What is most valuable?
The most valuable feature is security management because it allows us to look inside the firewall and see things that the firewall doesn't report. For some of the things the firewall applications lack, we're able to gain insight with the FireMon appliance, as well as having one platform that looks into different vendors of firewalls. That's really important for us.
How has it helped my organization?
For me, specifically, I use it for a lot of firewall migrations. We can see rule usage. On a project that I was on, we saw the rules on the migration. We pulled the rules out that weren't being used, and then we could take rules that were overlapping, join those together and make it more efficient.
What needs improvement?
One area with room for improvement for me is doing the updates. We have to download it from User Center and then put it unto the machine through FTP, or something like that. I would rather just go to the GUI and hit the Update button, and it goes out and gets the update itself. Because these files are large and sometimes the transfers don't go through, the only way that we're able to do it right now is through FTP. That means we have to have CLI access, which sometimes we don't really want to do. I'd rather just go to the update screen, hit Download the Update, and then be able to reboot it and have it go to all of the data collectors, and transfer that file over there automatically. Right now, it's a process and it takes a lot of time.
It's more complex as opposed to being user friendly. It also depends on your level of knowledge on what to do. Some people may not know to do it, and there are some commands in there. If you don't have support, if you haven't read the entire admin guide, you wouldn't know.
For how long have I used the solution?
I have used it for eight years.
What do I think about the stability of the solution?
It crashed one time but that's because of a design issue on our part. It's not something that, I think, was on FireMon's part. We need to offload the storage, and our hard drives are filling up, so that causes problems with our servers, but as far as FireMon, I haven't really had a problem with FireMon crashing on its own.
What do I think about the scalability of the solution?
The only scalability problem is having an offloaded log collector, because we do send a lot of logs. We have our own servers that do the log collection and we need to make backups of that. As far as that’s concerned, no, we haven't had any issues with scalability. We can expand much further than what we have.
How are customer service and technical support?
We've had the FireMon product for eight years. I've only been directly involved with it for the past year. I generally don't call tech support, I usually contact my SE because we're still in the process of these huge migrations, so I talk to my SE a lot. I have contacted support once and they were very helpful, so I would probably rate it 9-10/10 because they know exactly what they're doing.
Which solution did I use previously and why did I switch?
We did not previously use a different solution, that I know of. I’ve been with my current organization for almost three years and it's always been FireMon, so I don't know. I wasn't a part of that decision-making process.
Which other solutions did I evaluate?
At the end of last year, we reevaluated which products we wanted to continue going with based on budgets. We reviewed Skybox, Tufin, AlgoSec, and FireMon.
What other advice do I have?
Don't be scared to contact the SE. My SE and I have a very good relationship and we bounce ideas off each other. Leverage your resources. It's not really a complex product to deploy.
Use the User Center. There's a lot of great info there and a lot of your questions can be answered in the User Center.
General recommendations: Make sure that the firewalls you have are supported. Make sure you know how many firewalls you have.
Go with the mindset of what you want to do; general project management-type stuff.
Everything's working fine. The only thing is the automated updates. I’m not giving it a perfect rating because of the usability of the updates. That's my biggest thing that they need to work on.
It's been working very well for us. We’ve got everything we need. We have several groups using it that like it.