Firemon Security Manager v7/v8
June 01, 2020
Firemon Security Manager v7/v8
Score 7 out of 10
- Security Manager
- Policy Planner
Overall Satisfaction with FireMon
FireMon Policy Planner (version 7) is currently being used as our firewall request system across the IT organization. This allows us to have a central location for managing and tracking all firewall change requests. The workflow allows tickets to proceed through various levels of approval prior to implementation. Maintaining audit records of firewall changes is a business requirement, FireMon Security Manager (versions 7 and 8) is currently being used by our security team to satisfy audit requirements through compliance assessments and reports.
- Version 8 addressed some shortcomings of the previous version regarding response time and administration capabilities. Reports are generated quickly and there are more customization options for administrators.
- New dashboards provide a quick overview that is much more informative than the previous version.
- The enterprise view is a nice way to view devices across the organization at a glance.
- The search functionality is much improved in version 8 and allows you to search across all devices if you so choose. It is quick and has a query syntax builder that is a vast improvement over searching capabilities in version 7.
- Creating custom controls is much better in the newer version. The syntax helper will build the correct query for you.
- When they moved from version 7 to version 8 there were some areas that seemed neglected. The generated reports did not always render properly when viewed as a PDF, though they looked fine in HTML. Another lost function was reporting usage on NAT rules in firewalls.
- The scheduling function for reports/assessments is not the easiest thing to find or administer. It would be nice to be able to schedule reports directly from the Security Manager without having to go to Administration.
- I would like to see customizable reports. Right now you must create custom controls and add them to custom assessments.
- The GUI does not always maintain your filters or settings if you drill down into an object and then return.
- There are not always enough search filter options and they are sometimes hard to view.
- Some reports are not very useful. It would be nice to see those re-evaluated or re-worked into a usable report.
The current environment has not been scaled out, but replacing a data collector was relatively straightforward. I imagine it would be similar when scaling the environment to include more data collectors.
- The tool provides consistent, measurable compliance reports that help keep our business safe.
- There was no migration path from version 7 to version 8. An audit requires seven years of records, so the old system needed to stay active despite support ending. There was no easy way to export the ticket information for storage and reference.
- There have been some licensing challenges and confusion over how devices need to be licensed.
The Best Practices Assessments were a good starting point. A custom assessment was created for our organization that included a mix of best practice controls and custom controls. These assessments are provided on a quarterly basis to ensure our firewalls remain within compliance regulations.
- ServiceNow, Cherwell Service Management and Ivanti Service Manager (powered by Heat)
I have used other ticketing systems, but only FireMon for firewall reporting.
I have found FireMon very useful for auditing, reporting, and compliance purposes. It has become a quick resource for firewall policy information across the organizational footprint. Some of the reports, particularly those with recommendations, ought to be taken with a grain of salt as the recommendations do not account for rule/object utilization or business requirements.