FireMon Room for Improvement

Daniel James
Security Engineer at a transportation company with 10,001+ employees
The current health and monitoring of the devices is atrocious. I know of several engineers within the company to whom I've mentioned this to and they say, "I know, I've been telling the devs that." They would back me up on my statement. Here's the bad part, and it's hard to articulate without having like a visual that you and I are sharing. But imagine you have a list of 200 devices, and you can grade each of those devices as either green, yellow, or red. However, there might be three different reasons for you to go to red, or eight different reasons to go to yellow, and all of those things could be combined. As long as all of them are good, that's the only way that you're going to get green. Out of all those categories, I only find one or two of them that are, perhaps, pertinent. I only care if it's not communicating at all, or it hasn't communicated in the last 48 hours. If the last time that it pulled down information it took three minutes instead of one minute, I don't care about that. The way that the health and monitoring works right now is that for all these devices, instead of breaking out all those different things, or allowing me to judge what I think is pertinent or not, I have to see the lowest common denominator. I might have 40 percent of my devices saying that they're in a critical state, when in reality, according to my standards, maybe only five percent of them are. I don't have the time to sit here and click on a dropdown and dig into 100 different devices every day of the week. Essentially, because of the way it works right now, I don't resolve something until I've become personally aware that a firewall isn't communicating with FireMon at a given time. It's not something that is optimized so that an engineer can run a report, take screenshots, and make a little run-book to hand over to level-two support and say, "Here, you guys do this every day as a repeatable process. Make sure that if we have any issues, we open tickets about them." Right now, the overhead of conducting a thorough day-to-day assay of the health of our environment would take several hours. Functionally and logistically, we just can't accomplish that goal right now. View full review »
Orlando Paulino
Information Security Analyst at a retailer with 10,001+ employees
We're working on implementing FireMon with our ticketing system service now. Having that would be an improvement. I believe they said that they are working on that for the future. That would help us out a lot. For example, when somebody wants to open a request for a firewall change, we'll go through ServiceNow, and then go through FireMon, make the changes, and make sure everything is recorded, who did it, etc. View full review »
NetworkSad34
Network Security Engineer- Senior at a financial services firm with 1,001-5,000 employees
Some of the core functionality in our environment doesn't seem to work. We will get buggy code releases. They need to work on their Q&A of every code release. Too many bugs pop up between releases, and that's where I would like to see the most improvement. View full review »
Find out what your peers are saying about FireMon, Tufin, AlgoSec and others in Firewall Security Management. Updated: September 2019.
371,062 professionals have used our research since 2012.
InfoAssu7204
Info Assurance Engineer at a aerospace/defense firm with 1,001-5,000 employees
The AWS integration is still not mature for us to use. It is just not ready for our use case for AWS connectivity. Therefore, it does not provide us with a single pane of glass for our cloud environments, because we can't manage our cloud environment with the tool. The map needs improvement in our network. The tool should be able to map out the path of flow from one firewall through our network. However, it does not understand our routing environment, so it cannot do that for us. We would like it if this solution could provided us with end-to-end change automation for the entire rule lifecycle, but the map feature cannot support our environment, for now. View full review »
Chris Goodrich
IT Security Architect at a financial services firm with 1,001-5,000 employees
We had a few minor issues with it. However, it's worked pretty well for us overall. View full review »
it_user560244
Clinical Systems Engineer So Cal Regional Office at a healthcare company with 1,001-5,000 employees
A phone app would be nice. This is the reason why it is not perfect yet. View full review »
Shabeer Chundaparambil
Manager Security Solutions with 10,001+ employees
Continuous firewall policy improvement should available out-of-the-box for firewall operation. We are also looking for more integration with SIEM and other tools. View full review »
Find out what your peers are saying about FireMon, Tufin, AlgoSec and others in Firewall Security Management. Updated: September 2019.
371,062 professionals have used our research since 2012.
Sign Up with Email