FireMon Review

It allows you to put expiration dates on ACL's to remove unneeded exceptions, but network maps need more improvement.

Valuable Features

The reports you can run to look for redundant ACL’s in the firewalls, and the policy trace and review. It also allows you to tie to multiple domains so that the administrators for the FireMon servers do not have to deal with the hassle of making 'view only' accounts. You can also use the Insight function to keep records of the ACL’s. Instead of filling up the firewall with remark statements that could lose their position, you can leave all the information in the FireMon server, and you can tie in ticket information. It also allows you to put an expiration date on that ACL so that you can always remove unneeded exceptions.

Improvements to My Organization

It improved performance of the organization, as instead of going line through line of the firewall, we were able to quickly find IP addresses or services using Firemon.

Room for Improvement

I believe their network maps have a lot of room for improvement. I think they should allow more customization.

Use of Solution

I have only worked on this product for a year.

Deployment Issues

No issues encountered.

Stability Issues

We have not had any issues with stability.

Scalability Issues

My organization only used FireMon for Cisco ASA products, so I am not sure if it works with other firewalls but it does support other vendors.

Customer Service and Technical Support

Customer Service:

Great, they hold free WebEx sessions for additional training on FireMon.

Technical Support:

They're extremely responsive and experienced on the product.

Previous Solutions

We did not have a previous solution.

Implementation Team

An in-house team did it.

Other Advice

Using this product allows firewall administrators to quickly find a problem with their firewall configurations. It allows the administrators to also look for open services that should not be allowed. One of the most useful features is the ability to use policy trace. If you work in an environment with multiple tiered firewalls you can look at exactly what ACL’s the traffic is going through on each firewall without having to have permission to those firewalls.

It is a smart move to make and makes the administration and troubleshooting of ACL problems clear.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 Comment
Customer Success Manager at a tech vendor with 201-500 employeesVendor


Thank you for taking the time to write a review of FireMon. I am glad to see you are finding overall satisfaction with the product.

In regards customization on the map, you can always open a RFE (Request For Enhancement) ticket. This is closely monitored by our Product Management Team, and allow us to understand our customer's needs.

We look forward to working with your team more in the future.

21 March 17
Sign Up with Email