Security Engineer at a transportation company with 10,001+ employees
May 13, 2019
The most valuable feature is the reporting capability because everything that we do is a result of our being able to query a report, based on our environment and our PCI compliance efforts.
IT Security Admin at a tech vendor with 1,001-5,000 employees
Aug 4, 2021
FireMon decreases errors and misconfigurations by 10% that increase risk in our environment. That has to do a lot with the change reporting that is in place, but also with the built-in controls and custom controls that we have made. Those all decrease the errors that people naturally make on a day-to-day basis for firewall administration.
Network / Security Design and Installation Engineer at a financial services firm with 1,001-5,000 employees
Jul 25, 2022
In one report, FireMon tells us there are, say, 1,000 rules that can be taken out and it gives us the ability to disable those for a year and to track when we made our changes. After a year, we can go back and eliminate the rules, to bring the configuration down to an almost human-readable level.
IT Manager for Networks and Cloud Infrastructure at a government with 10,001+ employees
Aug 26, 2021
We also use the solution’s SASE integration capabilities to extend security policy management for cloud firewall management. It helps in creating one consistent rule across multiple platforms and it improves accuracy.
Network Engineer at a insurance company with 10,001+ employees
Aug 26, 2021
The most valuable feature is that everything is recorded in the historical logs, including the firewall rules, headcounts, object-level usage, and the rule documentation. The rule certification details are also there, which means that someone can be held accountable for a specific firewall rule.
Network Security Analyst at a government with 10,001+ employees
Nov 25, 2021
The SQL language is convenient to use. It allows us to process a bunch of criteria very quickly and narrows things down if there is an issue with the firewall. It's easy to do that with SQL queries.
Solution Architect at a transportation company with 51-200 employees
Sep 4, 2022
The unused objects is another nice feature, where it digs a little bit deeper into comparing the logs that it sees versus the configurations that it sees... The unused objects feature will go through in a pretty detailed way and show us which ones aren't being used. Or, if they are used, it will show us how often they're used.
Information Security Analyst at a wholesaler/distributor with 5,001-10,000 employees
May 9, 2019
The Security Manager part of FireMon... gives me an eye on everything that's out there, everything that I cannot see. Because I'm not a network admin, I cannot go to a firewall itself, but at least I have FireMon so that I can go in and view everything that I want to view. And I can eliminate whatever I see that is wrong,
Network Security Engineer- Senior at a financial services firm with 1,001-5,000 employees
Apr 30, 2019
It provides us with a single pane of glass for our on-prem environment, to see configuration. We have not implemented into the cloud yet. We can search for an object group and see where it lives on any firewall in the enterprise or find security rules, no matter what firewall they're on.
Security Engineer at a transportation company with 10,001+ employees
May 13, 2019
The current health and monitoring of the devices is atrocious... Imagine you have a list of 200 devices, and you can grade each of those devices as either green, yellow, or red. However, there might be three different reasons for you to go to red, or eight different reasons to go to yellow, and all of those things could be combined... Out of all those categories, I only find one or two of them that are, perhaps, pertinent.
IT Security Admin at a tech vendor with 1,001-5,000 employees
Aug 4, 2021
While I like the reporting, I think that has the biggest room for improvement. Right now, as a user of FireMon, if I create a report, I am the only one who can see it inside FireMon. If someone on my team creates a report, they are the only person who can see that report on FireMon. It doesn't matter if you're admin in FireMon or not. The way we have to do it now is that we have created a service account user and that service account user runs all the reports. This way, all the reports, which are running, are just run under a single user so we can always access them. This definitely needs to change so users can see other users' reports or we can share reports within FireMon.
Network / Security Design and Installation Engineer at a financial services firm with 1,001-5,000 employees
Jul 25, 2022
When it comes to documentation, they need to start putting together a basic command manual. With Cisco, you can look up a command and it gives you examples of three or four different ways that command can be used. It tells you how to put it into the GUI and the CLI. FireMon does need to start doing that.
IT Manager for Networks and Cloud Infrastructure at a government with 10,001+ employees
Aug 26, 2021
The initial setup can take some time, including connecting it and configuring it. It's not something that is easy for anybody to do. There is time and energy required because of the number of systems you have to configure to get it to work properly.
Network Engineer at a insurance company with 10,001+ employees
Aug 26, 2021
We have not used the Policy Planner but even so, we have identified areas of improvement with it during our testing. For example, it could be better when it comes to ease of integration or ease of policy automation. Another problem is that there is a console where it has too many options and is not very straightforward. Essentially, controlling it could be made more seamless.
Network Security Analyst at a government with 10,001+ employees
Nov 25, 2021
I think that having a more open system and providing documentation for it would be helpful for users like us. We are pretty adept and can navigate through the Linux software that the on-premises FireMon is based on. It would help us in the long run.
Our firewalls have multiple paths through them and FireMon falls short a little bit because it's not Palo Alto-centric.
I don't think FireMon has kept up with where Palo Alto is at. They started out being Check Point-centric for years and they've never really fully embraced the nuances others, like Palo Alto or Fortinet, have. They don't handle a lot of the capabilities and attributes that Palo Alto does yet. They're working on it. They're getting there.
Solution Architect at a transportation company with 51-200 employees
Sep 4, 2022
To my knowledge, there's no cloud component to FireMon whatsoever. We're on the hook for any updates to versioning of the operating system or the application that runs on the operating system. It would be nice if it was a little bit more automated.
Network Security Engineer- Senior at a financial services firm with 1,001-5,000 employees
Apr 30, 2019
Some of the core functionality in our environment doesn't seem to work. We will get buggy code releases. They need to work on their Q&A of every code release.
