FireMon Competitors and Alternatives

Get our free report covering Tufin, AlgoSec, Skybox Security, and other competitors of FireMon. Updated: January 2021.
456,719 professionals have used our research since 2012.

Read reviews of FireMon competitors and alternatives

AbdulMohsin
Solution Architect at Beta Information Technology
Real User
Top 5Leaderboard
May 21, 2020
Rich vulnerability management that is controlled from a single pane of glass, but the network modeling capability needs improvement

What is our primary use case?

We are a system integrator and this is one of the products that we implement for our clients. This is one of the vendors that we focus on, from a security standpoint. Skybox has an amazing portfolio that makes up the security solution. You can onboard your network devices with the network assurance module. This includes layer three, layer two switches, load balancers, and so on. This partially builds the network model for the infrastructure and the entire security platform is built off of that.

Pros and Cons

  • "The most valuable feature is firewall management."
  • "The Network Assurance, which helps to create the network model, is not so rich."

What other advice do I have?

My advice to anybody who is implementing this product is to make sure that they utilize it. The usage of it should be mandated for the NOC and SOC. They should use a single dashboard to take care of all of your infrastructure components. When a Skybox representative visits to discuss this solution, it is important to discuss the use cases properly. Have a good project plan and it is also very important to have the right partner. They should be certified, trained, and involved at all stages. Overall, it is a pretty good product. When you use it, you will see the benefit of it. I would rate this…
Michael Utech
Network Security Engineer at Customer Worldpay
Real User
Top 20
Jul 31, 2019
The most valuable feature is the Network Map

What is our primary use case?

Primarily, it is being used as a type of security auditing control on our firewalls. We are in the middle of a new project acquiring dedicated new hardware while building out SecureTrack and SecureChange. After this initial project, and building out all that infrastructure is done, then there will be a project to kick off some of the automation and orchestration type stuff to try and improve some of those processes for the IT group. The goal is to use it to revalidate, clean up, and optimize firewall policies, but we are not there yet. The company has had the product in place for a while. I am… more »

Pros and Cons

  • "In our current environment, the most valuable feature from Tufin is their Network Map."
  • "The biggest area where I see a need for improvement is some of the documentation and training stuff. It does a really good job of hitting the big concepts, but it needs like another layer deeper of actually getting into some of the details of how to do some of the things. Conceptually, I understand how the product works, but now how do I start building stuff and integrating it into my environment."

What other advice do I have?

If someone was looking for this type of solution, I would tell them, "Here are the top four solutions that I know of and the places that I worked on each of them. Here are the benefits, gossip, and downsides that I've seen for each one." Tufin has the best solution as far as it being self-contained, reliable, and integrating with the other things that you want it to integrate with. The customer service is also not arrogant like some of the other solutions. We need to utilize it to its capacity and capabilities, and we're not doing that yet. It will eventually reduce the time it takes to make…
NetworkEa55f
Network Engineer at a healthcare company with 10,001+ employees
Real User
Aug 14, 2019
The rule usage is a nice feature, but we have problems with it staying in sync when logging into the device

What is our primary use case?

We have it set up to test to look at policy from an overarching perspective. Then, we are hoping to use it for policy push, such as making both changes across different firewalls, but we haven't gotten to that point yet. We have the on-prem relay, and then that connects into the cloud for Cisco Defense Orchestrator (CDO), We deployed the most recent version about a year ago. We don't use it on a day-to-day basis. It's not something that we really spend a lot of time reviewing. I just haven't had time to sit down with it.

Pros and Cons

  • "The initial setup was straightforward. We spun up the VM onsite. We generated the key that it needed to talk to the Cloud Orchestrator. After that, as I started adding devices, it was relatively quick and easy."
  • "The ability to see the uptimes on the different VPNs that we have configured for site-to-site."
  • "When logging into the device, we sort of had problems with it staying in sync. If somebody made a change onsite, it wouldn't do an automatic sync. It would have to wait, as you would have to do a manual sync up."

What other advice do I have?

It was just something for us to spin up and look through, then see if it was something that could benefit us from a policy perspective by pushing policy out. It might have been able to, but it was a little cumbersome to select firewalls. We just didn't go through and spend a lot of time with it. With the security features around storing firewall configurations in the cloud, I sort of go back and forth on it. you are putting a configuration out there on the cloud for somebody to read. However, it is a private cloud that Cisco manages, so all we can really do is hold Cisco accountable if…
Jeffrey Cherpeski
MITP-2 at State of Nevada Department of Administration Message
Real User
Top 5Leaderboard
Apr 22, 2020
Traffic queries help when troubleshooting a problem, especially if the traffic goes through two or more firewalls

What is our primary use case?

I am the senior network security engineer in an environment of more than 80 firewalls ranging from ASA 5506-X to ASA 5585-X and now to FortiGate 3960E. As part of this position, I need to be able to audit firewalls and ensure that they are compliant to a number of policies. Before AlgoSec, this was done in a very long, slow manual process, and it took days to audit even the smallest firewall. With AlgoSec, I can run a compliance report and see exactly where that firewall falls short.

Pros and Cons

  • "Traffic queries are a great help when troubleshooting a problem, especially if the traffic is going through two or more firewalls."
  • "The initial cost was high for us, but we have always been behind the tech curve and cost has always been the limiting factor."

What other advice do I have?

It has saved my bacon a number of times and is a great arrow to have in your quiver of tools.
Mohamed Sharaf
Security Consultant
Consultant
Aug 27, 2019
Improves management abilities by simplifying the implementation of policies for all branches

What is our primary use case?

Our primary use case of this solution is jack monitoring and file management.

Pros and Cons

  • "What I like most about this solution is that it allows me to push multiple policies on multiple followers at the same time."
  • "Customer support can improve."

What other advice do I have?

I will recommend this solution to others because it is a good solution, but only if you are using multiple files and not only two or three files. You should have at least five files for this solution to be right for you. I rate this product an eight out of ten. Easier implementation with other solutions will increase my rating. In the future, I would like to see additional features being able to install firewalls using remote sites and the ability to do initial configuration using Panorama. I would like this initial configuration to be copied on USP and have the firewalls configured to connect…
Get our free report covering Tufin, AlgoSec, Skybox Security, and other competitors of FireMon. Updated: January 2021.
456,719 professionals have used our research since 2012.