due to the firewall logging. You can have multiple nodes to distribute the load and grow as you need. We found that our initial setup went beyond what we initially needed, but we were able to see the increasing load and plan accordingly to add resources and nodes to handle the additional firewalls.
- On the positive we were able to reduce the amount of man hours needed to remediate and get reporting to our auditors, this was very important to us as we moved to ongoing remediation versus quarterly.
- On the downside we spent a lot of time training, configuring and remediating to get everything the way we needed it. This was the biggest pain point we had and it caused some stress to the organization. In the long run it made life easier though.
We required the ability to manage firewalls from any vendor or cloud provider, as we did not want to become dependent on any one firewall solution. It was also important because we would be using FireMon for a very long time and we did not want to change solutions for monitoring and compliance. FireMon has been great in that aspect and we are now able to automatically add new firewalls to FireMon as they are deployed to the environment.
We went from the pain of Firewall compliance audits being seen as a bad thing to being in a place that we are always compliant. The ability to stay on top of this has relived a lot of stress in the organization and especially with the network engineers in charge of the remediation. We are no longer in crunch time and we have found that we are able to roll out new rules that are compliant from the beginning.
We were impressed with FireMon's native cloud support and compliance reporting, in looking at other vendors we were not too impressed by their ability to support cloud-native technologies and their reporting was less than stellar. We did not want a solution that would last only a few years and FireMon was able to provide us with what we needed, and we felt comfortable that they would support the direction we were going. By far they were they were the most engaged with the vetting process.
You might be able to get away without using a solution like this in a smaller environment, but as you grow you will find it far more difficult to go back and remediate as we did. FireMon is best suited for an environment that has strict requirements for reporting and auditing, such as the financial sector, but really wouldn't be suitable for a small office or an industry that does not have these requirements.