Firewall change reports help with audits and compliance.
Updated December 03, 2020

Firewall change reports help with audits and compliance.

Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User

Modules Used

  • Security Manager

Overall Satisfaction with FireMon

We use FireMon for compliance purposes. We use it to generate reports whenever a change is made to the Firewall. We can see who pushed policy in Checkpoint, what Change# it is associated with, and what was actually done compared to what the change ticket stated.
  • When working correctly, it generates reports for each firewall when a change is made.
  • It is a great tool to audit Firewall rules, redundant rules, and changes made
  • It doesn't always provide reports for when changes are made.
  • It only shows who pushed policy in the reports, not who made the actual changes to the firewall.
  • You can no longer drill down into reports at a granular level which back in Version 7 you were able to, which provided a great deal of information.
  • Seems to have some issues communicating with Checkpoint retrieving all reports that are split between two data centers.
When working correctly, it can scale well to our environment which runs multiple Firewalls with backup Firewalls.
  • When working correctly, it works well for audit purposes providing needed information for our auditors and compliance.
AlgoSec and Tufin both have initial issues during the POC stage, and FireMon even though with the changes they have made still works better and is more user friendly.
When working correctly, it is great for audit purposes when you need to show when changes were made, what was made, who made them, and with what change. When the reports aren't working, you have to dig up all this information manually. Back in version 7, you were able to drill down in the reports that provided a very granular detailed information, now the newer version doesn't allow for this.

FireMon Feature Ratings

Evaluating FireMon and Competitors

  • Product Features
  • Product Usability
During the POC stage before buying the full product, make sure the product you are getting works with the Firewall solution you have, like Checkpoint.

FireMon Support

ProsCons
Quick Resolution
Good followup
Knowledgeable team
Problems get solved
Kept well informed
No escalation required
Immediate help available
Support understands my problem
Support cares about my success
Quick Initial Response
None
Yes - Issue with FireMon servers working in vSphere where RAM and CPU usage doesn't show spikes. The management station will lag out and not provide reports when policy is pushed in Checkpoint causing us to have to do fake installs to generate reports because the servers resources capped out and lagged but the VM doesn't reflect this.
We had our rep visit us onsite to assist us in standing up a second data collector to work with our management station to help alleviate the work load the management station was under as we have the management station in one data center and have two data centers. The second data collector was configured in our second data center.