2018-06-06T04:14:00Z

What needs improvement with FireMon?


Please share with the community what you think needs improvement with FireMon.

What are its weaknesses? What would you like to see changed in a future version?

Guest
66 Answers

author avatar
Top 20Real User

We had a few minor issues with it. However, it's worked pretty well for us overall.

2019-06-23T09:40:00Z
author avatar
Real User

The AWS integration is still not mature for us to use. It is just not ready for our use case for AWS connectivity. Therefore, it does not provide us with a single pane of glass for our cloud environments, because we can't manage our cloud environment with the tool. The map needs improvement in our network. The tool should be able to map out the path of flow from one firewall through our network. However, it does not understand our routing environment, so it cannot do that for us. We would like it if this solution could provided us with end-to-end change automation for the entire rule lifecycle, but the map feature cannot support our environment, for now.

2019-06-11T11:10:00Z
author avatar
Top 20Real User

The current health and monitoring of the devices is atrocious. I know of several engineers within the company to whom I've mentioned this to and they say, "I know, I've been telling the devs that." They would back me up on my statement. Here's the bad part, and it's hard to articulate without having like a visual that you and I are sharing. But imagine you have a list of 200 devices, and you can grade each of those devices as either green, yellow, or red. However, there might be three different reasons for you to go to red, or eight different reasons to go to yellow, and all of those things could be combined. As long as all of them are good, that's the only way that you're going to get green. Out of all those categories, I only find one or two of them that are, perhaps, pertinent. I only care if it's not communicating at all, or it hasn't communicated in the last 48 hours. If the last time that it pulled down information it took three minutes instead of one minute, I don't care about that. The way that the health and monitoring works right now is that for all these devices, instead of breaking out all those different things, or allowing me to judge what I think is pertinent or not, I have to see the lowest common denominator. I might have 40 percent of my devices saying that they're in a critical state, when in reality, according to my standards, maybe only five percent of them are. I don't have the time to sit here and click on a dropdown and dig into 100 different devices every day of the week. Essentially, because of the way it works right now, I don't resolve something until I've become personally aware that a firewall isn't communicating with FireMon at a given time. It's not something that is optimized so that an engineer can run a report, take screenshots, and make a little run-book to hand over to level-two support and say, "Here, you guys do this every day as a repeatable process. Make sure that if we have any issues, we open tickets about them." Right now, the overhead of conducting a thorough day-to-day assay of the health of our environment would take several hours. Functionally and logistically, we just can't accomplish that goal right now.

2019-05-13T08:56:00Z
author avatar
Top 20Real User

We're working on implementing FireMon with our ticketing system service now. Having that would be an improvement. I believe they said that they are working on that for the future. That would help us out a lot. For example, when somebody wants to open a request for a firewall change, we'll go through ServiceNow, and then go through FireMon, make the changes, and make sure everything is recorded, who did it, etc.

2019-05-09T13:13:00Z
author avatar
Top 10Real User

Some of the core functionality in our environment doesn't seem to work. We will get buggy code releases. They need to work on their Q&A of every code release. Too many bugs pop up between releases, and that's where I would like to see the most improvement.

2019-04-30T08:57:00Z
author avatar
User

Continuous firewall policy improvement should available out-of-the-box for firewall operation. We are also looking for more integration with SIEM and other tools.

2018-06-06T04:14:00Z
Learn what your peers think about FireMon. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
442,283 professionals have used our research since 2012.