The instant and complete network graphical view it provides is amazing. Alerts give you complete control of firewall changes, its amazing for compliance and security policy validation. Rule comparison and filters are an easy way to check if you policy is concise and clean, giving your firewall the best performance and readability.
Improvements to My Organization
We managed around 70 different firewalls in more than 25 countries all over the world. The firewalls were from different vendors such as Palo Alto, Checkpoint, Cisco, Juniper, etc. FireMon helped to decrease the workload on risk analysis and also firewall rulebase review time by 50%, at least due to its very elaborate and easy to use filters.
Room for Improvement
It’s been a constant need not only to analyze firewall rules and configurations but also implement them, for which FireMon has no support. Also some of the firewall analysis involve weak password policy, FireMon could implement a way to send firewall hashes, when they exist, to third party cracking softwares.
Use of Solution
I used this solution for about three years in my previous job. I primarily used the Policy Planner and Policy Optimizer modules.
The deployment was already easy for v7.0, the upgrade to v8.0 is even easier.
We had no issues with the performance.
It's been able to scale for our needs.
Customer Service and Technical Support
I would rate it 8/10. The only reason I don’t rate it 10/10 is because of the response time which, for us, sometimes took a little bit longer then expected. Customer service and technical support is very good.
The initial setup was very easy and straightforward and we had no problems implementing it.
It was initially implemented by a vendor team, but the implementation could easily be done in house.
Pricing, Setup Cost and Licensing
FireMon is not a cheap solution but its price is well balance for what it has to offer.
Other Solutions Considered
We have evaluated FireMon’s competitors like AlgoSec and others, but found FireMon to be the best solution for our needs due to having a complete set of tools.
Be sure you read all the specs, and test the application as deeply as you can to ensure it meets all your requirements.
Which version of this solution are you currently using?
7.0 and 8.0