Streamline Firewall Management with Firemon
January 13, 2017
Streamline Firewall Management with Firemon
Score 8 out of 10
Vetted Review
Verified User
Modules Used
- Security Manager
Overall Satisfaction with FireMon
FireMon is very useful for reporting any changes made to firewall policies in real-time. It sends an email of who, what, and when the change was made. Very using for alerting other network admins. Reports also show which firewall rules may be too open. Firewall rule cleanup is important to keep up with. FireMon makes it easier.
Another feature I like is the API. Checkpoint doesn't have an easy way to search for NATed IP addresses associated with host objects. In v7 we use a PHP script to compile the real IP address, NAT IP address, name, and comment data to be easily searchable to help find available NAT addresses to use. Unfortunately, v8 doesn't pull the NAT data from Checkpoint at this time. Support said they are working on it.
Another feature I like is the API. Checkpoint doesn't have an easy way to search for NATed IP addresses associated with host objects. In v7 we use a PHP script to compile the real IP address, NAT IP address, name, and comment data to be easily searchable to help find available NAT addresses to use. Unfortunately, v8 doesn't pull the NAT data from Checkpoint at this time. Support said they are working on it.
- The API is very useful for extracting data.
- The reporting feature is very usful for finding weaknesses in the firewall rule base.
- Notification of firewall changes to keep administrators abreast of what was changed including rule, objects, etc.
- v8 doesn't import the translated NAT address from Checkpoint like v7 does. This needs to be added back.
- It helps streamline our firewall management.