Try our new research platform with insights from 80,000+ expert users
PeerSpot user
IT Security Consultant and Platform Architect at a pharma/biotech company with 10,001+ employees
Real User
Policy test and access path analysis tools in Security Manager enable me to find existing firewall policies quickly, troubleshoot, or to help choose the optimal path for proposed rules.
Pros and Cons
  • "Policy test, access path analysis, and change reports."
  • "Policy Planner requirements section is good, but could use some improvement to allow flexibility to enter different types of requests (modifying an existing policy, object or service group, for example) in a structured task format that can be auto-verified."

What is most valuable?

Policy test, access path analysis, and change reports.

Policy test and access path analysis tools in Security Manager enable me to find existing firewall policies quickly across the enterprise, troubleshoot, or to help choose the optimal path for proposed rules. Change reports on the device dashboard show us at a glance what was changed in a particular firewall config, by date, so we can easily troubleshoot problems with implementation.

How has it helped my organization?

It streamlined the firewall policy change management process by having all firewalls managed in one tool, and a workflow customized to our needs.

What needs improvement?

Policy Planner requirements section is good, but could use some improvement to allow flexibility to enter different types of requests (modifying an existing policy, object or service group, for example) in a structured task format that can be auto-verified.

For how long have I used the solution?

4 years

Buyer's Guide
FireMon Security Manager
May 2025
Learn what your peers think about FireMon Security Manager. Get advice and tips from experienced pros sharing their opinions. Updated: May 2025.
855,156 professionals have used our research since 2012.

What do I think about the stability of the solution?

No issues with stability.

What do I think about the scalability of the solution?

No…we easily added a second data collector when needed.

How are customer service and support?

Customer Service:

Excellent.

Technical Support:

Excellent--tech support engineers go above and beyond to answer questions and resolve issues.

Which solution did I use previously and why did I switch?

We previously used separate database applications to route change requests for approval, and did not have a tool likeSecurity Managerwith visibility into all the firewall configs and activity.

How was the initial setup?

Infrastructure was simple to set up, but custom workflow was complex, due to customer regulatory environment necessitating a lot of customization. FireMon Professional Services was able to accommodate, though.

What about the implementation team?

In-house project management and equipment configuration; vendor install in the data centers; Firemon Professional Services for extensive custom workflow development.

What's my experience with pricing, setup cost, and licensing?

Pricing model seems fair. Make sure to separate active versus inactive devices, and primary versus standby in HA pairs, as there is a significant cost savings for licensing; licenses on the applications are perpetual.

Which other solutions did I evaluate?

Customer evaluated other products, but chose FireMon due to its features and rating on Gartner.

What other advice do I have?

Review your current operational requirements and processes well, and determine what can change, internally, to take full advantage of the standard FireMon processes.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: My consulting company is a vendor neutral reseller of FireMon products and services, along with other vendor’s products, implementing what solutions are best for a particular customer.

PeerSpot user
it_user625641 - PeerSpot reviewer
it_user625641Customer Success Manager at FireMon
Real User

Ken,
Thank you for taking a few moments to write a review of FireMon. I am glad to hear we have been able to streamline your firewall policy management. I would agree that our support engineers and professional services teams are great and help with the overall customer experience.

See all 3 comments
it_user494268 - PeerSpot reviewer
Information Security Analyst at a financial services firm with 1,001-5,000 employees
Vendor
It was valuable for auditing purposes.

What is most valuable?

It was used for firewall change review. For our company, it became an invaluable tool for auditing purposes.

How has it helped my organization?

It allowed us to track every change made to the firewall. We were able to see who made the changes, when the changes were made, and exactly what was modified.

What needs improvement?

We monitored multiple firewalls. In the version we used, we had to check the changes made on each firewall individually. We didn’t see a condensed list of changes across our environment.

For how long have I used the solution?

I used it for 1.5 yrs.

What was my experience with deployment of the solution?

We encountered minor issues with FireMon and its collection of data from Palo Alto firewalls. It required a small amount of additional time with system engineers on our side and on FireMon’s side to complete the deployment.

How are customer service and technical support?

Customer Service:

The customer service was excellent.

Technical Support:

At the time we were using the product, it did seem like the tech support staff was very limited in size. I am sure they have grown more since we used this product.

Which solution did I use previously and why did I switch?

We used another product (Tufin). For us, we needed to make a change because they lacked the ability to support Palo Alto (at that time). FireMon was a better fit with that firewall.

How was the initial setup?

The initial setup was straightforward. Minimal support was required to complete it.

What about the implementation team?

We implemented it through an in-house team. We required minimal assistance from the vendor.

What other advice do I have?

There are very few products that can do what FireMon can. I would definitely recommend it if there is a need to review firewall changes.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.

PeerSpot user
Buyer's Guide
FireMon Security Manager
May 2025
Learn what your peers think about FireMon Security Manager. Get advice and tips from experienced pros sharing their opinions. Updated: May 2025.
855,156 professionals have used our research since 2012.
it_user642174 - PeerSpot reviewer
Information Security Officer at a university with 10,001+ employees
Vendor
The ability to audit our firewall rule base allows us to determine which rules can be removed.

What is most valuable?

The ability to audit our firewall rule base is my favorite feature. It allows us to determine which rules can be removed and it helps us reduce our security footprint.

How has it helped my organization?

Over the past two years, we have been able to identify a bunch of rules that were orphaned and no longer have any need.

These rules were exposing our organization to undue risk associated with devices being exposed to the internet that shouldn’t have been exposed.

We use the feature to identify some rules that were no longer needed. That helps us reduce our overall, organizational risk profile.

What needs improvement?

What's funny is that if I had been asked eight months ago about areas with room for improvement, I would have said the product in general needed to be improved. It wasn't web-based. It was client-based and it was just kind of clunky.

In the last eight months since we upgraded to the web version, there isn't a lot of need for improvement. I feel like it is pretty good. Things have been a lot better for us since we upgraded to the web version. I'm happy with it right now and I don't have any complaints.

For how long have I used the solution?

We’ve been using this solution for just over two years.

What do I think about the stability of the solution?

We haven’t had any stability problems. I had one or two minor issues since the upgrade, such as upgrade failures. I couldn’t get the system to accept a maintenance release. Those issues were resolved pretty quickly. There have been no stability issues, nor long-term outage issues.

What do I think about the scalability of the solution?

We have a fairly limited amount of systems that are monitored by FireMon. Our box can support up to 20-25 devices. We only have eight devices to monitor. We still have a lot of overhead. We haven’t noticed any slowdown issues or any problems of a scalable nature on the device.

How was the initial setup?

Back then, it was client-based and the setup was not so straightforward. Most things worked well right out of the box.

Although I haven’t done an actual setup after it became web-based, I can see that it is much easier. You don’t have to download a client. You just have a website. There is no need for a command-line configuration to get it up and running. It was fine for overall level of difficultly before and I can assume it is easier now.

Which other solutions did I evaluate?

We did not evaluate other options. This was the first of its kind. I saw it at a vendor/expo demo and I was interested in it.

Our vendor that we work with threw it into a deal. We paid for support and they were trying to increase the overall install base footprint. They made a couple deals with us for a next generation firewall. I wasn’t budgeted to purchase it, but it was part of a deal, and it fell into our lap for next generation firewall monitoring.

What other advice do I have?

FireMon is a very good product; is a slippery slope in terms of deployment. It can monitor all of your network devices and firewalls. I would imagine a lot of people probably use it for that.

We are a small organization. From a cost and work standpoint, we only wanted the ability to audit and manage our firewall rule sets. It’s been good for us in that way.

People need to think about what’s important to them based on a monitoring point of view, which is regulation-based. That wasn’t an issue for us. I recommend that people considered the best-sized solution for them. Give it a try. It’s worked well for us.

I would rate it as the best firewall monitoring platform that I’ve used, but I’ve only used FireMon.

We are a Palo Alto customer and this is a great tool to augment the Palo Alto tool set. It’s a very beneficial product. It fills the gap of things you can’t get with standard Palo Alto management, such as long-term analysis and knowing what’s really going on with objects and rules in the firewall rule base.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.

PeerSpot user
it_user617493 - PeerSpot reviewer
Network Support Systems Manager at a retailer with 1,001-5,000 employees
Vendor
The most valuable features are change management and getting alerts from the system. The web interface requires a learning curve.

What is most valuable?

  • The ability to look for shadow-based rules
  • The ability to look for rules that are being used
  • Change management
  • Gets alerts from the system

How has it helped my organization?

  • The ability for spotting the shadow-based rules helps us to eliminate overlapping rules. These may not otherwise be needed or may be under-used.
  • Helps us to identify those items and gives us the ability to go back and audit the firewalls.
  • It gives us the ability to determine what our security architecture looks like: This helps us secure our company better. This helps us to determine who is making the changes and we then have that historical information to give back to our auditors and say, "Okay, these are the changes that we've made and these are the corresponding service tickets that apply to them."
  • We were in the middle of a project where we were migrating from one set of firewalls, that were old, to a newer set. This tool allowed us to go through and identify rules that we could get rid of. It allowed our rule sets to be a lot smaller than we originally had intended them to be. This helps us with our ongoing maintenance of our firewalls. It helps us to understand what's being used and what's not.
  • It helps us to research what rules are already in place, so that way we don't have to add anything. It is a quick look up for us. Instead of having to go through maybe 10 different firewalls, we can easily trace through our network and say, "Okay, it has to touch each one of these firewalls and these are the rules and this is maybe where it's blocked." This is a feature that we like to use and it helps us save time.

What needs improvement?

So far, we're not too much into the product.

  • We don't quite like the web interface.
  • We enjoy the so-called Fact Client a lot better because it just gives a bit more of the opportunities to work with the software faster. There's been a huge learning curve for us to use the web interface.
  • We have to learn their query language or define the details that we need.
  • Unfortunately, we are such a fast-paced environment that we don't have a lot of time to spend with the software to really learn it the way that it probably should be learned. We have to kind of go back and reinvent it every single time we have to go look for something in particular. That's the only downside I can mention that we're having with the GUI.

For how long have I used the solution?

It's going on for at least three years now, if not more.

What do I think about the stability of the solution?

There were a few, initial issues with stability. Luckily, FireMon has a supportive staff.

They have been able to identify the issues that we've been having. In turn, they implement some kind of compensating mechanism or come up with a solution in order to fix it. This helps us resolve our issues. Overall, we've been pretty happy with the support team.

What do I think about the scalability of the solution?

We have not had any scalability issues. I've been very impressed with that aspect. At one point, we had a single server and we overloaded it pretty quickly with the amount of logs that we sent to it. The firewalls generate a ton of traffic as far as Syslog goes.

I had to out-size our environment in order to compensate for the additional logs. I had to deploy to a couple of different other sites, that initially we didn't imagine having a need for. However, it scaled up great and we've had no issues with it since then.

How are customer service and technical support?

Overall, I would give the technical support team a rating of 10/10. There have been maybe a few issues here and there. Unfortunately, it has taken some time for them to resolve them.

If the issues are not resolved, it goes back to them. They keep the case by asking for updates and working with me and the team to understand what issues we're having. They try to help us resolve those issues, either through training or going back to the development team and asking for a feature.

Which solution did I use previously and why did I switch?

We didn't use any other solution. This was definitely one of the best of its breed that we researched. Eventually, we selected this tool.

How was the initial setup?

The initial setup was pretty straightforward. It was just a matter of pointing the logs to the device and setting up a few basic things. It could then go out and fetch the configurations/settings. It was relatively easy.

Which other solutions did I evaluate?

I believe the other option that we looked at was Infoblox. However, Infoblox was just too cumbersome and didn't offer a lot of features. We felt that FireMon had built-in features that were out-of-the-box.

What other advice do I have?

You should definitely look into how many Syslogs you're getting. There is a limitation on how many Syslog messages it can handle per second.

We felt in a more distributed environment, it allowed us to support our network more adequately. Even in the main data centers, we usually had three or more collectors in order to deal with the amount of Syslogs we're sending.

We also had to include a few different offices that required their own implementation of data collectors.

This company does a pretty solid job and they're constantly striving to improve their products.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.

PeerSpot user
it_user613533 - PeerSpot reviewer
Sr. Systems and Network Engineer at a recruiting/HR firm with 1,001-5,000 employees
Vendor
The most valuable feature is more or less the ability to look for the shadowed-based rules or rules that are being used.

What is most valuable?

The most valuable feature is more or less the ability to look for the shadowed-based rules or rules that are being used, and also for change management, i.e., getting alerts from the system. This helps us to determine who is making the changes and have that historical information to give back to our auditors and say, "Okay, these are the changes that we've made and these are the corresponding service tickets that apply to them."

The ability for spotting the shadowed-based rules helps us to eliminate overlapping rules that may not be otherwise needed or maybe under-used. It helps us to identify that stuff and gives us the ability to go back and audit the firewalls.

On the whole, it gives us the ability to determine what our security architecture looks like, so as to help secure our company better.

How has it helped my organization?

It's kind of a two-fold type thing for us. We were in the middle of a project, where we were migrating from one set of firewalls that were old to a newer set. So, this tool has allowed us to go through and identify rules that we could get rid off and allowed our rule sets to be a lot smaller than we originally had intended them to be. This helps us with our ongoing maintenance of our firewalls, so as to understand what's being used and what's not.

It helps us to just do a research into what rules are already in place, so that way we don't have to add anything and it is a quick lookup for us. Instead of having to go through maybe 10 different firewalls, we can easily trace through our network and say, "Okay, it has to touch each one of these firewalls and these are the rules and this is maybe where it's blocked at." This is a feature that we like to use and it helps us save time.

What needs improvement?

So far, we're not too much into the product yet. However, we're not really liking the web interface. We enjoy the so-called fat client a lot better because it just gives a bit more of the opportunities to work with the software faster, whereas there's been a huge learning curve for us to use the web interface. Then, we also have to learn their query language or define the details that we need.

Unfortunately, we are such a fast-paced environment that we don't have a lot of time to spend with the software to really learn it the way it probably should be learned. We have to kind of go back and reinvent it every single time we have to go look for something in particular. That's the only downside I can mention that we're having with the GUI.

For how long have I used the solution?

It's going on for at least three years now, if not more.

What do I think about the stability of the solution?

There were a few issues with stability initially, but luckily FireMon is very supportive in terms of their support staff. They have been able to identify the issues that we've been having, and in turn implement some kind of compensating mechanism or come up with a solution in order to fix it, so as to help us resolve our issues. Overall, we've been pretty happy with the support team.

What do I think about the scalability of the solution?

We have not had any scalability issues and I've been very impressed in that aspect. At one point, we had a single server and we overloaded it pretty quickly, with the amount of logs that we sent to it. The firewalls generate a ton of traffic as far as syslog goes. So, I had to out-size our environment to compensate for the additional logs and had to deploy to a couple of other different sites, that initially we didn't imagine having a need for. However, it scaled up great and we've had no issues with it since then.

How are customer service and technical support?

Overall, I would give the technical support team a 10/10. There have been maybe a few issues, here and there. Unfortunately, it has taken some time for them to resolve and it goes back to them, i.e., asking for updates, and working with myself and the team to understand what issues we're having. They try to help us resolve issues either through training or going back to the development team and asking for a feature.

Which solution did I use previously and why did I switch?

We didn't previously use any other solution. This was definitely one of the best of its breed that we researched. Eventually, this tool is what we selected to go with.

How was the initial setup?

The setup was pretty straightforward. It was just a matter of pointing the logs to the device and setting up a few basic things, so that it could go out and fetch the configurations/settings. Thus, it was relatively easy.

Which other solutions did I evaluate?

I believe the other option that we looked at was Infoblox and maybe one other tool. However, Infoblox was just too cumbersome and didn't offer a lot of features. In comparison, we felt that FireMon had those out-of-the-box features built-in.

What other advice do I have?

Definitely, you should look into how many syslogs you're getting because there is a limitation on how many syslog messages it can handle per second. We felt in a more distributed environment, it allowed us to support our network more adequately. So even with our main data centers, we had to usually have three or more collectors in order to deal with the amount of syslogs we're sending. We also had to include a few different offices needing their own implementation of data collectors.

This company does a pretty solid job and they're always constantly wanting to improve their products.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.

PeerSpot user
SecArch3081 - PeerSpot reviewer
SecArch3081IT Security Consultant and Platform Architect at a pharma/biotech company with 10,001+ employees
Real User

Policy Test is extremely useful, as well--we use that constantly in request design phase to quickly identify zones and policy placement. Object search/Omni search is invaluable, as well, providing the ability to find all the rules that may need updating when a server migrates or is decommissioned. it would take forever to manually retrieve and search across hundreds of firewall configs.

See all 2 comments
it_user616515 - PeerSpot reviewer
Sr Network Security Specialist at a government with 1,001-5,000 employees
Vendor
The most valuable features are the reporting for change control as well as rule utilization.

What is most valuable?

The most valuable features are the FireMon reporting for change control as well as rule utilization.

How has it helped my organization?

It allows us to do utilization and cleaning of our policies. For your firewall, you have a series of rules and stuff that identify traffic, sort of whether or not the rules within your firewall policy are actually being used; what part of the rule is being used; whether or not it's identifying issues. You've got 1000 rules and only 900 are actually being used. About 100 of them are not.

We're now getting hit counts within Check Point that give us that information, but sometimes a rule says that it has been hit a lot even though it's not all the services within that rule. So it allows us to edit, modify and clean in order to remove anything that's not used.

What needs improvement?

I would say the most recent release caused us a lot of trouble as we couldn't get it working for a while, so we weren't getting the reports that we wanted, but it has improved. It's just very, very different. The most recent release level was dramatically different.

Maybe better videos or whatever could be included as to how to work with the updated product.

For how long have I used the solution?

I believe it's going on about five years, maybe as much as six.

What do I think about the stability of the solution?

When we transferred from one release to the next, the most recent upgrade, the integration with Check Point gateways was very poor and so it was for almost a year that the product was unusable to us.

What do I think about the scalability of the solution?

I think the scalability seems fine, although not all of our gateways are licensed so that in itself also caused some issues, because the product had to be more tuned to the fact that our environment doesn't utilize FireMon for all of its gateways.

How are customer service and technical support?

I would say technical support is about 8/10. Some issues just weren't handled quickly enough, I guess.

Which solution did I use previously and why did I switch?

We previously used an earlier release of FireMon and they had good success with that. In the newest release, we had a lot of problems. Prior to that, we really didn't have a tool to do that type of analysis for us. Although the most recent releases from Check Point have given us better analytics within our environment, FireMon has provided us with a better view into our environment. We didn't have anything prior to that.

How was the initial setup?

I haven't really been involved much with the licensing. It seems fairly straightforward. Regarding the training after setup, I find the videos maybe could be a little bit better in respect to how to work with your FireMon product to get the best out of it; so maybe some better training videos on how to work with the product.

Which other solutions did I evaluate?

I believe the only other option I looked at was Check Point's reporting option and it was quite costly.

What other advice do I have?

When using this product, you have to spend time understanding not only how it was installed but what information you can get from the product. The customization of reports, whether they can be automated or on demand. So just getting a better understanding of what you can get from the application is useful.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.

PeerSpot user
it_user632862 - PeerSpot reviewer
it_user632862Technical Account Manager at a computer software company with 201-500 employees
Real User

Thanks for your review and feedback. The changes in our products from Version 7 to Version 8 were significant and many customers asked for help making the transition. Not only did we move from a client-based to web-based user interface, we focused much of that UI on metric Dashboards with Key Performance Indicators (KPIs) and drill-down capability to explore those KPIs. One of our responses to the demand for help transitioning to Version 8 was to add a free, online, instructor-led Post-Migration training course available to all customers following their migration. Hopefully, you have been able to avail yourself of that training. If not, you can get more information from our User Center - along with links to topic videos.

it_user617394 - PeerSpot reviewer
3rd Line Senior Engineer (Security) at a comms service provider with 10,001+ employees
Real User
We use it to run reports that show unused tools and unused objects. Removing the CSV export functionality seems to me to be like a step backwards.

What is most valuable?

The security policy manager: We run reports regularly for the customer to show unused tools and unused objects, and to clean up the firewall policy.

How has it helped my organization?

Our firewall policies - we work under the standard ITIL framework - and project managers are very good at adding rules to allow their projects to work. However, they're not so good at coming back when the project is finished or the solution has been terminated and cleaning up the rubbish. So, if we don't use this product, we end up with thousands and thousands and thousands of rules, most of which aren't used.

What needs improvement?

I basically came on board to do the upgrade, which I've done. So, in the old product, we were able to get things out of the CSV file format and that allows you to then manipulate it, but now it's PDF mainly. Beforehand, we were able to take it into CSV and manipulate it in Excel, but now we can't do that anymore. A revert back on this would be good.

Overall, the product seems pretty good, but the fact that we've taken the CSV out now, that seems to me to be like a step backwards. They should be adding functionality, not taking it away.

For how long have I used the solution?

I only started using it literally about four months ago.

What do I think about the stability of the solution?

We haven't had any issues with stability yet. Well, we did during the upgrade, to be honest. So, when we did the upgrade, we had to get new versions written for us so that the upgrade worked. It didn't work just off the bat, but once we had that done, it worked fine.

What do I think about the scalability of the solution?

We haven't had any issues with scalability as we're not using that many devices reporting to it, so we haven't had any problems with scalability at all.

How are customer service and technical support?

I would rate technical support at around 7/10. I mean the reason for giving it a seven is the guy we spoke to over in Germany. He was quite good, but the problem was that it had to go back to the development team, which took a long time to get resolved.

So, basically what happened was, we raised a fault, we went through the upgrade with them and we were able to go to a particular version, as we were running a really old version; version six. We went to version seven but then stopped accessing the system. We then said to them, 'Well, how do we get to version eight?' The upgrade ping didn't seem to work. So they then had to go off and write us a new thing, but all that took months. Three months, four months and we were without access to that system for a long time.

Which solution did I use previously and why did I switch?

I don't think we used anything beforehand.

Which other solutions did I evaluate?

I think there has been an evaluation, but I wasn't party to it.

What other advice do I have?

I don't know what advice I would give to others. We are having a lot of problems with the licensing, to be honest. So, there's an issue with the UK and US date format.

When we renew our licenses, I don't know whether it's through our distributor or whatever, but they keep changing the format. In the American date format, you put the month first, then the date, then the year. In the UK we put the day first, then the month, then the year, and they keep flipping the dates over so we lose about three or four months on the licensing every time. We have to go back to our salesperson to get that fixed.

Also, when we did the upgrade, for some reason, we had enough licenses to start with but after the upgrade, we didn't. So, we didn't add any new devices, and we've got a thing in with the salesperson to find out why; what's changed there.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.

PeerSpot user
it_user633837 - PeerSpot reviewer
it_user633837Technical Account Manager at FireMon
Real User

Thank you for taking the time to review our product. I am very glad to hear that Security Manager has helped you with your rule cleanup efforts! I do understand your frustration in migrating to version 8 of our software. It is a major leap in functionality and the upgrade process (especially all the way back from version 6) could be challenging at times.

Regarding CSV format in reporting, although it is less available in reports, CSV is one of the primary export formats for SIQL queries. If you can query it in SIQL in Security Manager, you can export it to a CSV. That said, there are certainly canned reports where this used to be an option and isn't anymore. If you haven't already done so, please reach out to your Customer Success Manager or Sales Engineer here at FireMon to get an RFE created. If you don't don't who your CSM or SE are, definitely open a Support ticket asking them to reach out to you.

At FireMon we take pride in our solution and the value that it brings to your environment. We look forward to continuing to work with you and your team in the future.

it_user620586 - PeerSpot reviewer
Works at a financial services firm with 501-1,000 employees
Vendor
The Security Manager is the most valuable feature. It's been pretty stable.

What is most valuable?

The Security Manager is the most valuable feature.

How has it helped my organization?

It helps us eliminate rules that are not needed on the firewall and to consolidate them. It saves us a lot of time and makes my work easier.

What needs improvement?

Make writing the reports easier. There's a lot of canned reports and if you want to write a specific report that you're interested in looking at, it's rather hard because I'm not a programmer. I don't know all the programming languages needed to do that. I can look at what reports exist and try to take that and kind of change it to something that I want to see and it doesn't always work. It's not real easy to do.

For how long have I used the solution?

I have been using FireMon for about six months.

What do I think about the stability of the solution?

It's been pretty stable.

What do I think about the scalability of the solution?

I have not had any scalability problems at all.

How are customer service and technical support?

We have called them and they've always been really helpful. They've resolved our issue in a timely manner. I would rate them a 4/5.

Which solution did I use previously and why did I switch?

We didn't have any other solution. This is the first of its kind.

How was the initial setup?

Setup was straightforward. The instructions were really simple. We put in the basic information and then they scheduled some time with us to go through the setup and walk us through each one of the screens, what they do, what to look for and things like that. They kind of gave a little bit of a training class or training session.

What's my experience with pricing, setup cost, and licensing?

They set a round of what we wanted to see. They didn't just come in and say, "Here's how it works", because different companies are different. Different companies want to use it in different ways, so they found out what we wanted and helped us set the training up to look at things that we want to be able to use it for. That was nice.

Which other solutions did I evaluate?

We didn't evaluate any other products.

What other advice do I have?

I think it's a good product. It's very stable. It's quick and it's easy to learn. It's easy to run reports. There are a lot of reports that you can run. That helps the management of your firewall.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.

PeerSpot user
SecArch3081 - PeerSpot reviewer
SecArch3081IT Security Consultant and Platform Architect at a pharma/biotech company with 10,001+ employees
Real User

Be careful with the "clean-up" report recommendations. Firemon tends to recommend deleting the hidden or shadowed rules, but those are often the more restrictive (better) rules, shadowed by an overly permissive rule at the top. Consider removing the top rule, and keeping the more restrictive policies.

See all 2 comments
Buyer's Guide
Download our free FireMon Security Manager Report and get advice and tips from experienced pros sharing their opinions.
Updated: May 2025
Buyer's Guide
Download our free FireMon Security Manager Report and get advice and tips from experienced pros sharing their opinions.