We performed a comparison between FireMon Security Manager and Skybox Security Suite based on real PeerSpot user reviews.
Find out in this report how the two Firewall Security Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is the single place where we go to review all of our firewall changes. The solution makes it easier for us to track all the changes made. It is a central place where we can look at all the firewall rules, because we have three different firewall vendors. It save us time and creates efficiencies by looking at the general picture."
"It gives us the ability to go to one place to look for potential firewall rules that are inappropriate, or which don't meet compliance. Instead of manually searching hundreds of firewalls for a policy, we can go to this one location and find the rules which are now out of compliance."
"I like the Security Manager console where we can see any changes that have been made or pull the results of an assessment and control the policies that we implement."
"FireMon decreases errors and misconfigurations by 10% that increase risk in our environment. That has to do a lot with the change reporting that is in place, but also with the built-in controls and custom controls that we have made. Those all decrease the errors that people naturally make on a day-to-day basis for firewall administration."
"The most valuable features are Policy Optimizer and Firewall Manager for different brands of firewall."
"For the cleanup of firewall rules, it performs really well for us. We utilize it in our regular rule cleanup tasks, several times a year. FireMon is our primary tool when doing that, either by going through its out-of-the-box compliance rules or using it to search for certain things in our rules that we want to prune from our firewalls."
"What I like about FireMon is the ability to track changes made by network engineers on the network."
"The most valuable feature of FireMon is its ability to configure multiple devices and consolidate them into a single desktop, which allows us to manage all of our security devices, such as Palo Alto and Zscaler, from one place."
"Skybox allows organizations to reprioritize the vulnerability they attempt to patch and mitigate, based on the contextual awareness of the network."
"The product's most valuable feature is vulnerability management."
"Security review is the most important feature, because it offers a single pane of glass to analyze multiple firewalls."
"The most valuable features are Firewall Assurance and Vulnerability Control."
"Change Manager is most important because of the impact on each other of a network change or a firewall change. We want to understand this and to know, beforehand, what the impact of a change will be. We are a large network so that is a very important tool."
"instead of asking for firewall rules which may or may not be relevant, or could already be there, or could be over-permissioned, Skybox can be used to map out the resources that that application is going to use and provide the exact rules that an application would require to function correctly. If the traffic isn't able to flow for the application, if it's erring out, Skybox can be used to troubleshoot that and say, "All right, where is the traffic being stopped and why, and how do I fix that.""
"It's given us more visibility in terms of what are the kinds of configurations that are on these devices, and how many of these are stale rules. So it's helped greatly in terms of cleaning up of rules, for sure. And it has definitely given us a more secure way of backing up the configuration on these devices."
"The revalidation and policy recertifications are most valuable."
"We have not used the Policy Planner but even so, we have identified areas of improvement with it during our testing. For example, it could be better when it comes to ease of integration or ease of policy automation. Another problem is that there is a console where it has too many options and is not very straightforward. Essentially, controlling it could be made more seamless."
"We have had some stability issues that are affecting operations. We rely heavily on this solution and if it isn't working then we have to create rules manually."
"When it comes to documentation, they need to start putting together a basic command manual. With Cisco, you can look up a command and it gives you examples of three or four different ways that command can be used. It tells you how to put it into the GUI and the CLI. FireMon does need to start doing that."
"Its reporting can be improved. I am the only one who works a lot with it, and I am having problems in terms of reporting. In the case of Palo Alto, I'm okay with it, but with some of the Cisco devices, such as routers, when I provide the reports to other teams for review, they always say that the hit count is incorrect. So, I was struggling for a long time to work with them. When working with other teams, they have a lot of questions about reporting, such as how it reports, and we are still struggling with that."
"The cost of the solution is pretty expensive. It would be ideal if they could work on their pricing."
"The current health and monitoring of the devices is atrocious... Imagine you have a list of 200 devices, and you can grade each of those devices as either green, yellow, or red. However, there might be three different reasons for you to go to red, or eight different reasons to go to yellow, and all of those things could be combined... Out of all those categories, I only find one or two of them that are, perhaps, pertinent."
"Our firewalls have multiple paths through them and FireMon falls short a little bit because it's not Palo Alto-centric. I don't think FireMon has kept up with where Palo Alto is at. They started out being Check Point-centric for years and they've never really fully embraced the nuances others, like Palo Alto or Fortinet, have. They don't handle a lot of the capabilities and attributes that Palo Alto does yet. They're working on it. They're getting there."
"It comes as a Linux appliance on a server and we're not a Linux shop, we're more of a Windows shop. It would be great if they could automate or integrate the backups into it and other things through their GUI interface, just to make the management of Linux a little more transparent."
"The setup documentation needs a lot of improvement."
"The solution does not support certain devices or vendors in some regions or countries due to regulations."
"The support could be improved."
"The most recent update was not tested with all of the vendors before it was released, so some of the features are misbehaving."
"The tool does not offer options for customization."
"There is room for improvement in pricing. It would be better, especially if a customer bought all four modules."
"The stability is something that is questionable. I don't know whether it is because of the kind of infrastructure we have or because of the product in itself. We're running it on a virtual machine right now. Maybe once a month, or once in every 45 days, it requires a restart because the application fails to connect. So I have to restart the whole Skybox Manager itself, the Skybox server itself, and then connect to it from our Skybox Manager."
"They are not satisfied with the complexity of the solution and the price."
FireMon Security Manager is ranked 4th in Firewall Security Management with 53 reviews while Skybox Security Suite is ranked 6th in Firewall Security Management with 34 reviews. FireMon Security Manager is rated 8.2, while Skybox Security Suite is rated 7.8. The top reviewer of FireMon Security Manager writes "Makes compliance much easier compared to doing it manually, and automates policy changes across environments". On the other hand, the top reviewer of Skybox Security Suite writes "Efficient in vulnerability management, stable and easy to use ". FireMon Security Manager is most compared with Tufin Orchestration Suite, AlgoSec, Palo Alto Networks Panorama, ManageEngine Firewall Analyzer and RedSeal, whereas Skybox Security Suite is most compared with AlgoSec, Tufin Orchestration Suite, Palo Alto Networks Panorama, RedSeal and Qualys VMDR. See our FireMon Security Manager vs. Skybox Security Suite report.
See our list of best Firewall Security Management vendors.
We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.