A Review of FireMon
July 28, 2020
A Review of FireMon
Score 9 out of 10
Vetted Review
Verified User
Modules Used
- Security Manager
- Policy Optimizer
- Policy Planner
Overall Satisfaction with FireMon
FireMon is used for firewall governance, including the creation of reports to satisfy PCI requirements, to identify and prioritize remediation of overly permissive rules and rulesets, and as the principal platform for performing firewall policy audits against internal standards.
- PCI Reporting - After identifying which firewalls and rulesets are in scope, producing a report artifact to satisfy PCI requirements on Firewall reviews is literally a two-click operation.
- Storing Rule Metadata - FireMon stores metadata (prefilled fields, standard fields, and custom fields) for each rule in each policy which is valuable for context during firewall reviews in particular
- API - FireMon exposes most if not all of its functionality via REST API
- FireMon does not yet support URL filtering (the identification of or implementation of) for Palo Alto firewalls
- Direct integration with other systems takes place through workflows, which are not documented (the intent I believe is Pro Services should be engaged in order to do integrations, e.g. with ServiceNow).
- FireMon's Compliance Reporting provided an immediate and tangible benefit
- FireMon helps identify egregious or erroneous rules quickly across multiple platforms
- FireMon took our audit process from an Excel spreadsheet into a far more advanced process with readily available context for reviewers
We performed a head-to-head PoC between FireMon and AlgoSec several years ago. Both platforms were well developed, but FireMon had the upper hand in three areas:
- Its UI was more unified and intuitive across the different components and products
- The reporting was better suited for upper management and more visually appealing
- The REST API was easier to use, at least in the limited time we had during the PoC