Cost effective and operationaly acceptable for basic operations
Updated February 24, 2023
Cost effective and operationaly acceptable for basic operations
Score 6 out of 10
Vetted Review
Verified User
Modules Used
- Security Manager
- Policy Optimizer
- Policy Planner
- Risk Analyzer
Overall Satisfaction with FireMon
We use it to get an analysis of our firewall policies and get some recommendations on what policies have not been used for a long time and can be removed, policy re-ordering, optimization, and risks over risky protocols being allowed in policies like telnet or FTP. We use it to push policy automation changes, This enables a zero-touch framework to implement policy changes.
- Policy overview and optimisation suggestions
- Risk analysis over wide open policies, risky ports open on policies
- Zero-touch automation for policies
- Using with in house ticketing solution to make a framework for policy change approval.
- The firemon had have some issues after almost every update. They need to improve on that.
- Cisco is one of the products that has best support, The scope of other products can be improved.
- Automation of policie implementation breaks very often
- We are using this as a migration our our legacy policy manager solution.
- The support with our in house ticketing solution and approval process has made it easier.
- The admins have to do many sessions with support to resolve the issues. Most break cannot be fixed by users themselves.
Do you think FireMon delivers good value for the price?
Yes
Are you happy with FireMon's feature set?
Yes
Did FireMon live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of FireMon go as expected?
Yes
Would you buy FireMon again?
Yes
AlgoSec and Tufin both are good tools but the cost involved for what they offer as services led us to go with Firemon.
Using FireMon
20 - We use firemon for policy analysis, tuning, and cleanup.
We are using it to analyze the traffic for our ASAs and fortigates.
We also use the security module for compliance scans and auditing.
We are working on implementation of policy automation and integration of firemon with our remedy and service now.
We are using it to analyze the traffic for our ASAs and fortigates.
We also use the security module for compliance scans and auditing.
We are working on implementation of policy automation and integration of firemon with our remedy and service now.
20 - We have an in-house operations team to manage the operations of all our firewalls. These people have network routing and network firewall skills. They have skills in firewall policy creation, dynamic routing protocols, NAT, PAT, IPSEC tunnels, GRE tunnels and Next generation firewall features like IPS, DNSSEC and Web application firewall.
- Policy tuning and ananlysis.
- Security compliances.
- Audit trailing.
- Tagging and adding description to rules.
- We are integrating with Gitlab and remedy for automating policy creation tickets.
- We have created customized compliances standards to scan firewalls and policies
- We are creating change reports being sent to soc to analyze the policy or configuration changes.
- Create compliance scans as per soc policies.
- To analyze and manage aws security groups
- To maintain zscaler internet access security policies and groups.
Evaluating FireMon and Competitors
- Price
- Product Usability
The product provided some good pricing competition to algosec and tufin. It also provided the policy analysis, automation and complaince requirements for this price segment
Yes, We would like to analyze algosec and tufin more.
FireMon Support
| Pros | Cons |
|---|---|
Support understands my problem Support cares about my success | Less knowledgeable Escalation required |
Yes, we have enterprise support as we have a large number of firewalls being managed by firemon
Firemon helped us with complex collector deployment: Some collectors were on prem and some were on cloud. It took some help from the support team but they were of great help.