The honest FireMon review
October 15, 2020
The honest FireMon review
Score 10 out of 10
- Policy Optimizer
Overall Satisfaction with FireMon
FireMon is used in conjunction between the Network and Security team for security purposes like evaluating current security posture of the firewalls as far as rules and configurations in place. We are aiming to use it to automate yearly recurring review activities by our teams and to facilitate the amount of time it takes to complete them.
- Rule review.
- Best practice guidelines review.
- Configuration review.
- CIS benchmark integration would be great.
- The reporting inside the platform is great, but the exported versions could be improved to facilitate reading and get a high summary executive view.
- Firewall cleanup is easy.
- The review and audit process are now easier than ever.
- Collaboration between teams managing the firewalls.
We only use FireMon for on-premise purposes at the moment. I'm not aware of any initiative to take it to another level, but if there's an opportunity we're aware the solution is well suited for all our needs, regardless of the environment where it is implemented and in which it is operating.
We actually use FireMon between the Network and Security team to facilitate creation, deletion, review of our firewalls rules, but the whole workflow process is done and followed in our ticketing system instead of FireMon for centralization purposes. We're not looking to change this for now, but we're well aware it's possible.
We actually tried to use it for benchmarking purposes, but unfortunately CIS isn't supported right now, we are looking forward to it. Other compliance regulations are supported, but we don't use the tool in the regulated environments we have since they are managed differently by different teams and different tools.
We use the tool to benchmark our firewalls based on the best practices of the industry when it comes to the configurations in place. Knowing that we consider the tool helped us establish recommendations faster and easier, as well as clear solutions presented by the solution itself inside the reports.
They are two very well done tools, FireMon is better suited for firewall rules evaluation, configuration and review, Tenable.io is better suited for CIS benchmarking. We ended up using both of them in the end, it really depends of your needs and what you are looking for, the two tools are built for different purposes.
It is a nice monitor tool, don't expect anything more. Organisation processes are needed around its integration to enhance its use. Everything related to firewall optimization and cleanup is nicely done by FireMon, the solutions are also well presented and easy to implement. The reports are great, but it still require human interaction to fix things, don't expect the process to be automated.