FireMon Review

It helped us identify unused rules, reducing the load on the firewalls.


Valuable Features

The Configuration Change Management feature was something we were interested in as it helped us to identify who made the change, when and why. Also, the workflow was easy to set up to ease operations.

The second important feature I liked was determining unused rules - rules placed incorrectly in the ACL - this helped us to reduce the load on the firewalls, thus we didn’t have to buy a new firewall due to high CPU or memory consumption. With the help of FireMon, we fine-tuned the rules and were able to save money for buying a new firewall.

Improvements to My Organization

As mentioned, we were able to ease the operations and set up a workflow that allowed the firewall and other network-related requests to go through a formal approval process. This helped to track who, when and why the request was done.

Also, removing redundant rules and placing the rules at the correct place helped lower CPU and memory consumption.

Room for Improvement

I would have preferred fewer updates, as there were quite a few updates made every now and then. Secondly, the Risk Management Module didn’t work well until you have the all of the subnets mapped. This can be improved.

Use of Solution

I used it for two years.

Deployment Issues

I didn’t really encounter any deployment issues. However, sometimes the GUI used to crash when it tried to populate the device map; we had a lot of devices. At times, the map displayed fine, even though it took some time to show up; and at other times, the GUI crashed. This should be fixed.

Customer Service and Technical Support

Technical support was fine; they have good technical people. However, support can be improved, if they become more responsive.

Previous Solutions

I did not previously use a different solution.

Initial Setup

Initial setup was fine; you just need to map certificates between the sensor and the Application Server, which was something different. It can be sorted out through some other methods as well. I don’t exactly remember, but we faced one issue and to resolve it, we had to install the certificates again to get it working.

Implementation Team

Implementation was done by the vendor team.

Pricing, Setup Cost and Licensing

Although I have left the company, I heard that since the license renewal cost was too high, management decided not to renew it. The vendor should reduce the license renewal cost.

Other Solutions Considered

I personally did not test any other alternative, but I heard management evaluated Skybox as well; they eventually chose FireMon. It was a management decision, so I don’t know why others were rejected.

Other Advice

Check the renewal cost, and determine whether the Risk Management Module is mature enough and whether GUI crash issues have been fixed or not. Maybe for small companies, it comes up fine, but for large environments, it might cause issues.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 Comment
FireMon Customer Success Manager at FireMonVendor

Thank you for providing your detailed feedback on FireMon Security Manager. We truly appreciate the investment of your time to post a review.

In regards to your statement about issues displaying the device map; It is highly recommended to organize devices into device groups. This improves usability for organizations with a large number of devices, and reduces the amount of time taken to display the device map.

26 June 17
Guest
Sign Up with Email