FireMon Review

It helps reduce the complexity of the firewall rule set, but we need the end-to-end mapping feature working


What is our primary use case?

The primary use case is optimizing firewall rules.

How has it helped my organization?

The firewall administrators have gained time back by using this tool, simplifying the firewall rule set. The solution helps to clean up rules which have not been reviewed in several years.

It gives us the ability to go to one place to look for potential firewall rules that are inappropriate, or which don't meet compliance. Instead of manually searching hundreds of firewalls for a policy, we can go to this one location and find the rules which are now out of compliance.

What is most valuable?

The policy overview is the most valuable feature for each of the firewalls that we manage right now, as it reduces the complexity of the firewall rule set.

What needs improvement?

The AWS integration is still not mature for us to use. It is just not ready for our use case for AWS connectivity. Therefore, it does not provide us with a single pane of glass for our cloud environments, because we can't manage our cloud environment with the tool.

The map needs improvement in our network. The tool should be able to map out the path of flow from one firewall through our network. However, it does not understand our routing environment, so it cannot do that for us.

We would like it if this solution could provided us with end-to-end change automation for the entire rule lifecycle, but the map feature cannot support our environment, for now.

For how long have I used the solution?

We started our proof of concept in 2017.

What do I think about the stability of the solution?

It is stable, which is acceptable. I don't have any negatives with it. This is not a concern of mine, as we don't have any issues with stability.

We have probably one full-time equivalent managing the tool right now. Our ultimate end goal, that I am envisioning, is that we would need more support to manage the tool.

What do I think about the scalability of the solution?

All the vendors in this space seem to overpromise and underdeliver on scalability. They all claim they scale the best, but none of them really do. This is an area that could be improved. It is the same with high availability. High availability for geographic separation is also an area that could be improved.

Right now, at this stage, only our firewall admins are using it. This is a team of about 20.

How are customer service and technical support?

The technical support has been very responsive. They have helped us with all of the issues that we have encountered.

If you previously used a different solution, which one did you use and why did you switch?

We didn't use a previous solution.

How was the initial setup?

The initial setup was straightforward. The wizard was easy to use. So, the initial installation of the tool was easy. However, when you get back into configuring the details for the map to obtain that single pane of glass view for the entire network, it was not well thought out and it could use improvement.

I would still consider us in an early phase of deployment, even though we've been using it for two years. We don't have all the firewalls licensed, so they are not all being managed by the tool. I would say we're still not done deploying it. We're still waiting on features to be developed by FireMon, so we can use it in our environment.

Our implementation strategy was to license the high value firewalls first, trying to start getting them managed by the tool, then we were hoping to do an initial pilot for firewall rule change management. However, we were never able to get to that step because the tool can't manage our network, or doesn't understand our network.

What about the implementation team?

We used FireMon Professional Services.

What was our ROI?

We have not met a return on investment with this tool yet.

For the firewalls that we manage, it does help reduce our overall audit time.

What's my experience with pricing, setup cost, and licensing?

We don't license all of the devices in our network, so it does not provide us with a comprehensive visibility of all devices in a hybrid network at this time.

I'm not involved in our licensing costs, but I do know that FireMon has a wide variety of different licensing options.

Which other solutions did I evaluate?

During our proof of concept phase, we also evaluated Tufin, AlgoSec, and Skybox. We chose FireMon based on a few different things, but the main one was that they were a US-based vendor and the others were Israeli.

What other advice do I have?

Each deployment scenario will be unique. A robust proof of concept is key to make sure it will meet all of your intended use cases.

The solution is managing 25 percent of our firewalls right now. We probably won't increase usage until we can get the required features for firewall change rule management to work correctly. We probably will not increase usage until that works.

I would rate it as a six (out of ten). We need the end-to-end mapping feature working to make it a ten. That is just our next phase. I don't know what other problems that we will run into. There is a lot to deploy before we can give all the details of what we need to make it a ten. There is integration with ServiceNow and some of our other tools. We have to make sure all that is working before we could give it a ten.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Add a Comment
Guest
Sign Up with Email