One more step in protecting firewalls
Anonymous | TrustRadius Reviewer
Updated July 24, 2020

One more step in protecting firewalls

Score 8 out of 10
Vetted Review
Verified User
Review Source

Modules Used

  • Security Manager
  • Policy Optimizer

Overall Satisfaction with FireMon

FireMon is used for tracking and reviewing firewall rules on a regular basis. It is used to save an old process of manually tracking all of the firewall rules.
  • It can be customized in a lot of ways because you can write your own queries and assign them to controls.
  • When the system has proper resources, FireMon is quite reliable and quick to pull new firewall rules.
  • The user interfaces has a lot of options to use like revisions. It is helpful to look at revisions before and after changes to make sure everything went as planned. It also has some pie graphs that are good for showing in reports.
  • There needs to be functionality to roll back changes to FireMon, or save copies of firewall documentation that can be reverted back. There are some manual fields you can fill in for firewall rules in FireMon (things such as notes about audits of the rules, when they were last audited, etc). If they are removed, there is no way to re-add them. There also needs to be an option to copy documentation from one firewall to another in case you have to RMA a firewall. I have been advised that the development team is adding these features sometime in the next year, but it has bit us a few times.
  • I get the impression that the development team needs to give better documentation to the support team.
  • No root access to the box. This has caused some issues such as not being able to eject a CD rom from a VM and not being able to install a backup client requiring us to code a backup script in house. There used to be sudo access, but it was removed.
Note - I bumped this to a 9/10 when it was originally a 6/10. This is because they added "datacollector groups" which resolves the issue that I was complaining about when I put the 6/10.
  • We had a couple of outages on our rule documentation due to changes in the FMOS code that caused the appliance to be down for a while which hurt our ROI.
  • Not having to manually track all of the rules has freed up engineers for better things.
  • Better auditing of firewall rules significantly decreases security risks to our environment because we are using FireMon to ensure everything is reviewed regularly.
No comment. I do not enough use w/ firemon in the cloud yet to say.
Automation of rule auditing with Policy Optimizer to meet PCI requirements and a culture of constantly monitoring Firewall rules for configuration mistakes and weak security.
There was a multi-week process of reviewing firewall rules multiple times per year in the past, and FireMon has eliminated that. It is also easier to provide documentation to auditors because it is a matter of logging into FireMon and doing a PDF export.
Yes. You can set up reports or open Policy Optimizer tickets for things such as forgetting to put a destination port on a rule.
I put 6 because I like the product when it is working well, and the majority of the department likes the product. I will rate higher when they resolve the issues that I mentioned.


It has been a year since I reviewed this product. I feel like I can bump the review up to a 8 because a lot of features are being added to the product that make things such as search queries easier to perform. I still feel like the system administration piece of Firemon needs improvement.

FireMon Feature Ratings

Policy planning and rule management
Not Rated
Automated Policy Orchestration
Not Rated
Device Discovery
5
Policy Compliance Auditing
8
Attack Path Simulation Testing
Not Rated
Anomalous Event or Behavior Deviation
Not Rated
Vulnerability Scans
Not Rated
Firewall Rule Cleanup
6

FireMon Support

ProsCons
Good followup
Knowledgeable team
Problems get solved
Kept well informed
No escalation required
Immediate help available
Support cares about my success
Quick Initial Response
Need to explain problems multiple times
Yes - The bugs have been resolved in future releases. Sometimes it is difficult to get the developers to acknowledge the bug, and it feels like the lab testing falls onto the customer.

Note - I wrote that a while ago, and bug support seems to be improving.
Firemon helped us create a script to copy data from one firewall to another.

Using FireMon

The usability is fantastic for the user.

The usability for the system administrator could be improved.
ProsCons
Like to use
Relatively simple
Easy to use
Technical support not required
Well integrated
Consistent
Quick to learn
Convenient
None
  • The Revisions feature makes change orchestrations easier and I use it daily.
  • Creating queries to automate and shorten tasks. For example, checking for certain applications or ports used on rules on perimeter security devices.
  • Creating reports based on rule severity scores is very helpful and feels like a vulnerability scanner for firewall rules.
  • The difficulty lies more on the administrator of Firemon itself than the user. The system can be very sensitive especially during upgrades.
  • Search queries could be easier as far as directives and options to use in the search, but I keep seeing more and more granularity added with each release so I believe Firemon is aware of it and working on it.