FireMon Overview

FireMon is the #6 ranked solution in our list of top Firewall Security Management tools. It is most often compared to Tufin: FireMon vs Tufin

What is FireMon?

FireMon, the only agile network security policy management (NSPM) platform, brings visibility, control, and automation to enterprise cloud and hybrid network infrastructures.

  • To drive agility across hybrid networks, the headless orchestration API allows customers to integrate with any existing system or process including IT Service Management platforms like ServiceNow, Security Orchestration Automation and Response (SOAR) tools like Splunk Phantom and Palo Alto Cortex SOAR, and DevOps platforms like Red Hat Ansible and HashiCorp Terraform.
  • To drive security efficiency and eliminate misconfigurations caused by complexity and manual processes, the platform addresses inefficient rule creation and change processes, delivers risk assessment of change through pre-change simulation and provides policy change recommendation.
  • To meet scale and heterogeneity requirements, FireMon normalizes policy across thousands of firewalls, devices, and cloud security groups through a single interface.

FireMon customers routinely experience up to 90% improvements in network security policy efficiency while eliminating common misconfigurations which lead to breaches and compliance violations.

Buyer's Guide

Download the Firewall Security Management Buyer's Guide including reviews and more. Updated: June 2021

FireMon Customers

Convey, MGM Resorts International, Southwest Airlines, Alkami, Costco, Aetna, IBM, Salesforce, Verizon, Wells Fargo

FireMon Video

Filter Archived Reviews (More than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Daniel James
Security Engineer at a transportation company with 10,001+ employees
Real User
Reporting features help us close visibility gaps and decrease auditing time

What is our primary use case?

We use FireMon for compliance reporting. Also, because it provides a roadmap for us to start doing workflow automation - not to be confused with other forms of automation that occur in the firewall realm - we use it to see the processes and procedures that we can automate and enforce. These include approval processes, review processes, and pre- and post-implementation validation.

Pros and Cons

  • "The most valuable feature is the reporting capability because everything that we do is a result of our being able to query a report, based on our environment and our PCI compliance efforts."
  • "The current health and monitoring of the devices is atrocious... Imagine you have a list of 200 devices, and you can grade each of those devices as either green, yellow, or red. However, there might be three different reasons for you to go to red, or eight different reasons to go to yellow, and all of those things could be combined... Out of all those categories, I only find one or two of them that are, perhaps, pertinent."

What other advice do I have?

The best advice that I could give, honestly, would be not to look at a product for a short-term goal. Speak with the vendor about the maturity model that you want to go down and the roadmap that you have for your organization. They have a lot of different components and products that complement each other. I'm still waiting to do stuff now or next year that I wish I could have gotten funding for three years ago. If you're going to engage and move forward with something, try to future-proof what you're signing yourself up for. Take into consideration where your roadmap is taking you. If there…
Orlando Paulino
Information Security Analyst at a retailer with 10,001+ employees
Real User
Helps us clean up our firewall rules and has reduced our overall audit time significantly

What is our primary use case?

We use it to go through unused rules, for cleaning up stuff. We have a bi-weekly meeting where we go through firewalls and look for any unused rules or any rules that are redundant and any high ports that are being used that we're not supposed to use.

Pros and Cons

  • "The Security Manager part of FireMon... gives me an eye on everything that's out there, everything that I cannot see. Because I'm not a network admin, I cannot go to a firewall itself, but at least I have FireMon so that I can go in and view everything that I want to view. And I can eliminate whatever I see that is wrong,"
  • "We're working on implementing FireMon with our ticketing system service now. Having that would be an improvement."

What other advice do I have?

In terms of what I've used so far in my career, FireMon is one of the best. Try it out, it won't hurt. Give it a shot. It's the best, for me. It has everything that any company would need. It's easy to navigate, there is a lot of helpful stuff in their User Center, in their Knowledge Base. Everything's there. You don't really need to bother them a lot. If you want to know something, they have documents in their User Center. It's a very good product. In terms of FireMon's cloud support automation for public cloud platforms, we did ask for that. We are actually going to the cloud in a few…
Find out what your peers are saying about FireMon, Tufin, AlgoSec and others in Firewall Security Management. Updated: June 2021.
513,091 professionals have used our research since 2012.
SW
Network Security Engineer- Senior at a financial services firm with 1,001-5,000 employees
Real User
Enables us to very easily identify and remediate firewalls that have overly-complicated rules

What is our primary use case?

We use it for firewall cleanup, redundant rule removal, and unused rule removal. We are using the solution to identify anything that might have overly permissive rules or things outside of PCI compliance. We use it to proactively find those kinds of issues. There's more we could be doing with it for sure, we just haven't had the time yet. We currently have it covering every single firewall we have, which is a lot. There are potential plans to add routers and switches into it again, or even start adding in hybrid cloud solutions, things like that, that we won't be able to see. Honestly, we… more »

Pros and Cons

  • "It provides us with a single pane of glass for our on-prem environment, to see configuration. We have not implemented into the cloud yet. We can search for an object group and see where it lives on any firewall in the enterprise or find security rules, no matter what firewall they're on."
  • "Some of the core functionality in our environment doesn't seem to work. We will get buggy code releases. They need to work on their Q&A of every code release."

What other advice do I have?

Make sure that you get the correct hardware for whatever size environment you have. End-to-end change automation for the entire rule lifecycle is not something we're using yet. It's something that I'm looking to get a beta for. There are about 20 people currently using the solution. However, the functionality allows us to extend the information that FireMon can gather out to hundreds of people, if not more. In some ways, there are hundreds consuming the information that FireMon gathers, and using it in some way. Network security engineers are the primary consumers, and network engineers are…
it_user883929
Manager Security Solutions at Retail/Food Business
User
The most valuable features are Policy Optimizer and Firewall Manager for different brands of firewall

What is our primary use case?

Optimizing and cleaning firewall rules and objects to maintain the security of the firewall and other devices.

How has it helped my organization?

Not experienced yet with the product. We are still doing our evaluations and having other discussions with different vendors to understand product capabilities.

What is most valuable?

The Policy Optimizer and Firewall Manager for different brands of firewall. 

What needs improvement?

Continuous firewall policy improvement should available out-of-the-box for firewall operation. We are also looking for more integration with SIEM and other tools.

For how long have I used the solution?

Trial/evaluations only.

What other advice do I have?

The version is an important choice for the product.
it_user560244
Clinical Systems Engineer So Cal Regional Office at a healthcare company with 1,001-5,000 employees
Vendor
Easy setup, where a non-IT person can install the tool

Pros and Cons

  • "Vendor agnostic when it comes to integrating with other product."
  • "A phone app would be nice. This is the reason why it is not perfect yet."

What other advice do I have?

It is a very versatile and sustainable product.
ITCS user
IT Security Consultant and Platform Architect at a pharma/biotech company with 10,001+ employees
Consultant
Policy test and access path analysis tools in Security Manager enable me to find existing firewall policies quickly, troubleshoot, or to help choose the optimal path for proposed rules.

Pros and Cons

  • "Policy test, access path analysis, and change reports."
  • "Policy Planner requirements section is good, but could use some improvement to allow flexibility to enter different types of requests (modifying an existing policy, object or service group, for example) in a structured task format that can be auto-verified."

What other advice do I have?

Review your current operational requirements and processes well, and determine what can change, internally, to take full advantage of the standard FireMon processes.
it_user494268
Information Security Analyst at a financial services firm with 1,001-5,000 employees
Vendor
It was valuable for auditing purposes.

What other advice do I have?

There are very few products that can do what FireMon can. I would definitely recommend it if there is a need to review firewall changes.
it_user642174
Information Security Officer at a university with 10,001+ employees
Vendor
The ability to audit our firewall rule base allows us to determine which rules can be removed.

What other advice do I have?

FireMon is a very good product; is a slippery slope in terms of deployment. It can monitor all of your network devices and firewalls. I would imagine a lot of people probably use it for that. We are a small organization. From a cost and work standpoint, we only wanted the ability to audit and manage our firewall rule sets. It’s been good for us in that way. People need to think about what’s important to them based on a monitoring point of view, which is regulation-based. That wasn’t an issue for us. I recommend that people considered the best-sized solution for them. Give it a try. It’s worked…
it_user617493
Network Support Systems Manager at a retailer with 1,001-5,000 employees
Vendor
The most valuable features are change management and getting alerts from the system. The web interface requires a learning curve.

What other advice do I have?

You should definitely look into how many Syslogs you're getting. There is a limitation on how many Syslog messages it can handle per second. We felt in a more distributed environment, it allowed us to support our network more adequately. Even in the main data centers, we usually had three or more collectors in order to deal with the amount of Syslogs we're sending. We also had to include a few different offices that required their own implementation of data collectors. This company does a pretty solid job and they're constantly striving to improve their products.
it_user613533
Sr. Systems and Network Engineer at a recruiting/HR firm with 1,001-5,000 employees
Vendor
The most valuable feature is more or less the ability to look for the shadowed-based rules or rules that are being used.

What other advice do I have?

Definitely, you should look into how many syslogs you're getting because there is a limitation on how many syslog messages it can handle per second. We felt in a more distributed environment, it allowed us to support our network more adequately. So even with our main data centers, we had to usually have three or more collectors in order to deal with the amount of syslogs we're sending. We also had to include a few different offices needing their own implementation of data collectors. This company does a pretty solid job and they're always constantly wanting to improve their products.
it_user616515
Sr Network Security Specialist at a government with 1,001-5,000 employees
Vendor
The most valuable features are the reporting for change control as well as rule utilization.

What other advice do I have?

When using this product, you have to spend time understanding not only how it was installed but what information you can get from the product. The customization of reports, whether they can be automated or on demand. So just getting a better understanding of what you can get from the application is useful.
it_user617394
3rd Line Senior Engineer (Security) at a comms service provider with 10,001+ employees
Vendor
We use it to run reports that show unused tools and unused objects. Removing the CSV export functionality seems to me to be like a step backwards.

What other advice do I have?

I don't know what advice I would give to others. We are having a lot of problems with the licensing, to be honest. So, there's an issue with the UK and US date format. When we renew our licenses, I don't know whether it's through our distributor or whatever, but they keep changing the format. In the American date format, you put the month first, then the date, then the year. In the UK we put the day first, then the month, then the year, and they keep flipping the dates over so we lose about three or four months on the licensing every time. We have to go back to our salesperson to get that…
it_user620586
User at a financial services firm with 501-1,000 employees
Vendor
The Security Manager is the most valuable feature. It's been pretty stable.

What other advice do I have?

I think it's a good product. It's very stable. It's quick and it's easy to learn. It's easy to run reports. There are a lot of reports that you can run. That helps the management of your firewall.
it_user617388
User at a financial services firm with 1,001-5,000 employees
Vendor
We use the forwarding capabilities and we use it for cleanup.

What other advice do I have?

If someone asked me for advice, I would definitely say that it would help them, especially with being able to navigate through if you have a complex rule set. I would definitely suggest FireMon. It's been extremely helpful for us to have. Even though they're missing a few functions, it's still workable from our standpoint. Being able to export to Excel isn't a huge turnoff. It's a nice feature to have but I would definitely suggest purchasing FireMon. Especially if you have a large environment where you're trying to trim down your rule base, you're trying to optimize your firewall, or you're…
GI
Technology Engineer at a financial services firm with 501-1,000 employees
Real User
With the change control functionality, we can track firewall rule changes made outside of change windows.

What other advice do I have?

From what I've seen of the product, it's fairly robust. Making sure to know everything that you want monitored, to get the proper licensing upfront, is probably the biggest thing. If you're only strictly wanting to do firewalls, make sure you get the right licensing that will match your firewall capabilities. If you want to match a more cross-spectrum of your devices, get licensing to support that. The biggest key is making sure to get all the licensing you need for the devices you want upfront.
it_user600747
Security Engineer at a logistics company with 1,001-5,000 employees
Vendor
Assists us in our ability to review and validate firewall rule changes and implementations.

What other advice do I have?

Consider investing in the policy planner. Further integration with a ticketing solution is on our roadmap. I certainly wish it was something we pulled the trigger on years ago.
it_user453555
President at a tech services company with 51-200 employees
Consultant
efficient way to clean the firewall from unused, redundant, shadowed rules that create unnecessary risks and impacts performance.

What other advice do I have?

The customized workflow is worth it. If you are considering to migrate to new firewalls, implement FireMon because it will make your migration much easier. Also, cleaning up some slow firewalls will help you extend its life.
it_user587580
Network Security Engineer at a tech company with 10,001+ employees
Vendor
The security management feature allows us to look inside the firewall and see things that the firewall doesn't report.

What other advice do I have?

Don't be scared to contact the SE. My SE and I have a very good relationship and we bounce ideas off each other. Leverage your resources. It's not really a complex product to deploy. Use the User Center. There's a lot of great info there and a lot of your questions can be answered in the User Center. General recommendations: Make sure that the firewalls you have are supported. Make sure you know how many firewalls you have. Go with the mindset of what you want to do; general project management-type stuff. Everything's working fine. The only thing is the automated updates. I’m not giving it a…
it_user588591
Enterprise Security Architect at a insurance company with 1,001-5,000 employees
Vendor
The normalization of the rule sets across different firewall platforms is valuable. Version 8 wasn't ready for prime time.

What other advice do I have?

Just like any other IT product on the market today, everything is green grass and high tides. Everything is beautiful. During the sales process, it's all, "Oh, just do this, do that." It's a little more than that. It's a little more complex and a little more effort than just, plug it in and go. I think that's the mistake of many of the sales teams; that they sell the ease of implementation. I think they should just be straight up and honest with the purchaser, saying, "Look, it's going to take some effort and you're going to have to understand your environment. You're going to have to…
ITCS user
Conseiller sécurité des TI at a tech services company with 1,001-5,000 employees
Consultant
It is possible to highlight differences between policy revisions.
it_user563418
Network Security Architect at a healthcare company with 1,001-5,000 employees
Vendor
Recently we’ve decided to utilize the policy review capabilities to automate our periodic firewall rule review process.

What other advice do I have?

Perform the installation and utilize FireMon support to optimize the installation. Perform a post installation review of the configuration a couple of months after it’s implemented and running so that you can decide what features to use, which are useful. There are a lot of built in features that aren’t apparent until you get the whole system set up, all of your devices discovered, and the system collects information for a few weeks.
it_user494874
Network Security Sr. Advisor at a tech services company with 1,001-5,000 employees
Consultant
It’s helpful during our firewall and network devices audit.

What other advice do I have?

It is a good solution for audit trails and end-user visibility.
it_user494046
Information Security Engineer at a energy/utilities company with 51-200 employees
Vendor
It helped us identify unused rules, reducing the load on the firewalls.

What other advice do I have?

Check the renewal cost, and determine whether the Risk Management Module is mature enough and whether GUI crash issues have been fixed or not. Maybe for small companies, it comes up fine, but for large environments, it might cause issues.
it_user501963
Systems Engineer at a tech company with 51-200 employees
Vendor
It provides clear visibility of our firewall, and clear auditing of each firewall rule and changes.

What other advice do I have?

Prepare the necessary details and make sure you configure the needed firewall according to their guide for a smooth implementation.
it_user489861
Regional Manager Enterprise Data Infrastructure and Information Security at a comms service provider with 51-200 employees
Vendor
RA excels at identifying risk exposure areas.
it_user456099
Information Security Engineer at a insurance company with 1,001-5,000 employees
Vendor
It allows us to monitor and assess our network and provides proactive security intelligence.

What is most valuable?

It’s provided us with proactive security intelligence so we can act before we have a security breach.

How has it helped my organization?

FireMon allows us to monitor and assess our network, giving continuous visibility into and control over firewall infrastructure, network security policies and underlying IT risk.

What needs improvement?

The reporting needs some improvement to ensure that we are provided with consistent data accross each firewall device on the network.

For how long have I used the solution?

I’ve been using it for two years.

What was my experience with deployment of the solution?

There were no issues with the deployment.

What do I think about the stability of the solution?

We had no issues with the performance.

What do I think

it_user448857
Security Consultant at a tech services company with 501-1,000 employees
Consultant
Rule comparison and filters are an easy way to check if you policy is concise and clean.

What other advice do I have?

Be sure you read all the specs, and test the application as deeply as you can to ensure it meets all your requirements.
it_user456090
Senior Network Security Engineer at a local government with 1,001-5,000 employees
Vendor
In addition to firewall auditing, we use it for rule traffic analysis, traffic flow discovery and hidden/shadow rules.

Pros and Cons

  • "Firewall auditing is very important. We also use the solution for rule traffic analysis, traffic flow discovery and hidden/shadow rules within over 100 firewalls spanning five different brands."
  • "One area for 7.x customers that needs improvement is the migration. It is an involved process so get ready to spend some time getting your environment back to the way it was."

What other advice do I have?

Like any implementation, take time and plan. Engage users and stakeholders letting them know what this system can do and get it integrated within the organizational ecosystem. Like any solution, if it isn't used you simply don't get that potential dividend.
it_user273759
Network Engineer at a tech services company with 501-1,000 employees
Consultant
It allows you to put expiration dates on ACL's to remove unneeded exceptions, but network maps need more improvement.

What other advice do I have?

Using this product allows firewall administrators to quickly find a problem with their firewall configurations. It allows the administrators to also look for open services that should not be allowed. One of the most useful features is the ability to use policy trace. If you work in an environment with multiple tiered firewalls you can look at exactly what ACL’s the traffic is going through on each firewall without having to have permission to those firewalls. It is a smart move to make and makes the administration and troubleshooting of ACL problems clear.