It's so quick at finding redundant and shadowed rules. I used to have to do that and I would have to yell at people to stop bothering me because I needed my complete concentration to do it. And there was still human error. FireMon saves all that time and eliminates that human error.

Also, in terms of our compliance reporting process, they would give us a week and we'd pull all the configurations of all the firewalls and send them off to someone like me who would go through them and say, "Hey, this is not good. Take a close look at this. Why is it any-any?" People would have to go back and look at the firewalls to see if that was a business risk or not and, if it was, have the company sign off on it as a business risk. That would actually take up to about six months of going back and forth, giving people weeks at a time to respond.

With FireMon Security Manager, I can create a report and send it off to the customer and say, "Here are the 98 rules that put you at high risk. Are these needed?" They look at them and say, "Oh no, that application is gone, you can get rid of that." Or they say, "Yep, this is an acceptable risk." I then say, "Okay, I'm going to be back in a year," and I mark it as "acceptable risk, by so and so." A year later I can go back and say, "Is this still an acceptable risk to you?" It makes our compliance so much easier when compared to having to do it manually. I would recommend everybody get this tool just for that aspect.

A module that we have to pay for, because we're using FireMon Security Manager, helps automate firewall policy changes across large, multi-vendor enterprise environments, and it's the only solution that does that. The rest of them are so labor-intensive that this would probably save 70 percent of that work time. It enables us to make changes company-wide. Suppose one of our clients has 60 firewalls. We can do a company-wide firewall update within about two hours if they have multiple brands of firewalls. We can do it in about 30 minutes if they only have one brand. When we had a person logging in to manually do it, it would take them at least a day for 60 firewalls. Now, if it's Palo Alto, we can do it in half an hour. If it's Fortinet, it can take us an hour and a half.

We have about 20 customers and we're saving at least a day of time for each one of those customers. Within one day, we can do what we used to do in two weeks. That's very significant because we were looking at hiring more people. FireMon has reduced the need for that. As our people become more and more efficient, we can actually have more and more customers without having to increase our labor force.

The solution can also talk across on-premises, cloud, hybrid, SASE, and SD-WAN environments. You need the path. Once you have the path, which most of the time is going to be a VPN tunnel if it's over an untrusted area, you can do anything. That makes it one pane of glass. For example, in the past, if it was on-prem and in the cloud, I would have to do an on-prem pane of glass and a cloud pane of glass. Now I can do it in one pane of glass and it's less labor-intensive and much faster.

You can even automate the cleanup of firewall rules in a large, enterprise environment. That's the nice part about it. You can say, "Here are 100 rules I want you to disable," put in the IP addresses, hit enter, and it pushes that out to the 60 firewalls. It takes time, but you walk away. You've saved tons of time while it's doing the process for you through automation. I can't see working on more than one firewall without having this tool.

If you make a mistake on one IP address, and you push it out to 60 firewalls, instead of bringing one down, you could bring them all down. You measure twice and cut once. You verify, you make sure you have the stuff in there. Then you have a second person to look at it and, when you both agree, you hit enter and you know you're not going to bring the system down. That actually takes a little bit more time because it's a two-person activity where it used to be just one. We used to bring down a firewall once a month and now we don't do that. We're saving at least one outage day and then another day of apologizing.

FireMon has been helpful because we have been able to meet our compliance risk management targets. We have been able to satisfy our auditors, internally and externally. 

FireMon has helped automate firewall policy changes across large, multi-vendor enterprise environments. This has been helpful for keeping a good inventory of the changes. Everything is well-documented. It also helps us to be mindful before we make any changes that everything is audited. Since we are a global environment, we can't see everything. We have many people working on different devices.

We are presently utilizing the automate firewall policy changes for our firewall and internal network devices.

The cleanup of firewall rules in our environment has been very helpful. We can go back and ensure we have uniform rules across different firewalls.

The real-time compliance management is excellent. It's something we prioritize in our efforts to comply in real-time. We have established some rules following the PCI guidelines as we are currently working towards achieving PCI compliance. These rules serve as metrics for us to assess our progress. We believe that real-time capabilities are essential and exciting for our organization.

FireMon alerts us whenever there are new rules or changes to existing ones. I have set up some reports that arrive in my inbox daily, providing me with a summary. So, if there are any changes within the environment, I am notified. I believe that FireMon can also notify us before a change is made in our environment.

The compliance reporting process does not require much time or effort, as long as we know what we are doing.

FireMon helps automate firewall policy changes across large and multi-vendor enterprise environments.

FireMon provides us with a dashboard view that shows an overhead view of all our redundant rules, along with our own user rules. With this information, we can generate reports and focus on specific criteria we are interested in. By doing so, we can easily identify rules that are actively in use, while also being able to spot duplicates and other elements that aid in cleanup efforts.

FireMon helps us save time when creating, approving, and deploying firewall policies. For instance, when we deployed certain rules, they resembled penetration testing scenarios. The reports provided us with the capability to monitor activities in our network and effectively save time. Consequently, we could easily share these reports with the networking team, enabling them to promptly remove the identified rules, rather than having to conduct extensive and time-consuming investigations.

FireMon helps to reduce misconfiguration, which can increase risks in our environment by at least ten percent. For example, it achieves this by not deploying specific rules that are overly permissive.

FireMon assists in identifying risks within our environment and prioritizing fixes for those risks. This is an essential feature of our organization.

In the past, we've had thousands of firewall rules that came from legacy applications and many years of work. FireMon has helped us to clean up those rules and to manage them properly. We can decommission rules that are old and outdated or clean them up. And we can work on the ones that are not functioning properly or that are configured improperly, to make them compliant and useful to the organization. It has helped us to manage multiple firewall rules and remove legacy ones that are not useful.

It helps by automating the process of cleaning up firewall rules in a large, enterprise environment. It's not done manually, which is a process that is more prone to errors and takes more time. When it's done manually it's more tedious and requires multiple resources dedicated to doing it. It helps reduce the time involved, increasing the efficiency and reducing the cost, as well as making the job more accurate.

The same is true when it comes to accurately creating, approving, and deploying firewall policy rules. It reduces the effort by 75 to 80 percent, compared to how we used to do it before we got FireMon. And we get that same percentage reduction in effort, 75 to 80 percent, when changing firewall policy rules.

It has also been very helpful in terms of the time and effort required to create compliance reports. Previously, when we used other applications or did it manually, we were not able to finish our work efficiently and on time. FireMon has helped us to cut the time it takes to do auditing and reporting of firewall rules, and increased our efficiency. 

It has cut both the man-hours spent as well as the number of staff members who are dedicated to firewall policy changes and the firewall policy update process, because it enables automation and simplifies the task. The reporting is also more efficient and more correct and useful.

FireMon has decreased errors and misconfigurations, issues that had increased risk in our environment, by 75 percent.

It also identifies risks in your environment and helps to prioritize fixes, if you have the necessary set of eyes to look at the rules and the resources. When FireMon gives you reports on what's going on in the environment, you assign staff members to rectify whatever issues it has reported and proactively prevent issues from arising in the future. It has improved our security posture drastically, and cut down the cost related to having third parties manage those things. We can do some of those things in-house. It has improved our security posture and senior management is happy because of that.

Using FireMon has sped up our process a little bit.

We had a fairly big hiatus where we weren't really utilizing it to the degree that we wanted. This is because, after the upgrade, there were a few critical things that broke. We worked with FireMon to alleviate those issues and to get them fixed. Now, it's to the point where it was before the upgrade, and we're trying to utilize it more for what we need. This includes compliance, security checks, and a lot of cleaning up.

In terms of cleaning up firewall rules, FireMon helps in the sense that we can determine which rules are justified. One of my teammates actually created a script using the API to pull all the rules for a few of the core devices. Then, we give them to the respective group within the organization to look at and audit. This is something that is done on an annual basis. In that sense, we have started to utilize FireMon a lot, and it gives users a clean look at all of the firewall policies they have and provides them the opportunity to justify them. That helps cleanup because anything that's not justified or that needs to go, we can submit a request and get those taken care of.

For creating, approving, and deploying firewall rules, FireMon saves us time when it comes to the troubleshooting aspect. When there are issues with blocks that happen for users, or if they are trying to go from one end to another end, either outside the internet or internally, FireMon homes in and helps us. We use FireMon more for this, rather than to audit specific rules.

We are using it read-only right now, so it helps us to find the policy in question that could be the cause of the issue, but we alleviate it by submitting a request. There's a lengthy process for validating and verifying requests that come in, so the product doesn't save us time in this regard. We have the visual but then we tell the respective team to handle the writing on the device.

Using FireMon has decreased errors and misconfigurations that would have otherwise increased risk in our environment. I can't estimate an exact number but when we did the initial cleanup a year ago, on the core devices it helped us to eliminate rules that weren't really being used. It was between 300 and 400 rules per device, which is a significant amount.

FireMon has helped us to identify risks in the environment and to prioritize the fixes. This is mainly with some of the security blocking rules that we have, which are pretty intense. Firemon found issues where they were blocking too much or too little. It didn't have a very large impact on our security posture because we have other security tools that we're utilizing for intrusion detection, as well as other vulnerabilities. Because we're using it read-only, its primary use is as a monitoring solution. It doesn't do too much but does help with finding security issues before something goes wrong.

With respect to compliance management, this product does cover some of the compliance factors, although not all of them. For example, in terms of accountability, it has all of the data available for third-party rules and auditing. It can produce a comprehensive report. However, compliance has its own set of requirements.

We planned on having divisions for about 400 days but at 700 gigabytes, the file size was too large and it was interfering with our database backups. Consequently, we had to cut it down to 100 days, which means that we're missing 300 days of divisions. The fact that we no longer had a complete view of 400 days of data was a setback for us. Otherwise, the metadata has been pretty handy.

We do not run assessments on new firewall rules before they are deployed, but we can set it up in such a way that compliance can be checked automatically once we push a rule to the firewall. If there is a problem then the new rule will be flagged. As it is now, we do all of the compliance assessments manually. The reason that we don't use the compliance module in FireMon is that it creates a heavy load on our CPU.

Prior to FireMon being implemented, the company had Tufin running to conduct assessments. They were flagging some rules, based on the subnet categorization that is defined in Tufin. However, those kinds of assessments were not really accurate. They also weren't making any changes to the rules that were problematic.

When they brought in FireMon, we started to run reports that are pretty precise. They were more accurate, and based on the firewall zone definitions. We began to flag rules that made sense and we also started to analyze them. Afterward, we were able to get rid of a lot of risky rules. There were a lot of shadow rules identified that we cleaned up. The agenda was to make sure that the security compound or security footprint within the company is safe.

For this task, FireMon has been very helpful in terms of flagging such rules so we can drop them and improve the security of the infrastructure.

FireMon has improved our compliance process in terms of the time and effort required to create compliance reports. As far as the rule recertification is concerned, it's made it easier for us because it's just one click to explore the metadata of each firewall rule and its information. For example, we use owner fields, technical descriptions, review dates, next review dates, and exceptions, if there are any exceptions. With all of the metadata in place, it can be given to the compliance team.

This solution has helped us to decrease errors and misconfiguration that increased risk in our environment. By using the system that we did to flag risky rules, we were able to identify problems and mediate or eliminate them. We are still working on this but at this point, we have completed 80% of our cleanup. It has been helpful.

FireMon helps to identify and prioritize fixes, although we do the repairs manually. This is something that is necessary when you consider our network and how our firewalls are configured. FireMon does provide suggestions and we make use of them, but we conduct our own manual analysis in addition to the reports. This acts as a valuable double-check for us, which is very important for our security posture.

FireMon really helps save time with the reports that give you visibility into what's going on with your network. We were able to pull a report and give it to the networking team and they were able to remove those rules, as opposed to having to dig deep and spend hours on that.

It has also definitely helped decrease errors and misconfigurations. For example, we had certain rules that were overly permissive. We were able to redress those rules and make them more specific. We have seen at least a 10 percent reduction in misconfigurations.

FireMon automatically warns us when new firewall rules, and changes to existing ones, violate compliance policies before they are deployed. We find this valuable as well, especially from the compliance standards where it has real-time change detection and FireMon watches the firewalls. Whenever there is a change that breaks compliance, we get that immediately. At the same time, whenever you are planning a change inside FireMon, it won't let you make that change when there is a compliance issue that they found.

We have built-in change reporting in Security Manager, which is very helpful. Whenever we have a scheduled change report, we use that as an opportunity to review the report and do a technical review of the changes that were made.

It does a search whenever you are planning a rule in FireMon. So, if the traffic that you are trying to create a rule for is already allowed, FireMon will tell you. This will save you the time of trying to create a duplicate rule if you already have a rule that would allow the traffic.

Firewalls are very complex, and FireMon allows us to identify a firewall rule that may have a lot of sources, destinations, and paths, and identify various high-risk ports and high-risk situations that either shouldn't be implemented or need to be rectified prior to implementation.

It has not really saved us time yet because there is still some pretty significant manual intervention involved. We haven't implemented it on all firewall types yet because we have hundreds and hundreds of firewalls that do different things and because different firewalls have different risk conditions. But for the ones we have implemented it on, while it doesn't really save time, per se, it does provide higher visibility into high-risk situations, which were very difficult to identify before. As a result, it has decreased risk.

FireMon saves us a lot of time and it's nice because if you're adding a rule that's similar to another rule, it'll tell you so sometimes you can just edit the one and add another source or destination in there without creating a duplicate rule. It enables us to consolidate and have fewer, more meaningful rules. We're saving around 30% of our time.

Using FireMon means that we can quickly implement new firewall rules.

FireMon provides the capability for automating firewall policy changes. This helps to reduce errors and overall expense, which are the most important things for our company right now.

Prior to using FireMon, we had to use another procedure that would check every rule that we created. Now, we don't need to do this anymore. Everything is done automatically.

By using the Policy Planner when we are going to create a new rule, it will stop us if there is a similar one that has already been created. Often, we don't have to create new objects because we can reuse the ones that are already in place for the firewall.

FireMon helps us to reduce our policy rule set by cleaning up unused and redundant rules. Prior to using FireMon, our firewall had approximately 10,000 rules. After the cleanup,  that was cut in half to approximately 5,000 rules.

Because we are using automation, FireMon has reduced the time it takes to create new rules in our firewalls. It used to take approximately 15 minutes to create a rule, whereas now, with FireMon, it takes about 7 minutes.

FireMon saves us time when it comes to changing firewall policy rules. On average, we receive 16 tickets per day that relate to changing policy. All of these are now handled by FireMon, which means that we can spend more time on other activities or different operations.

This solution has improved our security posture because before implementing it, we had firewall rules with many sources and destinations. As it is now, our ruleset is very fine-tuned. We have only the source or destination defined that we need.

Any organization will have a best practice of looking at their firewalls at least once a year, going line-by-line. But whenever we have something like a PCI assessor coming in, we want to make sure we do our due diligence. We want to look at anything that has popped up, or that we might be unaware of, or that we put on the back burner, because it's impactful to the business. We can't really do that unless we can query our environment or set it up to keep us informed of everything that conflicts with our best practices. That's where we get the great majority of the value out of the product.

One of the most concrete examples of how it has helped our organization - and it's not the most spectacular example - is that with Security Manager specifically, we have the ability, as security engineers, to review and approve firewall rules before they are implemented, even though that task is performed by our networking engineers. What that allows us to do is maintain a separation of duties, which is very important for a lot of compliance checks. I can't be the person who makes a rule and the person who says that the rule that I just made is okay and up to standards. There's a conflict of interest there.

So one of the main things that adds value or improves the security posture of our environment is the ability to separate roles and responsibilities. As part of our processes, I can say to the networking team, "Submit to me what it is that you're planning on doing." Using FireMon, I can look at the firewall and the firewall rule without having to have access to the actual firewall. After they are done with their change, I can validate that what I said they could do matches what they actually did do. Having that mechanism as an option in our environment holds everyone up to a higher level of best practices, because they know someone can validate that they're not just doing whatever they want to do without anybody being the wiser about it.

The solution helps to close a visibility gap we previously had. That goes back to reemphasizing the fact that we're trying to maintain that separation between security engineers and network engineers. I don't want access to the firewalls themselves, but I am accountable for every rule that's on them. Everything we do goes through FireMon. Is it instrumental in my being able to see something and correct it? Absolutely.

Because of FireMon, we have found several instances of objects that were created where the intent was for it to be four ports, but it got fat-fingered and someone put in a much wider port range. It has helped us to identify misconfigurations. It has helped us to identify out-of-band changes, where stuff was done that wasn't necessarily approved. Because it has its own repository of industry best-practices, it has helped us to highlight hundreds of rules that have unwanted objects in them. If I don't have to spend two days walking through all of our firewalls to do that, and I can run a report that I know is pulling back authoritative information, then I'm able to accomplish more because of it.

It certainly helps reduce our overall auditing time. The alternative to not having the product is doing a manual review. What the product is designed to do is to show me everything that violates this standard or that rule. If I can do that - and even if I have to spend a day or two coming up with standards and the rules for me to check against - in two days I have the results that a manual process would take me several weeks to achieve. Now, cleanup still takes just as long. I can't say, "Fix all of these," and it automatically cuts tickets for me - yet. With proper future-proofing, optimization, and integration, it would be able to do that for us as well. But overall, it definitely helps reduce auditing time.

Another advantage is that is has helped to clean up rules that have not been reviewed in several years. There are thousands of rules every year that we clean up directly, based off of the reports.

To give more context to this answer, one of the main functions of anyone in security is: If we don't need it, we need to get rid of it. But there's always that battle between the needs of enforcing best practices and accommodating the business. Anyone who has ever used this solution, or competitors' solutions, or gone through a firewall cleanup process, has experienced this scenario: "Well, we deleted 300 rules and something broke and now we need to find out which of those rules we need to turn back on." And that happened because they were working from a report that they only ran once a month or once a quarter. What this tool allows me to do is not only disable unused rules, but to specify conditions like, "anything that is unused for at least six months, or at least a year." I can now put unused rules into different categories. Something hasn't been used in a year is very low risk. If it was used two months ago, there's a higher risk if I disable it. So it helps reduce potential impact, which is a unique feature.

For our PCI compliance audit this year, it was a better tool for us, with better real-time capabilities and better formatting for the reports that we needed. It has definitely made things more efficient by having a single console. We can run all of our reports from it, whether it's for the PCI environment or things that extend beyond that environment. It's very simple to use and it saves us time.

The "wheelhouse" of FireMon, and why we bought it is the effect it has on the cleanup of firewall rules in a large environment. We've had rules out there that needed to be cleaned up for a couple of years and we just didn't have an elegant way to do that. The solution has really helped make things more efficient and easy for the implementing teams to consume. It's been great for that.

While we didn't buy some of the additional tools that allow us to implement changes, it saves us time in accurately creating, approving, and deploying firewall policy rules. We get more value out of being able to compare what was done versus what the team said they were going to do or what was approved.

It has also decreased errors and misconfigurations that increased risk. It's hard to quantify by how much, but we'll catch something that wasn't done quite right or as optimally as possible in 10 to 15 percent of the things that are implemented.

FireMon's real-time compliance management is good.

The ability to evaluate the overall security measures of our organization is beneficial. However, not essential for small to medium-sized companies like ours. These features are also provided by OEMs. For example, Palo Alto and other firewall solutions offer similar features on their devices. This includes the ability to identify unused or excessively permissive rules.

Generating compliance reports is a straightforward process. These are auto-generated reports that are produced once we forward our traffic to the SIEM devices. The devices automatically generate standard compliance reports that we can customize if necessary. This feature is advantageous because it saves time and ensures that the necessary reports are generated.

FireMon can help organizations automate firewall policy changes across large multi-vendor enterprise environments.

FireMon can impact the cleanup of firewall rules in a large enterprise environment. With FireMon, it is possible to view shared rules and assign tasks to different users within our team. Additionally, tagging is available which allows us to easily revisit and save alerts on these rules. This feature is particularly useful for large organizations.

FireMon helps save us significant time by accurately creating, approving, and deploying firewall policy rules and eliminating duplicate rules.

FireMon helps us identify errors in misconfigured policies by displaying the errors in the dashboard allowing us to remove those rules.

We're able to push policy changes on a daily basis. Before, we had to schedule certain timeframes, but now we can push them throughout the day without having any issues. For us, it's only on-prem and for the cloud, but it does make things a lot easier to deploy.

Also, the cleanup of firewall rules in a large environment is a huge benefit. It allows us to stay current and get rid of all the junk that is in there. It's huge. 

It definitely saves us time in accurately creating, approving, and deploying firewall policy rules. And that is true as well for changing firewall policy rules. We're able to review them and either reject or agree with what the policies are trying to do.

Another advantage is that Firemon has decreased human error by taking all the human factors out of it. That's a good thing.

We want to eliminate all firewall rules that have FTP access on them. We don't want to use FTP any longer. With the help of FireMon, we were able to go in and check all the firewalls that have rules with FTP on them and we opened up a project with the network team so we could eliminate all those rules.

FireMon has been very helpful with closing visibility gaps we previously had. Since I got here, it has helped us dig into stuff. And whatever help we need, any projects we have that we haven't been able to figure out by ourselves, they have gone in and helped us out.

I called them once because I wanted to see if they had a report that I could run for rules that have not been used in 365 days. With their help, I was able to run that report and provide it to the network team so they could eliminate those rules that had not been hit in a year. The list I gave to the network team had 7,917 rules.

Finally, the solution has helped to reduce our overall audit time by about 50 percent. That's awesome.

Instead of having to utilize a manual review process, we can automate most of the process. Change notifications for our ASA firewalls that do not have built in change notification is also automated for us.

The firewall administrators have gained time back by using this tool, simplifying the firewall rule set. The solution helps to clean up rules which have not been reviewed in several years.

It gives us the ability to go to one place to look for potential firewall rules that are inappropriate, or which don't meet compliance. Instead of manually searching hundreds of firewalls for a policy, we can go to this one location and find the rules which are now out of compliance.

It streamlined the firewall policy change management process by having all firewalls managed in one tool, and a workflow customized to our needs.

Here are some of the ways change management has improved our organization:

• Ensures that proper change controls were enforced.
• Engineers can check if a change was implemented properly.
• Compliance can easily monitor the environment for potential PCI concerns.
• We can heavily leverage the solution for firewall remediation.
• We can pull policy reports from various technologies.
• We can standardize those reports for analysis.
• When we make changes in our environment, we can run usage reports to gauge impact before we make permanent changes to our rules.

We have some really complex firewalls out there, a lot of rules - too many rules. It's to the point where the firewalls become physically unhealthy. The config is so large that the hardware can't keep up. FireMon allows us not only to very easily identify those firewalls that might be getting overly complicated, but it also allows us to easily remediate those complications. It's probably saved us a lot of downtime that could have resulted from firewall issues caused by the config.

It helps close a visibility gap we previously had. For example, Cisco's primary firewall management tool, either using command-line or GUI, does not cover all the appliances at once. You have to go in one-by-one. FireMon is able to see across every appliance, in a single view and that makes it easier to manage things.

In addition, it reduces our overall audit time. I don't deal enough with the audit side of the house to know by how much it has been reduced.

Our firewall policies - we work under the standard ITIL framework - and project managers are very good at adding rules to allow their projects to work. However, they're not so good at coming back when the project is finished or the solution has been terminated and cleaning up the rubbish. So, if we don't use this product, we end up with thousands and thousands and thousands of rules, most of which aren't used.

For me, specifically, I use it for a lot of firewall migrations. We can see rule usage. On a project that I was on, we saw the rules on the migration. We pulled the rules out that weren't being used, and then we could take rules that were overlapping, join those together and make it more efficient.

The solution has helped when it comes to the time and effort required to create compliance reports.

It has also given me some confidence in the changes I make. Before, I was very hesitant to make changes or remove rules. Now, FireMon has decreased the time I spend on that by 50 percent.

FireMon has also helped us when it comes to misconfigurations that increased risk in our environment. That is something that I have just discovered recently, when using it.

Since our network is large, someone new like myself has a challenge when we need to make changes to permit certain traffic. Often this traffic will traverse multiple firewalls and FireMon can help demystify where needed rules need to be implemented.

FireMon makes it much easier for us to track firewall changes and perform audits. It has made our compliance process more efficient. Before we implemented FireMon we had to go into each individual firewall and check the rules. Now, we pull a report, and that's it. 

We can monitor and implement changes across different firewall vendors. It lets us clean up our firewall rules regularly, which we do as part of our audit. It helps us save time managing firewall policies. We don't make changes to our firewall policies through FireMon, but we use it to track changes across various firewalls. It makes our internal processes more efficient and improves our visibility. 

It reduces risks. Better visibility and cross-vendor integration give us more control and context about potential changes. Having a product for monitoring critical changes is crucial for our security posture. 

The time that it takes for us to do the review: Previous to FireMon, we would have to go through the firewall pretty much manually, every line. This took an incredible amount of time. With the FireMon product, we did notice a significant decrease in the time that it takes for us to do any type of review. Also, just a general report, if you have an inquiry throughout the year, without actually doing a full review, you can just go to FireMon and click a few buttons and it tells you what you need to know. There's no need to dig around and spend additional time. So, it's mainly time.

I can mention high-level stuff. Basically, it gives us visibility that we were lacking; having everything being able to be viewed in one pane of glass. Instead of having to go jumping all over the place into the different platforms, you can use the tool to get a single pane of glass view.

It's not a jack-of-all-trades product; it's very focused. It does what it does and it does it well. We use it that way. Basically, that's the reason we obtained it. That's what we use it for: to normalize the platforms all into one single view. A place for us to do our analysis, review of rules and things of that sort.

It's kind of a two-fold type thing for us. We were in the middle of a project, where we were migrating from one set of firewalls that were old to a newer set. So, this tool has allowed us to go through and identify rules that we could get rid off and allowed our rule sets to be a lot smaller than we originally had intended them to be. This helps us with our ongoing maintenance of our firewalls, so as to understand what's being used and what's not.

It helps us to just do a research into what rules are already in place, so that way we don't have to add anything and it is a quick lookup for us. Instead of having to go through maybe 10 different firewalls, we can easily trace through our network and say, "Okay, it has to touch each one of these firewalls and these are the rules and this is maybe where it's blocked at." This is a feature that we like to use and it helps us save time.

It helps us eliminate rules that are not needed on the firewall and to consolidate them. It saves us a lot of time and makes my work easier.

Over the past two years, we have been able to identify a bunch of rules that were orphaned and no longer have any need.

These rules were exposing our organization to undue risk associated with devices being exposed to the internet that shouldn’t have been exposed.

We use the feature to identify some rules that were no longer needed. That helps us reduce our overall, organizational risk profile.

It allows us to do utilization and cleaning of our policies. For your firewall, you have a series of rules and stuff that identify traffic, sort of whether or not the rules within your firewall policy are actually being used; what part of the rule is being used; whether or not it's identifying issues. You've got 1000 rules and only 900 are actually being used. About 100 of them are not.

We're now getting hit counts within Check Point that give us that information, but sometimes a rule says that it has been hit a lot even though it's not all the services within that rule. So it allows us to edit, modify and clean in order to remove anything that's not used.

It is the single place where we go to review all of our firewall changes. The solution makes it easier for us to track all the changes made. It is a central place where we can look at all the firewall rules, because we have three different firewall vendors. It saves us time and creates efficiencies by looking at the general picture. 

This solution has helped to clean up rules that had not been reviewed in several years. It is used for all of our firewall changes. At the moment, we are not looking to do more than use it for that.

This solution has helped to reduce our overall audit time. We are under PCI, so it was a requirement. We had to do something like this, and it just made it easier. The solution was prebuilt to do that, and we didn't have to build our own spreadsheet.

FMSQL allows us to quickly query our ruleset to check which trafic is allowed. That greatly helps us to fill in the compliance report.

With the change control functionality, if somebody was to go in and make a rule change on the firewall, it's configured to send a notification as soon as those changes have been made. If this happens outside of a change window, we can track those and go to that person/individual, and find out why they made the change without going through proper change control procedure.

It improved performance of the organization, as instead of going line through line of the firewall, we were able to quickly find IP addresses or services using Firemon.

• The ability for spotting the shadow-based rules helps us to eliminate overlapping rules. These may not otherwise be needed or may be under-used.
• Helps us to identify those items and gives us the ability to go back and audit the firewalls.
• It gives us the ability to determine what our security architecture looks like: This helps us secure our company better. This helps us to determine who is making the changes and we then have that historical information to give back to our auditors and say, "Okay, these are the changes that we've made and these are the corresponding service tickets that apply to them."
• We were in the middle of a project where we were migrating from one set of firewalls, that were old, to a newer set. This tool allowed us to go through and identify rules that we could get rid of. It allowed our rule sets to be a lot smaller than we originally had intended them to be. This helps us with our ongoing maintenance of our firewalls. It helps us to understand what's being used and what's not.
• It helps us to research what rules are already in place, so that way we don't have to add anything. It is a quick look up for us. Instead of having to go through maybe 10 different firewalls, we can easily trace through our network and say, "Okay, it has to touch each one of these firewalls and these are the rules and this is maybe where it's blocked." This is a feature that we like to use and it helps us save time.

It allowed us to track every change made to the firewall. We were able to see who made the changes, when the changes were made, and exactly what was modified.

This product has enabled Kaiser Permanente Clinical Technology technicians with proactive/remote monitoring of highly critical systems.

The solution has decreased errors and misconfigurations that would otherwise increase risk in our environment.

In addition, when we migrated to a new generation of firewalls, FireMon was of help when doing a first benchmark of the new solution and the initial setup.

It also identifies risks in our environment and helps prioritize fixes for them. The compliance module in Security Manager does that by watching overall rules and any changes, and benchmarking them against a pre-setup set of controls. It notifies us if any control has failed. That's how we monitor whether our firewall rules are compliant with a pre-set benchmark.

Firewall policy rule cleanup doesn't need to be a priority for a company to justify using FireMon, given that it makes that job much easier and faster. That means you don't need to allocate as many resources to do that work. It's now incomparably easier to do things like a rule review.

Overall, our monitoring and compliance are on much higher levels. The visibility we have into our firewall rules is much better now than it was prior to having FireMon.

As mentioned, we were able to ease the operations and set up a workflow that allowed the firewall and other network-related requests to go through a formal approval process. This helped to track who, when and why the request was done.

Also, removing redundant rules and placing the rules at the correct place helped lower CPU and memory consumption.

The product is extremely helpful in policy analysis and improvement. RA was exceptional is identifying risk exposure areas.

We managed around 70 different firewalls in more than 25 countries all over the world. The firewalls were from different vendors such as Palo Alto, Checkpoint, Cisco, Juniper, etc. FireMon helped to decrease the workload on risk analysis and also firewall rulebase review time by 50%, at least due to its very elaborate and easy to use filters.

• Improved change workflow
• Optimized my firewalls
• Meet PCI compliance
• Enhanced security

It’s very helpful during our firewall and network devices audit, and also beneficial when backup is required of network security devices.

We now have clear visibility of our firewall, clear auditing of each firewall rule and changes, and of course, it helps us comply with governing bodies.

FireMon allows us to monitor and assess our network, giving continuous visibility into and control over firewall infrastructure, network security policies and underlying IT risk.

Not experienced yet with the product. We are still doing our evaluations and having other discussions with different vendors to understand product capabilities.