FireMon, but without bugs
Overall Satisfaction with FireMon
Currently, we are using FireMon to catalogue our firewall policies, assign owners to rules, and audit those rules.
Pros
- Policy Optimization - helping us remove shadow rules
- Rule analysis for gaps in security
- Unused rule identification
Cons
- Bugs, Bugs, Bugs, Bugs, Bugs
- Upgrades are often problematic.
- Sometimes what the reports show isn't what's in the database.
- Positive - ability to add rule owners has been a big deal
- Clean-Up of unused firewall rules has been helpful
- Global architecture searching - i.e. I'm looking for a single server and all of its touchpoints in our environment. Where do I search? FireMon, of course.
Tufin and Skybox are products that I've analyzed over the past few years, but never purchased.
Comments
Please log in to join the conversation