We performed a comparison between FireMon Security Manager and Tufin Orchestration Suite based on real PeerSpot user reviews.
Find out in this report how the two Firewall Security Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The unused objects is another nice feature, where it digs a little bit deeper into comparing the logs that it sees versus the configurations that it sees... The unused objects feature will go through in a pretty detailed way and show us which ones aren't being used. Or, if they are used, it will show us how often they're used."
"The Security Manager part of FireMon... gives me an eye on everything that's out there, everything that I cannot see. Because I'm not a network admin, I cannot go to a firewall itself, but at least I have FireMon so that I can go in and view everything that I want to view. And I can eliminate whatever I see that is wrong,"
"The most valuable feature is the Firewall reviews for our company compliance."
"In one report, FireMon tells us there are, say, 1,000 rules that can be taken out and it gives us the ability to disable those for a year and to track when we made our changes. After a year, we can go back and eliminate the rules, to bring the configuration down to an almost human-readable level."
"It is a good product. Previously, we were using only spreadsheets to compare the usage, but now with FireMon, we are able to clean up or review the policies to some extent. It is still a work in progress, but we are at a good stage now."
"The most valuable features are Policy Optimizer and Firewall Manager for different brands of firewall."
"FireMon decreases errors and misconfigurations by 10% that increase risk in our environment. That has to do a lot with the change reporting that is in place, but also with the built-in controls and custom controls that we have made. Those all decrease the errors that people naturally make on a day-to-day basis for firewall administration."
"Firewall auditing is very important. We also use the solution for rule traffic analysis, traffic flow discovery and hidden/shadow rules within over 100 firewalls spanning five different brands."
"We were hit by the NotPetya attack. Therefore, our whole company and all its sites were down for several months. So, you don't have an attack like that and not need something like Tufin. Other companies can prevent these attacks, or at least slow them down, by having this type of a tool. We will never go back."
"It provides very good reports. It can easily integrate with multiple firewalls, such as Cisco, Juniper, Palo Alto, and Checkpoint. We can push a policy from Tufin to a firewall, which is a very good feature. We can monitor all access rules and the operating system of a firewall."
"The Automatic Policy Generator saves time because we are able to identify the required policy when a client doesn't know what he needs."
"The filtering of lots of criteria is very valuable."
"Our engineers are spending less time on manual processes, specifically for the reporting functionality. For doing the rule cleanup and policy analysis, it would be a nightmare to do that manually. So, it is saving our engineering teams time from not having to do manual log reviews."
"We've scaled it to hundreds of firewalls."
"The solution helps us meet our compliance needs."
"It is very stable."
"When it comes to real-time compliance management, something that is missing is alerting on certain, predefined controls. It would be good to have a predefined set of controls which, if not complied with in a newly set up rule, would create an alert for us. That is something that is missing, out-of-the-box."
"When it comes to identifying risk in our environment and prioritizing fixes, it is really about the different priorities within the organization. FireMon is not so smart that it can tell what's important to us. It's up to us to figure that out."
"The current health and monitoring of the devices is atrocious... Imagine you have a list of 200 devices, and you can grade each of those devices as either green, yellow, or red. However, there might be three different reasons for you to go to red, or eight different reasons to go to yellow, and all of those things could be combined... Out of all those categories, I only find one or two of them that are, perhaps, pertinent."
"Some of the things that you want to do in FireMon are not exactly straightforward, like creating certain reports or controls. Some of the functions could be a little more user-friendly, such as creating certain filters."
"We are looking for more integration with SIEM and other tools."
"A phone app would be nice. This is the reason why it is not perfect yet."
"The training for configuring new users or operators is confusing because the UI is not user-friendly and has room for improvement."
"We have had some stability issues that are affecting operations. We rely heavily on this solution and if it isn't working then we have to create rules manually."
"The key area for improvement is the integration to F5. One of the things that we encountered with another customer is that there were some limitations when we tried to migrate policies from F5 into Tufin."
"We use a lot of inline rules, and it would be beneficial to see those from within Tufin."
"The solution does not have automation with other Firewalls."
"The older version that we have doesn't support some newer firewall vendors."
"I wish there was a read-only admin option. I don't like that you have to be a full admin just to see the Network Topology Map. That option is great out there if you are a user, multi-domain user, etc. However, that piece is very helpful for us, but I also don't want to be handing out admin access to every single person so they can see that network tab."
"I would like to see visibility into the FW features like IPS/Content Filter policies, the same way it does for FW rules/policies."
"At least in our environment, the dynamic learning of the topology needs improvement."
"The change workflow process is flexible and customizable to some extent, but there is room for improvement. In some cases, we've found it difficult to get the exact thing which we were looking for. Then, we end up having to go and do the thing manually."
FireMon Security Manager is ranked 4th in Firewall Security Management with 53 reviews while Tufin Orchestration Suite is ranked 2nd in Firewall Security Management with 180 reviews. FireMon Security Manager is rated 8.2, while Tufin Orchestration Suite is rated 8.0. The top reviewer of FireMon Security Manager writes "Makes compliance much easier compared to doing it manually, and automates policy changes across environments". On the other hand, the top reviewer of Tufin Orchestration Suite writes "A flexible, very secure solution that works well in Layer 2 environments". FireMon Security Manager is most compared with AlgoSec, Skybox Security Suite, Palo Alto Networks Panorama, ManageEngine Firewall Analyzer and RedSeal, whereas Tufin Orchestration Suite is most compared with AlgoSec, Skybox Security Suite, Palo Alto Networks Panorama, ManageEngine Firewall Analyzer and Cisco Defense Orchestrator. See our FireMon Security Manager vs. Tufin Orchestration Suite report.
See our list of best Firewall Security Management vendors.
We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.