Try our new research platform with insights from 80,000+ expert users

FireMon Security Manager vs Tufin Orchestration Suite comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 20, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

FireMon Security Manager
Ranking in Firewall Security Management
3rd
Average Rating
8.2
Reviews Sentiment
7.5
Number of Reviews
56
Ranking in other categories
No ranking in other categories
Tufin Orchestration Suite
Ranking in Firewall Security Management
2nd
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
184
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Firewall Security Management category, the mindshare of FireMon Security Manager is 17.5%, up from 15.8% compared to the previous year. The mindshare of Tufin Orchestration Suite is 22.5%, up from 20.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewall Security Management
 

Featured Reviews

Ganesh-Khutwad - PeerSpot reviewer
Rapid policy insights with robust dashboards and cross-vendor automation
FireMon Security Manager is excellent for real-time compliance management. It allows us to quickly retrieve any policy needed for testing and easily analyze it for loopholes. If a loophole exists, FireMon provides comprehensive details within the policy manager. It alerts us to firewall rule additions or changes that violate compliance policies. It supports various firewall platforms, including Checkpoint, Zscaler, Fortinet, Cisco, and AWS, and provides centralized management for all configured policies through a single console. FireMon Security Manager provides many features, like whether my firewall is compatible with required standards such as NTP and SNMP. Each compliance included in our RFPs is shown in the UI of FireMon. It gives robust and clear dashboards, making it easier to understand risks because the policies have ratings showing usage, and the number of hit attacks. It streamlines our compliance reporting processes by providing comprehensive risk and compliance assessments. It offers a range of features, including verification of firewall compatibility with protocols like NTP and SNMP, and detection of signal charges. FireMon effectively addresses all compliance requirements outlined in our RFPs. For instance, it can determine if firewalls or proxies within a stack are configured in Secure Mode or Active-Active mode. FireMon Security Manager enables us to generate reports on all these aspects, ensuring thorough compliance monitoring and documentation. FireMon Security Manager is robust and can help automate firewall policy changes across large multi-vendor enterprise environments. FireMon Security Manager helps automate firewall policy changes across various environments, including on-premises, cloud, hybrid, SASE, and SD-WAN. It also simplifies cleaning up firewall rules in our environment. The time required to accurately create, approve, and deploy firewall policy rules has been reduced. Tasks that took 30 minutes can now be completed in just five minutes using FireMon. FireMon provides immediate visibility into our policies through a robust and clear dashboard, making it easy to identify errors or misconfigurations based on the policy rating.
MithatBulut - PeerSpot reviewer
New employees can quickly grasp the various IPs, devices, and the network's logical and physical
Tufin is primarily used to orchestrate and manage network traffic and firewall devices. It is specifically useful for implementing firewall policies and handling requests from clients that require policy updates or changes Tufin simplifies understanding network topology. New employees can quickly…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"In one report, FireMon tells us there are, say, 1,000 rules that can be taken out and it gives us the ability to disable those for a year and to track when we made our changes. After a year, we can go back and eliminate the rules, to bring the configuration down to an almost human-readable level."
"It provides us with a single pane of glass for our on-prem environment, to see configuration. We have not implemented into the cloud yet. We can search for an object group and see where it lives on any firewall in the enterprise or find security rules, no matter what firewall they're on."
"The unused objects is another nice feature, where it digs a little bit deeper into comparing the logs that it sees versus the configurations that it sees... The unused objects feature will go through in a pretty detailed way and show us which ones aren't being used. Or, if they are used, it will show us how often they're used."
"Vendor agnostic when it comes to integrating with other product."
"The SQL language is convenient to use. It allows us to process a bunch of criteria very quickly and narrows things down if there is an issue with the firewall. It's easy to do that with SQL queries."
"The most valuable feature for me is its capability for cleanup and managing the complexity of security products."
"Firewall auditing is very important. We also use the solution for rule traffic analysis, traffic flow discovery and hidden/shadow rules within over 100 firewalls spanning five different brands."
"FireMon decreases errors and misconfigurations by 10% that increase risk in our environment. That has to do a lot with the change reporting that is in place, but also with the built-in controls and custom controls that we have made. Those all decrease the errors that people naturally make on a day-to-day basis for firewall administration."
"The reports that this solution provides are very useful."
"They have very good responses regarding integration and internalization with open tickets."
"Visibility is its largest and most valuable feature. You can see everything or all the devices on the network for each customer. It provides you a larger view of what might be wrong with the network and how you can improve it with firewall rules, etc. If you are talking about secure change, being able to automate the entire change process is pretty much the winner for us. It is going to really reduce the time that it takes for us to do changes, and we can just go out and get more customers."
"The APIs are the most valuable feature of this solution, as they facilitate integration with ServiceNow and other solutions."
"We are able to discover firewall rules that are too broad and widen the security footprint."
"The reporting on offer is very good. Tufin makes nice reports."
"The most valuable feature is the compliance check and the recommendations that it makes."
"The change workflow process is very easy to customize. You can do a workflow however you want, so you can have an approval every single step. Or, you can remove approvals on certain steps, automating some steps."
 

Cons

"It comes as a Linux appliance on a server and we're not a Linux shop, we're more of a Windows shop. It would be great if they could automate or integrate the backups into it and other things through their GUI interface, just to make the management of Linux a little more transparent."
"The current health and monitoring of the devices is atrocious... Imagine you have a list of 200 devices, and you can grade each of those devices as either green, yellow, or red. However, there might be three different reasons for you to go to red, or eight different reasons to go to yellow, and all of those things could be combined... Out of all those categories, I only find one or two of them that are, perhaps, pertinent."
"I don't like that it comes with bugs, constant issues, and limited functionality."
"A phone app would be nice. This is the reason why it is not perfect yet."
"We have not used the Policy Planner but even so, we have identified areas of improvement with it during our testing. For example, it could be better when it comes to ease of integration or ease of policy automation. Another problem is that there is a console where it has too many options and is not very straightforward. Essentially, controlling it could be made more seamless."
"Some of the things that you want to do in FireMon are not exactly straightforward, like creating certain reports or controls. Some of the functions could be a little more user-friendly, such as creating certain filters."
"When it comes to documentation, they need to start putting together a basic command manual. With Cisco, you can look up a command and it gives you examples of three or four different ways that command can be used. It tells you how to put it into the GUI and the CLI. FireMon does need to start doing that."
"FireMon could be made more user-friendly when it comes to creating filters or conducting traffic analysis."
"The pricing could be a bit more competitive."
"I would like to simplify the reports, and maybe have another view besides the charts. Possibly they could be more graphical."
"The network part of the solution could be improved. It's too hard because of the Tufin licensing model for the routing devices."
"The initial setup was time consuming."
"We would like to see automation metrics, from a reporting standpoint. We would also like to see automation of site-to-site VPN tunnels. We would like to see automation of Check Point application-based firewall rules."
"It does not natively support all of the Check Point functions which is a big deal."
"It needs better reporting with more graphics and more pie charts, so management can understand details. The reports that are done now are full of data and management would like to have an image to help understand, right away, what the reports are saying."
"We use a lot of inline rules, and it would be beneficial to see those from within Tufin."
 

Pricing and Cost Advice

"It's a good value. From a licensing standpoint... it's very simple to understand, and gives us a good bang for the buck."
"Regarding additional costs, if you want things like Policy Optimizer, extra features, that's extra."
"We don't license all of the devices in our network, so it does not provide us with a comprehensive visibility of all devices in a hybrid network at this time."
"The pricing is very good, very straightforward. It also came in cheaper than AlgoSec and Tufin."
"Pricing model seems fair."
"FireMon is very expensive. I think that they charge a premium. In general, they are very pricey. Compared to their competitors, they cost a little more than the other solutions that we evaluated."
"FireMon is cheaper than AlgoSec."
"Its pricing is good. Compared to others, it is not so expensive."
"Our engineers are spending less time on manual processes: 20 to 30 hour plus."
"There are ways to deploy the license to different types of firewall. However, if we decide to change the physical brand of the firewall, we need to go back to Tufin and modify the licensing. This is a hassle."
"The additional piece, which we are buying and doesn't include our other solution, is close to 300,000."
"It's quite an expensive solution."
"Our licensing costs are pretty low. We were grandfathered in, so we are at about $35,000 per year."
"The licensing costs are around $250,000 to $300,000."
"Tufin reduced the time it takes to solve a problem, which reduces the time of the outage."
"Because we're quite a large company, the price wasn't too much of a factor for us."
report
Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.
860,825 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Financial Services Firm
15%
Manufacturing Company
10%
Healthcare Company
6%
Financial Services Firm
17%
Computer Software Company
14%
Manufacturing Company
10%
Healthcare Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about FireMon?
I like the Security Manager console where we can see any changes that have been made or pull the results of an assessment and control the policies that we implement.
What is your experience regarding pricing and costs for FireMon?
Comparatively, FireMon has a very good price and is below the general competition in cost. I have not seen any additional fees beyond the general contract fees for the usage I have. So, I have not ...
What needs improvement with FireMon?
For one company I work with, I use Fortinet, and FireMon is not able to understand the zones that Fortinet uses. Part of that compliance piece does not provide me with the necessary information. An...
What needs improvement with Tufin SecureCloud?
Tufin Orchestration Suite ( /products/tufin-orchestration-suite-reviews ) is not commonly used in Thailand due to a lack of local support, and many customers are switching to AlgoSec or other vendo...
What is your primary use case for Tufin SecureCloud?
I have primarily used Skybox and AlgoSec ( /products/algosec-reviews ). I have also interacted with FireMon for compiling. However, I am not currently working with ACA, and I don't have any project...
What advice do you have for others considering Tufin SecureCloud?
There is potential for improvement in explaining the analytics in the dashboard for Tufin Orchestration Suite. Tufin Orchestration Suite does provide good monitoring; however, interpreting the grap...
 

Also Known As

No data available
Tufin SecureCloud
 

Overview

 

Sample Customers

Convey, MGM Resorts International, Southwest Airlines, Alkami, Costco, Aetna, IBM, Verizon, Wells Fargo
3M, AT&T, Blue Cross Blue Shield, BNP Parabas, ConocoPhillips, Deutsche Bank, GE, IBM, Pfizer, United States Postal Service 
Find out what your peers are saying about FireMon Security Manager vs. Tufin Orchestration Suite and other solutions. Updated: June 2025.
860,825 professionals have used our research since 2012.