
Overview
Hyper Scale Security for your Hyper Scalable Clouds Whether your data and applications are stored on premises, in the data center, or public clouds (or a combination of all three), organizations still need to meet their requirements of security, control, compliance, and governance by themselves. The on-demand nature of public clouds such as AWS naturally means that workloads move and regroup, where maintaining continuous visibility and control over the rapid changes calls for expert intervention. Common security challenges include: Centralized visibility and threat management for your hybrid environment Deploy applications and workloads securely Manage access & control privileges to cloud and on-premises workloads Secure data transfer, data migrations Accomplish all of the security deployments at the pace and scale demanded by cloud architectures
Highlights
- FireMon can easily create, maintain, and distribute policies in highly dynamic networks, as well as scope the impact of proposed changes to your security. By automating & orchestrating, Security Manager ensures your ability to operate at scale across cloud, virtual and hybrid environments.
- Through traffic flow analysis, FireMon tracks behavior across your network to identify which applications are being used. You can correlate vulnerability scans with access path analysis to trace every available path across the network to reduce your attack surface with a defined remediation.
- Automated compliance assessments help you validate your configuration requirements and alert you to violations. Security Manager out-of-the-box audit ready and customizable reports saves time and gives you the confidence to meet your regulatory and internal security demands.
Details
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide

Financing for AWS Marketplace purchases
Pricing
Vendor refund policy
Please see seller website for refund details.
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
Before launch, in the AMI configuration settings, you must add additional volume to prevent launch failure.
Add Storage tab, click Add New Volume and in the Size field enter at least 600. Do not change the Root Volume Type.
Complete FMOS Initial Setup after launch:
- Open a web browser.
- Navigate to https://<hostname>:55555/setup, replacing <hostname> of the SIP instance running in AWS with the IP or the hostname.
- In the Authentication dialog box-Username is fmosadmin- Password is the EC2 Instance ID- Click Submit
- After authenticating, complete the required fields in the FMOS Initial Setup form. The username is read-only and cannot be changed, but you can update the password.
- After submitting the FMOS Initial Setup form, FMOS will begin the deployment process.Log in to SIP after deployment:
- Open a web browser tab.
- Enter the IP address of your SIP/AWS instance.
- Enter your username and password.
- Username is firemon (case-sensitive)
- Password is the MAC address for the instance
- Click Log in. For details, see: https://www.firemon.com/wp-content/uploads/AWS-AMI-Launch-and-FMOS-Install.pdf
CF template Usage Instruction: 1.Go to AWS marketplace subscription and Launch cloud formation teamplate. 2.Choose Action 'Launch Cloud formation' and click on Launch 3.Enter Stack Name. 4.Enter all mandatory fields in Parameters. VPC ID Subnet ID Instance Type Key Pair Name IP address Volume Size FMOS username 5.Specify Ecosystem in "Machine Configuration". 6.Add Organization Name. 7.Click Next. 8.Review: Review all sections entered and click Next. 9.A new stack with above Stack Name is created with status "CREATE_COMPLETE". 10.Go to EC2 Dashboard, a new instance is created. 11.After the deployment process completes, you can log in to Security Intelligence Platform to continue setting up your network, such as adding users and devices. a. Open another browser tab. b. Enter the IP address of your AWS instance, For example, https://<hostname_or_IPaddress>;. c. Enter your username and password: Username is firemon (case-sensitive) Password is the MAC address for the instance with colons removed and lowercase letters instead of uppercase letters. For example, a MAC address of 00:05:95:A1:2B:CC would be 000595a12bcc. This is a one-time password to use at first installation and will need to be reset after initial login. Click Log In
Resources
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Customer reviews
Automated firewall reviews have improved compliance and reduced misconfigurations
What is our primary use case?
FireMon Security Manager is mainly used for analyzing firewall configuration and rules. It is primarily for firewall analysis and configuration analysis of the firewall.
We work with FireMon Security Manager as a service provider. Our customers have it, but we use FireMon Security Manager on behalf of them.
We use FireMon Security Manager mainly for the on-prem environment, and we primarily use it for our on-prem firewalls.
We are not using FireMon Security Manager for SASE integration right now. We are just using it for firewall management.
We do use FireMon Security Manager for real-time compliance management primarily for that purpose, so we do have a positive impression of that because it can map the compliance against various standards available such as ISO 27001 or PCI DSS. That helps us in automating that compliance check on these firewalls.
We are not using FireMon Security Manager in an automatic fashion for compliance checks. We run it manually and run the tool periodically. We have not kept it for continuous scanning of the environment. However, whenever we run the tool, we do get a warning or an alert saying that this is a firewall rule that will potentially violate, for example, PCI DSS compliance.
FireMon Security Manager does affect our cleanup of firewall rules in a large enterprise environment because it helps us in identifying which rules are remaining unused since the previous FireMon Security Manager check. That helps us in prioritizing and saying that these are so many unused rules and why don't we clean them up.
What is most valuable?
One advantage of FireMon Security Manager is that it analyzes the firewall configuration against known standards. If there is a known firewall standard or configuration standard in NIST or any of the audit or compliance requirements such as PCI or ISO 27001, it can analyze the firewall configuration against those standards and give us a report of where we are missing so that we can comply with those standards as well.
FireMon Security Manager can also connect to multiple types of firewalls with different vendor firewalls. We use a multi-vendor firewall environment, and the advantage of FireMon Security Manager is that it can connect to different vendors that we use in the environment.
FireMon Security Manager helps to prioritize risks and prioritize fixes. When it points out errors or misconfigurations, it gives us a rating saying that this is a high critical misconfiguration which needs to be fixed first, versus a low-rating misconfiguration which might have a less or reduced impact and which we can fix later on.
We do observe a decrease in errors and misconfigurations that increase risk in the environment with FireMon Security Manager. It points out errors, so we mainly use it for that purpose. We don't use it to manage the firewall, but we use it for analyzing the firewall configuration that will reduce the risk and any kind of errors that are there in the firewall. We could say there is about a twenty percent decrease in errors and misconfigurations due to FireMon Security Manager. The reason is we were using some other tool earlier, so we had done quite a bit of improvements on the firewall. Once we introduced FireMon Security Manager, it found new areas where we could improve and there is about a twenty percent improvement.
FireMon Security Manager does affect our compliance reporting processes. It helps us automate reporting and prioritize all those compliances. This way, it is quite useful.
What needs improvement?
I think there are some disadvantages and areas for improvement. What is limited or has no capability in FireMon Security Manager is integration with all the cloud-based firewall native vendors. For example, in Azure or in AWS , if you have a Palo Alto firewall, FireMon Security Manager will work fine. However, if you use Azure 's own native firewall or AWS 's own native firewall capabilities, FireMon Security Manager does not have the ability to analyze the policy of such native cloud-based firewalls. That is a disadvantage that we are seeing because we are also using more and more native services rather than going for third-party services in the cloud environment.
The second disadvantage we see with FireMon Security Manager is some vendors which are now becoming popular, such as Cato Networks . We have one customer who uses Cato quite extensively, but we are not able to use FireMon Security Manager for them to do the policy analysis because it doesn't work with Cato.
For how long have I used the solution?
I started working with FireMon Security Manager approximately a year ago.
What do I think about the stability of the solution?
Stability-wise, FireMon Security Manager is not a problem. It is approximately a ninety-nine percent stable product.
What do I think about the scalability of the solution?
We haven't used FireMon Security Manager in a highly scalable manner, so when we factored it in, we haven't really tested its scalability. I am not aware of the scalability of the product or whether it can support thousands of firewalls. We do use it for hundreds of firewalls today, but not in the thousands. I am not sure on scalability.
How are customer service and support?
Customer service from FireMon Security Manager is good in terms of responding to any issues or any errors that we face. In terms of using the product as is and its customer support, I would say it is good enough. I would rate support at about an eight on the scale from zero to ten, with ten being the best.
Which solution did I use previously and why did I switch?
We were using some other tool earlier. We had done quite a bit of improvements on the firewall. Once we introduced FireMon Security Manager, it found new areas where we could improve and there was about a twenty percent improvement.
How was the initial setup?
Deploying FireMon Security Manager is quite easy to deploy.
What about the implementation team?
We bought FireMon Security Manager directly from a reseller. We did not buy it through AWS Marketplace .
What was our ROI?
FireMon Security Manager is worth buying and worth its money in terms of return on investment. As long as you have the firewalls in your environment which are supported by FireMon Security Manager, it is worth the investment.
What's my experience with pricing, setup cost, and licensing?
It does save time and money both because otherwise you would have to review the firewall configuration by hand or manually, whereas FireMon Security Manager automates it. In terms of money, you will have to reduce the number of people who are involved in the firewall review. FireMon Security Manager is also a lower-cost product than AlgoSec .
Which other solutions did I evaluate?
I am comparing FireMon Security Manager to a product such as AlgoSec , something which operates in the same market. AlgoSec is one big example where we did an evaluation.
What other advice do I have?
Cost-wise, it is very competitive if I compare it with its peers. The pros are that in terms of the tool capability, it is as good as any of the best of the market tools and cost-wise, it is lower. FireMon Security Manager is affordable compared to its competitors.
Time-wise, I am not sure how to measure it, but from a procurement perspective, because this is procured by the customer directly, we don't have visibility in terms of what was used and what was the cost of AlgoSec versus FireMon Security Manager. However, from a product perspective, our recommendation was that both were equal, and FireMon Security Manager slightly better. Cost-wise when FireMon Security Manager was better, I think the client went with FireMon Security Manager itself.
When I mentioned time saving, I meant that it saves time for when accurately creating, approving, and deploying firewall policies.
What organizations should remember is primarily to look at the compatibility of FireMon Security Manager with the firewalls that they have in their respective environments. In their environment, if they have only, for example, Palo Alto, Cisco, or FortiGate firewalls, and all of them are supported by FireMon Security Manager, however, if they use a very unusual firewall or a cloud-native firewall, they should check whether FireMon Security Manager supports those firewalls and then take a call accordingly. My overall rating for this product is eight out of ten.
Centralized firewall oversight has improved compliance and reduced configuration errors
What is our primary use case?
FireMon Security Manager is used to centrally manage multiple firewalls, enforce security policies, monitor threats, and simplify day-to-day firewall administration.
FireMon Security Manager allows us to manage multiple firewalls from a single console, making policy updates and monitoring very easy, and troubleshooting much faster and more consistent.
FireMon Security Manager is deployed in our organization on-premises within our data center.
What is most valuable?
The best features of FireMon Security Manager are centralized policy management and security policy analysis, which is very useful, along with compliance reporting and clear visibility across all the managed firewalls. These features help us to simplify firewall management and improve security.
FireMon Security Manager has positively impacted our organization by improving our firewall management by increasing visibility, reducing configuration errors, streamlining policy changes, and helping maintain compliance.
What needs improvement?
FireMon Security Manager could be improved with a more user-friendly interface. Otherwise, the performance and the deployment are perfect.
For how long have I used the solution?
We have not switched solutions; we started with FireMon Security Manager only.
What do I think about the stability of the solution?
FireMon Security Manager is a pretty stable solution.
What do I think about the scalability of the solution?
Scalability-wise, FireMon Security Manager is a very good solution that can handle our organization's growth.
How are customer service and support?
Customer support for FireMon Security Manager is very supportive, and they are able to provide support and troubleshoot issues at any time.
Which solution did I use previously and why did I switch?
We have not evaluated other options before choosing FireMon Security Manager.
What was our ROI?
FireMon Security Manager provides a very good return on investment because we are able to save our time and money.
What other advice do I have?
FireMon Security Manager helps reduce configuration errors by identifying duplicate, unused, and overly permissive firewall rules before changes are implemented. This reduces the risk of misconfiguration and keeps security policies consistent across all firewalls.
Regarding FireMon Security Manager's AI capabilities, its governance and security appear very well-designed. They provide controlled access, support compliance, and policy validation, which is very helpful.
The data that FireMon Security Manager provides is very accurate and reliable, with reliable output.
I recommend clearly defining your firewall management and compliance requirements before deploying FireMon Security Manager and taking advantage of its policy analysis and compliance features. This will help the organization to achieve a compliance-ready environment and gain proper visibility.
I rate this product 9 out of 10.