What is most valuable?
FireMon has served as a change monitoring and notification tool for a number of years, but recently we’ve decided to utilize the policy review capabilities to automate our periodic firewall rule review process.
Our primary use case for Firemon initially was to perform change notification for our ASA firewalls. This was the case for about 5 years.
With the introduction of version 8, we decided to reconsider other capabilities of Firemon – specifically the policy review reports that show unused or duplicative policy rules. We intend to use these features to automate our firewall policy review process.
How has it helped my organization?
Instead of having to utilize a manual review process, we can automate most of the process. Change notifications for our ASA firewalls that do not have built in change notification is also automated for us.
For how long have I used the solution?
What do I think about the stability of the solution?
Yes, after an upgrade to version 8 from version 7, we experienced several issues with the Data Collector component. They were all resolved pretty quickly by FireMon support.
What do I think about the scalability of the solution?
How is customer service and technical support?
FireMon’s technical support is capable and responsive. I’ve had no issues with getting the right resources engaged when I need them.
Which solutions did we use previously?
How was the initial setup?
The upgrade from version 7 to version 8 seemed to be unnecessarily complicated, so we opted to to a clean install on version 8, and have had no issues with using this approach. In fact, it helped us clean up our installation.
What's my experience with pricing, setup cost, and licensing?
Understand that the licensing exercise, is intended to right size the costs to your actual firewall models, but that Firemon v8 does not make a distinction between firewall models in the tool itself.
Which other solutions did I evaluate?
No other solutions were considered.
What other advice do I have?
Perform the installation and utilize FireMon support to optimize the installation. Perform a post installation review of the configuration a couple of months after it’s implemented and running so that you can decide what features to use, which are useful. There are a lot of built in features that aren’t apparent until you get the whole system set up, all of your devices discovered, and the system collects information for a few weeks.
Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Dec 01 2016