Try our new research platform with insights from 80,000+ expert users

FireMon Security Manager vs ManageEngine Firewall Analyzer vs Tufin Orchestration Suite comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Mindshare comparison

As of June 2025, in the Firewall Security Management category, the mindshare of FireMon Security Manager is 17.1%, up from 16.2% compared to the previous year. The mindshare of ManageEngine Firewall Analyzer is 3.4%, up from 2.8% compared to the previous year. The mindshare of Tufin Orchestration Suite is 22.1%, up from 20.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewall Security Management
 

Featured Reviews

Ganesh-Khutwad - PeerSpot reviewer
Rapid policy insights with robust dashboards and cross-vendor automation
FireMon Security Manager is excellent for real-time compliance management. It allows us to quickly retrieve any policy needed for testing and easily analyze it for loopholes. If a loophole exists, FireMon provides comprehensive details within the policy manager. It alerts us to firewall rule additions or changes that violate compliance policies. It supports various firewall platforms, including Checkpoint, Zscaler, Fortinet, Cisco, and AWS, and provides centralized management for all configured policies through a single console. FireMon Security Manager provides many features, like whether my firewall is compatible with required standards such as NTP and SNMP. Each compliance included in our RFPs is shown in the UI of FireMon. It gives robust and clear dashboards, making it easier to understand risks because the policies have ratings showing usage, and the number of hit attacks. It streamlines our compliance reporting processes by providing comprehensive risk and compliance assessments. It offers a range of features, including verification of firewall compatibility with protocols like NTP and SNMP, and detection of signal charges. FireMon effectively addresses all compliance requirements outlined in our RFPs. For instance, it can determine if firewalls or proxies within a stack are configured in Secure Mode or Active-Active mode. FireMon Security Manager enables us to generate reports on all these aspects, ensuring thorough compliance monitoring and documentation. FireMon Security Manager is robust and can help automate firewall policy changes across large multi-vendor enterprise environments. FireMon Security Manager helps automate firewall policy changes across various environments, including on-premises, cloud, hybrid, SASE, and SD-WAN. It also simplifies cleaning up firewall rules in our environment. The time required to accurately create, approve, and deploy firewall policy rules has been reduced. Tasks that took 30 minutes can now be completed in just five minutes using FireMon. FireMon provides immediate visibility into our policies through a robust and clear dashboard, making it easy to identify errors or misconfigurations based on the policy rating.
Mostafiz Miah - PeerSpot reviewer
Offers good integration features and is user-friendly
What is happening in sometimes, if any issues found in the tool, ManageEngine takes time to provide a proper fix, but it does not happen most of the time. If there is a need to get some customized report or feature, ManageEngine Firewall Analyzer team takes some time. The aforementioned area can be considered for improvement. From a product point of view, the tool is good, user-friendly, and offers easy installation and easy configuration.
MithatBulut - PeerSpot reviewer
New employees can quickly grasp the various IPs, devices, and the network's logical and physical
Tufin is primarily used to orchestrate and manage network traffic and firewall devices. It is specifically useful for implementing firewall policies and handling requests from clients that require policy updates or changes Tufin simplifies understanding network topology. New employees can quickly…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"FireMon decreases errors and misconfigurations by 10% that increase risk in our environment. That has to do a lot with the change reporting that is in place, but also with the built-in controls and custom controls that we have made. Those all decrease the errors that people naturally make on a day-to-day basis for firewall administration."
"It provides us with a single pane of glass for our on-prem environment, to see configuration. We have not implemented into the cloud yet. We can search for an object group and see where it lives on any firewall in the enterprise or find security rules, no matter what firewall they're on."
"When it comes to real-time compliance management, it is very good because it is able to compare changes in the configuration as well as giving us a timestamp. It also sends email alerts to our environment so we know if someone has made a change on the network. It gives us the whole picture of that change. Whether it is a configuration change or just a small comment, it gives us the before and after snapshot."
"For the cleanup of firewall rules, it performs really well for us. We utilize it in our regular rule cleanup tasks, several times a year. FireMon is our primary tool when doing that, either by going through its out-of-the-box compliance rules or using it to search for certain things in our rules that we want to prune from our firewalls."
"It gives us the ability to go to one place to look for potential firewall rules that are inappropriate, or which don't meet compliance. Instead of manually searching hundreds of firewalls for a policy, we can go to this one location and find the rules which are now out of compliance."
"The unused objects is another nice feature, where it digs a little bit deeper into comparing the logs that it sees versus the configurations that it sees... The unused objects feature will go through in a pretty detailed way and show us which ones aren't being used. Or, if they are used, it will show us how often they're used."
"The technical support is very good. They've always been helpful."
"The SQL language is convenient to use. It allows us to process a bunch of criteria very quickly and narrows things down if there is an issue with the firewall. It's easy to do that with SQL queries."
"The most valuable features of the ManageEngine Firewall Analyzer are the monitoring of the full management of the network elements and the inventory of the infrastructure."
"Overall the solution does a good job."
"Firewall Analyzer helps our organization to fulfill the compliance requirement as per ISO 27001, managing the network security effectively."
"The most valuable feature of the solution is that it is a very user-friendly tool compared to other solutions."
"Firewall Analyzer is easy to work with."
"I found the reporting to be useful because not only can I go back months, but it lists the individual URLs and the time that a particular person visited."
"It's user-friendly. It's easy to understand menus on the web GUI. That's a good feature for us. I can say that it's doing what it's supposed to do. It also integrates well with other products like Check Point."
"I had been impressed with the depth of capabilities within SecureTrack, particularly, in terms of generating insights for a user and firewall operator. With SecureTrack, I've been impressed with the level of flexibility with workflow design and its ability to generate different work streams and flows through the tool that are customized for our organization processes."
"The product is good at auditing the changes that we make in our environment."
"Tufin is the only multi-vendor firewall tool that is available, and it helps to bring everything together and report on what all of the rules are."
"The designer gives the ability to know where to add a rule, or if the rule is already in place."
"The Topology Map, which feeds into our SecureChange - the latter being an automation platform - there's a lot of synergy between the two."
"The clarity around the auditing provides the most value for us."
"We can check and analyze the current status of our firewall rules."
 

Cons

"While I like the reporting, I think that has the biggest room for improvement. Right now, as a user of FireMon, if I create a report, I am the only one who can see it inside FireMon. If someone on my team creates a report, they are the only person who can see that report on FireMon. It doesn't matter if you're admin in FireMon or not. The way we have to do it now is that we have created a service account user and that service account user runs all the reports. This way, all the reports, which are running, are just run under a single user so we can always access them. This definitely needs to change so users can see other users' reports or we can share reports within FireMon."
"Some of the things that you want to do in FireMon are not exactly straightforward, like creating certain reports or controls. Some of the functions could be a little more user-friendly, such as creating certain filters."
"The issue for me started with Fortinet not being able to see things correctly. It lost its appeal in terms of what it could do for me from a security standpoint, so I do not pay as much attention to it."
"The training for configuring new users or operators is confusing because the UI is not user-friendly and has room for improvement."
"Some of the core functionality in our environment doesn't seem to work. We will get buggy code releases. They need to work on their Q&A of every code release."
"A phone app would be nice. This is the reason why it is not perfect yet."
"Sometimes, there is a problem related to the sizing itself. If we have many devices added or if the firewall complexity is huge, we might experience some lag in processing. It may relate to the hardware specifications."
"When it comes to real-time compliance management, something that is missing is alerting on certain, predefined controls. It would be good to have a predefined set of controls which, if not complied with in a newly set up rule, would create an alert for us. That is something that is missing, out-of-the-box."
"The solution lacks a lot of features that other products have in the marketplace."
"The stability is so-so. There are always memory issues, but the solution is working great apart from that."
"If there is a need to get some customized report or anything, ManageEngine Firewall Analyzer takes some time."
"ManageEngine Firewall Analyzer can improve by having better monitoring of all features from firewalls. We are using Kibana in order to monitor parts that this solution does not record. For example, having more correlation and proactive monitoring in some activity or scenario."
"It would be awesome if the product could monitor services for applications."
"The policy browser has had trouble working. We have experienced bugs."
"USP does not support VPNs, which is a big thing for us, so we haven't been able to utilize it."
"I would really like to see a new UI for SecureChange. SecureTrack 2.0 has quite an improvement in the UI and it flows more smoothly. The current SecureTrack and SecureChange are a little blocky, and sometimes loading a tab or a page is required to refresh information. Whereas in SecureTrack 2.0, they're starting to improve on that."
"Our project is running on Riverbed for SDN. I don't know if Tufin can integrate with Riverbed. Other than that, I have no issues with this product."
"I would like to see more about the cloud in the next release. They need a large plan to deploy the cloud into the solution and a way to implement it."
"Tufin has come a long way when it comes to visibility. What we would like to see is a little bit more on the discovery level, network discovery, which Tufin does not have today."
"The reporting function could improve in Tufin. For our clients with companies that have strong compliance, reporting privacy data is mostly a problem. In the IT department, private data needs a function that one person can analyze it. It requires multiple people to analyze the data."
"They are a little bit behind on some of their support for the Palo Alto firewall platform. I'd like to see that catch up, specifically around importing certain objects."
 

Pricing and Cost Advice

"We don't license all of the devices in our network, so it does not provide us with a comprehensive visibility of all devices in a hybrid network at this time."
"Its pricing is good. Compared to others, it is not so expensive."
"The pricing was very good during our initial year, but they increased it this year a little bit. The price is okay. It is not cheap, but it is still average."
"This is an expensive solution. The cost of three modules for three years was approximately one million."
"Pricing model seems fair."
"Regarding additional costs, if you want things like Policy Optimizer, extra features, that's extra."
"Relative to what it offers, the price is fair."
"FireMon is very expensive. I think that they charge a premium. In general, they are very pricey. Compared to their competitors, they cost a little more than the other solutions that we evaluated."
"ManageEngine Firewall Analyzer is less expensive than some of their competitors, such as Cisco. The price is one of the reasons why we use ManageEngine Firewall Analyzer."
"Needs to work on pricing."
"I know that the price of the products is flexible. There have been different types of products, like professional and enterprise-based ones, and depending on the requirements, customers can choose their products."
"Our engineers are spending less time on manual processes: 20 to 30 hour plus."
"The licensing costs are a significant amount of money."
"This solution helped us to reduce the time it takes to make changes. We used to spend up to an hour to do a change, and now, it's around five minutes."
"We've seen a decrease of about 50 percent in the overall time it takes to complete a firewall change."
"We are seeing ROI in terms of having SecureApp."
"Price could always be better, but there are always consequences."
"It's quite an expensive solution."
"Pricing played a big part here... The customer had evaluated other products but, due to price as well as support, they chose Tufin."
report
Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.
857,585 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
16%
Manufacturing Company
10%
Healthcare Company
6%
Computer Software Company
20%
Comms Service Provider
10%
Healthcare Company
10%
Financial Services Firm
9%
Financial Services Firm
18%
Computer Software Company
15%
Manufacturing Company
10%
Healthcare Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about FireMon?
I like the Security Manager console where we can see any changes that have been made or pull the results of an assess...
What is your experience regarding pricing and costs for FireMon?
Comparatively, FireMon has a very good price and is below the general competition in cost. I have not seen any additi...
What needs improvement with FireMon?
For one company I work with, I use Fortinet, and FireMon is not able to understand the zones that Fortinet uses. Part...
What do you like most about ManageEngine Firewall Analyzer?
The most valuable feature of the solution is that it is a very user-friendly tool compared to other solutions.
What is your experience regarding pricing and costs for ManageEngine Firewall Analyzer?
I know that the price of the products is flexible. There have been different types of products, like professional and...
What needs improvement with ManageEngine Firewall Analyzer?
What is happening in sometimes, if any issues found in the tool, ManageEngine takes time to provide a proper fix, but...
What needs improvement with Tufin SecureCloud?
Tufin Orchestration Suite ( /products/tufin-orchestration-suite-reviews ) is not commonly used in Thailand due to a l...
What is your primary use case for Tufin SecureCloud?
I have primarily used Skybox and AlgoSec ( /products/algosec-reviews ). I have also interacted with FireMon for compi...
What advice do you have for others considering Tufin SecureCloud?
There is potential for improvement in explaining the analytics in the dashboard for Tufin Orchestration Suite. Tufin ...
 

Also Known As

No data available
No data available
Tufin SecureCloud
 

Overview

 

Sample Customers

Convey, MGM Resorts International, Southwest Airlines, Alkami, Costco, Aetna, IBM, Verizon, Wells Fargo
WFP, NYC.gov, Sony Pictures, Franklin Security Bank, ITC INFOTECH
3M, AT&T, Blue Cross Blue Shield, BNP Parabas, ConocoPhillips, Deutsche Bank, GE, IBM, Pfizer, United States Postal Service 
Find out what your peers are saying about AlgoSec, Tufin, FireMon and others in Firewall Security Management. Updated: June 2025.
857,585 professionals have used our research since 2012.