FireMon provides a nice view
July 03, 2020

FireMon provides a nice view

Ken Sharp | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Modules Used

  • Security Manager
  • Policy Planner

Overall Satisfaction with FireMon

FireMon is used for firewall change management from request to implementation and verification. Security Manager is used extensively for policy test, and to enable cleanup and migration.
  • FireMon provides a live view in to firewalls across the enterprise in a single tool.
  • Policy Planner is customizable, and can be fit to your company's workflow requirements, to include API for Service Now.
  • FireMon provides policy testing capability, and traffic flow analysis, which is critical for timely troubleshooting.
  • The FireMon interface has evolved from a desktop client to a browser-based portal, but added many layers to navigating commands. A simpler interface with most commands and functions one click deep (and all visible) would be more efficient for daily ops workflow.
  • Policy test is great, but doesn't differentiate when a policy is a user-auth rule, so the result may show that policy is already in place, when it is actually not usable.
FireMon can be scaled, as needed, with multiple datacollectors, on-prem, or in the cloud.
  • The use of FireMon has eliminated the backlog in firewall policy changes, approval, and implementation.
  • FireMon has greatly increased the accuracy of changes, and reduced the risk of planned changes (3 incidents in over 27000 change tickets--most with multiple policy changes in each, is a stellar record)
We have used FireMon Policy Planner for tracking change requests to cloud firewalls and NSG.
We make full use of custom workflows for policy management, which has reduced backlog and mistakes.
Security Manager and Policy Planner are used to provide detailed reports of changes and documentation to Audit and Compliance.
Yes--outages due to firewall change errors have been virtually eliminated.
FireMon is very well suited for an enterprise with any number of firewalls and types. It is scalable, and can be installed as a single appliance, or distributed infrastructure, with as many data collectors as needed. It provides a view in to all firewalls at once, and enables efficient troubleshooting, policy testing, compliance analysis, and detection/validation of changes. For merge and acquisition, or spinoff, of network infrastructure, FireMon is an extremely valuable tool for quickly documenting routes, policies, and zones to execute firewall migrations.

FireMon Feature Ratings