What is most valuable?
Policy test, access path analysis, and change reports.
Policy test and access path analysis tools in Security Manager enable me to find existing firewall policies quickly across the enterprise, troubleshoot, or to help choose the optimal path for proposed rules. Change reports on the device dashboard show us at a glance what was changed in a particular firewall config, by date, so we can easily troubleshoot problems with implementation.
How has it helped my organization?
It streamlined the firewall policy change management process by having all firewalls managed in one tool, and a workflow customized to our needs.
What needs improvement?
Policy Planner requirements section is good, but could use some improvement to allow flexibility to enter different types of requests (modifying an existing policy, object or service group, for example) in a structured task format that can be auto-verified.
For how long have I used the solution?
What do I think about the stability of the solution?
No issues with stability.
What do I think about the scalability of the solution?
No…we easily added a second data collector when needed.
How are customer service and technical support?
Excellent. Technical Support
Excellent--tech support engineers go above and beyond to answer questions and resolve issues.
Which solution did I use previously and why did I switch?
We previously used separate database applications to route change requests for approval, and did not have a tool likeSecurity Managerwith visibility into all the firewall configs and activity.
How was the initial setup?
Infrastructure was simple to set up, but custom workflow was complex, due to customer regulatory environment necessitating a lot of customization. FireMon Professional Services was able to accommodate, though.
What about the implementation team?
In-house project management and equipment configuration; vendor install in the data centers; Firemon Professional Services for extensive custom workflow development.
What's my experience with pricing, setup cost, and licensing?
Pricing model seems fair. Make sure to separate active versus inactive devices, and primary versus standby in HA pairs, as there is a significant cost savings for licensing; licenses on the applications are perpetual.
Which other solutions did I evaluate?
Customer evaluated other products, but chose FireMon due to its features and rating on Gartner.
What other advice do I have?
Review your current operational requirements and processes well, and determine what can change, internally, to take full advantage of the standard FireMon processes.
Which version of this solution are you currently using?