FireMon Review

In addition to firewall auditing, we use it for rule traffic analysis, traffic flow discovery and hidden/shadow rules.


Valuable Features

Firewall auditing is very important. We also use the solution for rule traffic analysis, traffic flow discovery and hidden/shadow rules within over 100 firewalls spanning five different brands. These features are valuable as firewall rules are constantly added but its tough to determine what can get cleaned up over time. Knowing how frequently a rule is used, where redundant rules exist and documenting changes are important.

Improvements to My Organization

Since our network is large, someone new like myself has a challenge when we need to make changes to permit certain traffic. Often this traffic will traverse multiple firewalls and FireMon can help demystify where needed rules need to be implemented.

Room for Improvement

We just went from the v7.x to their latest web based v8.x which was a welcome change. One area for 7.x customers that needs improvement is the migration. It is an involved process so get ready to spend some time getting your environment back to the way it was. Another area that could use improvement is the traffic path analysis. FireMon uses learned zone data against interfaces to help determine traffic pathways. The catch here is in v8.x, you now have to specify a source or destination network which may throw off the results sending you to the incorrect firewall. Since we just upgraded last week, there aren't many other items that we can see as improvements as we are just getting familiar with this version.

Use of Solution

I've used this solution for a little over one year.

Deployment Issues

The migration from v7 to v8 needs to be improved but we had no issues in the initial deployment.

Stability Issues

We have a centralized server with data collector appliances placed between two data centers. We were losing change data because one of the collectors had too much load on it but we never knew. Support had to dig deep when we had our 7.x install and help balance out our firewall to collector ratio to ensure we weren't flooding any one collector.

Scalability Issues

It's been able to scale for our needs.

Customer Service and Technical Support

Their support is very good. They are generally responsive and I have needed to escalate only a couple of times.

Previous Solutions

We had no solution in place prior to this. FireMon was the best choice as they really specialize in this niche market.

Initial Setup

Like anything new, we needed help from support to get our initial setup moving along. However once you learn the basics, it's not hard moving around the system.

Implementation Team

We did get FireMon's assistance during our initial implementation. I encourage this as every environment is different and for me it was worth the investment to get that initial startup help to get things going.

Other Advice

Like any implementation, take time and plan. Engage users and stakeholders letting them know what this system can do and get it integrated within the organizational ecosystem. Like any solution, if it isn't used you simply don't get that potential dividend.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
2 visitors found this review helpful
1 Comment
Nick SenatoreVendor

Brendan, thank you for taking the time to write a review of FireMon. I am glad to see you are finding overall satisfaction with the product. Please feel free to drop us a note at customersuccess@firemon.com for any future questions or concerns.

04 April 17
Guest
Sign Up with Email