Overall Satisfaction with FireMon
Currently, we are using FireMon to catalogue our firewall policies, assign owners to rules, and audit those rules.
Easily understanding how many firewalls, routers, switches, etc. can be used from a hardware/CPU/memory perspective has been challenging. The real reason I gave the "8" is because of all the bugs in the systems that we encounter when we upgrade. It's guaranteed we run into a minimum of two to three bugs immediately after upgrading.
- Positive - ability to add rule owners has been a big deal
- Clean-Up of unused firewall rules has been helpful
- Global architecture searching - i.e. I'm looking for a single server and all of its touchpoints in our environment. Where do I search? FireMon, of course.
We have not used that to my knowledge yet. But, I know it's coming.
We are just now embarking on an automation effort. It would be good for us to learn more about these features and how to use them effectively.
We run reports from FireMon for our compliance teams and this has simplified our role in compliance audits.
Currently, we have not been using FireMon in this capacity. I would like to learn more about how to utilize this.
Tufin and Skybox are products that I've analyzed over the past few years, but never purchased.
Firewall rule analysis, removing shadow rules, finding gaps in policies are all great areas for FireMon use. We have limited use of FireMon in our organization because we don't have a good understanding of the product and its capabilities (outside of one or two individuals). It would be good for FireMon to look at our setup and advise us on what we can use it for.