Our main use case for FireMon Security Manager is centralized firewall policies, visibility, and risk management in a large environment with close to 200 firewalls. FireMon Security Manager helps us identify risky or unused rules, maintain compliance, and support audit without manual policy review.

On a day-to-day basis, we use FireMon Security Manager to review firewall rules, changes, and identify unused or risky rules. For example, before or after a change window, we run policy analysis to check overly permissive access and confirm whether the rule is still required. This helps us reduce risk and stay audit-ready in the large environment. We use FireMon Security Manager daily to analyze rule changes, spot unused rules, and prepare clean reports for audit without manual checks.

FireMon Security Manager helps standardize firewall policies and review access. Instead of relying on individual firewall expertise, we use FireMon Security Manager as a single source of truth to consistently assess risk, track changes, and support compliance in large, regulated environments.

The best features of FireMon Security Manager are centralized firewall visibility, policy risk analysis, and compliance reporting. It provides a single view across all firewalls, helps quickly identify risks and unused rules, and generates audit-ready reports, which is extremely useful in large, regulated environments. Change tracking is also very helpful, as it shows who changed what and when, reducing the risk of misconfiguration.

The change tracking feature has helped our team by giving clear visibility into what rule was changed, when it was changed, and whether it introduced any risk. This has reduced troubleshooting time and helped us quickly validate changes during audit and incident review. Policy risk analysis and unused rule identification are also very valuable, especially in large environments, as they have helped us continuously reduce risk and keep firewall policies clean.

The reporting and dashboard visibility are worth highlighting. FireMon Security Manager makes it easy to share clear, understandable reports with auditors and management, which saves time and reduces back-and-forth during review.

FireMon Security Manager has had a very positive impact on our organization by reducing manual effort and improving overall security posture. It helped us gain centralized visibility across a large firewall environment, reduce risk and unused rules, and significantly shorten the time required for audit and policy reviews. It has also improved change control and accountability, which reduced configuration errors and operational risk.

FireMon Security Manager is a strong platform. However, it could be improved with a more intuitive user interface and faster initial onboarding for new users. Simplifying some workflows and dashboards would help teams get value more quickly, especially in large environments. More guided recommendations for rule cleanup would also make day-to-day operations even easier.

I have been using FireMon Security Manager for the last 1.5 years.

I have not faced any issues with FireMon Security Manager. It has been more than one year and the solution is still running perfectly fine.

We are managing a large number of firewalls with the client where the solution is installed. As the environment grew, FireMon Security Manager continued to handle policy analysis, reporting, and change tracking reliably without performance issues. Even with the increased workload, the platform remained stable and consistent, which is critical in large, regulated environments.

The customer support is outstanding.

We have seen a clear return on investment with FireMon Security Manager. It significantly reduced the time spent on manual firewall policy review and audit preparation. Tasks that earlier required multiple team members and several days can now be handled by fewer people in a much shorter time. The biggest ROI has been time savings and operational efficiency rather than direct cost savings. It allows the same team to manage a much larger firewall environment without increasing headcount.

Since using FireMon Security Manager, we have seen a clear reduction in manual effort. Firewall policy reviews and audit preparation that earlier took days now take a few hours, especially when dealing with a large number of firewalls. This has helped the team focus more on analysis and decision-making instead of manual rule checking. It significantly reduced the time spent on manual policy reviews and audit preparation, making the process faster and more efficient.

Our experience with FireMon Security Manager's pricing and licensing is that it is on the higher side, but justified for a large, regulated environment. The setup cost and licensing made sense given the scale, compliance requirements, and the value it delivers in reducing manual effort and audit risk.

I evaluated several solutions available in the market, including Tufin and AlgoSec. However, I would not recommend any other solution besides FireMon Security Manager.

My advice would be to clearly understand your firewall scale and compliance requirements before deployment. FireMon Security Manager delivers the most value in large or regulated environments, so proper planning, clean onboarding, and stakeholder alignment will help you get benefits faster. It works best at scale, so plan the deployment properly and align it with audit and compliance goals. FireMon Security Manager is a strong choice for large environments, especially where compliance and audit readiness are critical. I rate this solution an 8 overall.

Whenever I have a project or implementation, I use FireMon Security Manager for firewall cleanup or reporting. When I have an assessment project, I need to ensure the complexity of the firewall rules and identify unused rules from my side. It helps me to generate these reports and clean up the firewall itself.

It automatically warns us when new firewall rules, and changes to existing ones, violate compliance policies before they are deployed. This is important because I need to know who made the changes or when a change was made. It helps with tracking.

It has helped with the compliance reporting processes in an effective way.

It has helped to clean up firewall rules to some extent. It is not 100% percent but meets the needs.

It has decreased errors and misconfigurations that increase risk in an environment. There has been about a 90% reduction.

The most valuable feature for me is its capability for cleanup and managing the complexity of security products. It provides me with performance indicators like the complexity of the device itself and also identifies unused rules. In time, it helps in an effective way.

A feature that could be improved is support for more devices, not just the firewall. It would be beneficial if they expanded to other devices like switches, routers, and other security devices, perhaps including proxies. Although I know it supports F5 LTM, supporting more products would be advantageous.

I have been working with it since 2015, but I do not use it frequently. I sometimes implement it for a customer and use it when needed.

Sometimes, there is a problem related to the sizing itself. If we have many devices added or if the firewall complexity is huge, we might experience some lag in processing. It may relate to the hardware specifications.

If we need to add more devices or more FireMon instances, I believe scalability is good from their side.

I have contacted customer service, but it was a long time ago.

I have worked with alternatives such as AlgoSec. FireMon is more user-friendly and has better reporting.

The setup is easy. I do not remember the exact details, but it does not take too much time, one or two days maximum.

Its pricing is good. Compared to others, it is not so expensive.

For those looking to buy this solution, it is important to study the devices to be added to ensure correct specifications or hardware. This will satisfy their needs and expectations from FireMon. If there are many devices to be added, they should consider the appropriate hardware specs and VM.

Overall, I would rate this solution a nine out of ten.

FireMon Security Manager is a highly intelligent and useful device that consolidates all our security policies, including those for Zscaler proxies, into a single console. This centralized view eliminates gaps and inconsistencies between policies, simplifying policy review and analysis.

FireMon Security Manager is excellent for real-time compliance management. It allows us to quickly retrieve any policy needed for testing and easily analyze it for loopholes. If a loophole exists, FireMon provides comprehensive details within the policy manager.

It alerts us to firewall rule additions or changes that violate compliance policies. It supports various firewall platforms, including Checkpoint, Zscaler, Fortinet, Cisco, and AWS, and provides centralized management for all configured policies through a single console.

FireMon Security Manager provides many features, like whether my firewall is compatible with required standards such as NTP and SNMP. Each compliance included in our RFPs is shown in the UI of FireMon. It gives robust and clear dashboards, making it easier to understand risks because the policies have ratings showing usage, and the number of hit attacks.

It streamlines our compliance reporting processes by providing comprehensive risk and compliance assessments. It offers a range of features, including verification of firewall compatibility with protocols like NTP and SNMP, and detection of signal charges. FireMon effectively addresses all compliance requirements outlined in our RFPs. For instance, it can determine if firewalls or proxies within a stack are configured in Secure Mode or Active-Active mode. FireMon Security Manager enables us to generate reports on all these aspects, ensuring thorough compliance monitoring and documentation.

FireMon Security Manager is robust and can help automate firewall policy changes across large multi-vendor enterprise environments.

FireMon Security Manager helps automate firewall policy changes across various environments, including on-premises, cloud, hybrid, SASE, and SD-WAN. It also simplifies cleaning up firewall rules in our environment.

The time required to accurately create, approve, and deploy firewall policy rules has been reduced. Tasks that took 30 minutes can now be completed in just five minutes using FireMon.

FireMon provides immediate visibility into our policies through a robust and clear dashboard, making it easy to identify errors or misconfigurations based on the policy rating.

FireMon Security Manager is a fast and intelligent device that delivers results in under ten seconds, even with thousands of policies. Its user-friendly interface allows for easy viewing and searching of network policies, including proxies, all on one console. By eliminating loopholes between policies, it simplifies review and analysis, while also automating policy changes and supporting multiple vendors. The system provides alerts and notifications for streamlined implementation and features a robust dashboard for clear risk assessment.

Although configuration is not the most difficult aspect of FireMon, a basic understanding of cloud computing and firewall principles is necessary for successful implementation. Therefore, simplifying the configuration process would be a significant improvement.

The support response time has room for improvement.

I have been using FireMon Security Manager in the testing phase for six to seven months.

I would rate the stability of FireMon Security Manager nine out of ten. It provides a stable environment with excellent scalability.

I rate the scalability of FireMon Security Manager a nine out of ten. It offers extensive scalability options, providing more flexibility than other vendors.

The technical support is good, but sometimes it takes some time.

The deployment required some additional knowledge and took eight to nine days, but my team handled it efficiently.

My team, consisting of around 20 people, handled the deployment because not everyone had access to the firewall policy manager.

Other vendors have policy managers, but they are not as fast as FireMon Security Manager.

I would rate FireMon Security Manager nine out of ten.

I recommend FireMon Security Manager because it consolidates all devices into a structured serial and single port.

I use FireMon in my work. I work in security and compliance, so I use it to monitor security and compliance within the firewalls.

The most effective feature is the general reporting on compliance. It has helped me bring all the firewalls into better alignment with the compliance requirements in my environment. The general long-term compliance monitoring has been the most beneficial aspect to me.

For one company I work with, I use Fortinet, and FireMon is not able to understand the zones that Fortinet uses. Part of that compliance piece does not provide me with the necessary information. Another company I work with uses Meraki as a firewall system, and in this case, FireMon can see everything much better and provides me with a fuller report.

I have used the solution for two years.

In terms of stability, FireMon has been stable. I have not had any problems in that regard.

I think the capabilities are good and potentially useful. The issue for me started with Fortinet not being able to see things correctly. It lost its appeal in terms of what it could do for me from a security standpoint, so I do not pay as much attention to it. I use other tools to focus more on the security side of things. If I have the time to look at Meraki, it might handle that better and be much more useful. I understand the concepts behind FireMon and what it does. If it can see and interpret everything correctly, it would do exactly what I want, and it would be very helpful.

Their technical support is an eight out of ten. It is not perfect, but I have high standards because I provide so much technical support within my enterprise. An average or no real appeal would be a five. An eight signifies they are doing a good job. They do not always have the answer, but I cannot expect everyone to always have the answer. As long as they eventually provide the answer, I am happy.

The setup was not complicated. It was pretty straightforward.

There were not any challenges. It was just straightforward.

Comparatively, FireMon has a very good price and is below the general competition in cost. I have not seen any additional fees beyond the general contract fees for the usage I have. So, I have not encountered any hidden costs.

I rate FireMon a seven out of ten. It is good, but I have not found it as useful as I hoped when I first evaluated it. This is generally because it does not interpret the Fortinet zones correctly, which diminishes its appeal. That is why I rate it a seven. However, looking at the Meraki side, it may do exactly what I expected initially.

We use Security Manager for firewall changes, monitoring, and audits.

FireMon makes it much easier for us to track firewall changes and perform audits. It has made our compliance process more efficient. Before we implemented FireMon we had to go into each individual firewall and check the rules. Now, we pull a report, and that's it.

We can monitor and implement changes across different firewall vendors. It lets us clean up our firewall rules regularly, which we do as part of our audit. It helps us save time managing firewall policies. We don't make changes to our firewall policies through FireMon, but we use it to track changes across various firewalls. It makes our internal processes more efficient and improves our visibility.

It reduces risks. Better visibility and cross-vendor integration give us more control and context about potential changes. Having a product for monitoring critical changes is crucial for our security posture.

I like the Security Manager console where we can see any changes that have been made or pull the results of an assessment and control the policies that we implement. That's useful for regular audits and monitoring some critical events we want to know about. We can configure alerts that notify us about policy changes. This is pretty beneficial for monitoring and helps us track changes in the projects.

We've had recurring issues managing FireMon's internal backups. Sometimes, the space allocated for the backup is full, and there is no process where it deletes files that are older than I certain date. It's just waiting for the storage to get full and then it's cleaned up. It isn't something that creates serious issues for us.

We have used FireMon for about two and a half years.

FireMon is more or less stable. We've had some issues with backups failing.

I believe that FireMon is scalable.

I rate FireMon support seven out of 10. It varies depending on who you get. We sometimes get a highly knowledgeable agent, but other times, it seems like we just go in circles. It sometimes takes them a while to understand what we want.

FireMon professional services helped us during deployment, and it was relatively straightforward. Deployment took us around two months.

FireMon is working on our project scope. We save some labor power on our side.

I rate FireMon Security Manager eight out of 10. It has many more features than we use, but we have a limited scope. I think we could've done more had we used that momentum when we were implementing it.

Even if you think having a firewall management solution isn't a priority, the FireMon can provide more visibility and make some tasks easier, faster, and more efficient.

We have a two-server system for web applications, and we utilize FireMon to manage our Palo Alto firewalls. We log in to FireMon for reporting and creating rules. Currently, I am working on a project that involves using FireMon to clean up some of our open rules.

FireMon is deployed on-premises.

The real-time compliance management is excellent. It's something we prioritize in our efforts to comply in real-time. We have established some rules following the PCI guidelines as we are currently working towards achieving PCI compliance. These rules serve as metrics for us to assess our progress. We believe that real-time capabilities are essential and exciting for our organization.

FireMon alerts us whenever there are new rules or changes to existing ones. I have set up some reports that arrive in my inbox daily, providing me with a summary. So, if there are any changes within the environment, I am notified. I believe that FireMon can also notify us before a change is made in our environment.

The compliance reporting process does not require much time or effort, as long as we know what we are doing.

FireMon helps automate firewall policy changes across large and multi-vendor enterprise environments.

FireMon provides us with a dashboard view that shows an overhead view of all our redundant rules, along with our own user rules. With this information, we can generate reports and focus on specific criteria we are interested in. By doing so, we can easily identify rules that are actively in use, while also being able to spot duplicates and other elements that aid in cleanup efforts.

FireMon helps us save time when creating, approving, and deploying firewall policies. For instance, when we deployed certain rules, they resembled penetration testing scenarios. The reports provided us with the capability to monitor activities in our network and effectively save time. Consequently, we could easily share these reports with the networking team, enabling them to promptly remove the identified rules, rather than having to conduct extensive and time-consuming investigations.

FireMon helps to reduce misconfiguration, which can increase risks in our environment by at least ten percent. For example, it achieves this by not deploying specific rules that are overly permissive.

FireMon assists in identifying risks within our environment and prioritizing fixes for those risks. This is an essential feature of our organization.

What I like about FireMon is the ability to track changes made by network engineers on the network. This allows us to run reports based on those changes. We can also track new rules to see if they comply with our standards. Additionally, we can identify rules that haven't been used or those that duplicate others excessively. FireMon enables us to create reports that provide valuable information for making changes within the system.

The dashboard in FireMon is excellent, offering an overview of our network's compliance and security index database, among other things. I have also used FireMon for risk analysis of policies, exploring the possibilities and findings. While primarily focused on cleaning up files for a project, I have utilized many features for removing redundant and unused rules.

However, I am aware that FireMon has even more to offer, such as understanding our network topology and conducting a comprehensive risk analysis. My current work mostly revolves around compliance, change management, and reviewing the alterations made.

FireMon could be made more user-friendly when it comes to creating filters or conducting traffic analysis.

I have been using FireMon for eight months.

FireMon is quite stable overall. However, there is one issue I encounter when attempting to run reports. Occasionally, it indicates that I do not have to report the web services. I'm uncertain if this problem is unique to our system or not, as it seems to be an ongoing concern. I have submitted several tickets, with five more related to this particular issue. Aside from that, FireMon remains stable and does not experience frequent downtimes. The only inconvenience arises when running reports, as it occasionally prompts an error, leading to a need for a web server restart.

The technical support is generally good, but they can sometimes be slow in responding.

I would rate FireMon a seven out of ten. There's a lot more I can gain from FireMon, as opposed to just running reports. I am particularly interested in automation and similar functionalities, but I haven't dedicated enough time to fully take advantage of all the features it offers.

There are ten of us using FireMon within our organization.

The maintenance we undergo for FireMon primarily involves upgrades. We have dedicated networking personnel and a development manager who oversees the maintenance.

I suggest spending a significant amount of time watching the videos; there are some beneficial training videos available. Additionally, it would be beneficial to arrange some sessions with their contact. I have an account and have been having sessions with my contact for five months.

Firewall policy clean-up management is undoubtedly a priority. If we have rules that are not correctly configured or overly encrypted, we expose our environment to numerous serious compromises, making it imperative to address this promptly.

We have a two-server system, application and web, and we're using FireMon for our Palo Alto firewalls and their logs, to help us create rules.

We're working on cleaning up our rules using FireMon as well, because we have a lot of live, open rules.

FireMon really helps save time with the reports that give you visibility into what's going on with your network. We were able to pull a report and give it to the networking team and they were able to remove those rules, as opposed to having to dig deep and spend hours on that.

It has also definitely helped decrease errors and misconfigurations. For example, we had certain rules that were overly permissive. We were able to redress those rules and make them more specific. We have seen at least a 10 percent reduction in misconfigurations.

I've been using the reports to see what is going on, and that is a helpful feature. We can track down unused rules, which helps with compliance. We can see rules that have not been used or that are duplicates or overly permissive. We can use FireMon to create reports and use that information to make changes within FireMon. I also like that we can track the kinds of changes that the network engineers are performing on the networks. We can run reports on that.

We have also set up alerts and reports that come into my inbox daily. That gives me a rundown of any changes that have occurred within the environment.

The solution has a good dashboard that gives you an overview of what's going on within your network in terms of compliance and the security index. The dashboard also gives you an outline of redundant and unused rules. You can run reports and make them a bit more targeted in terms of what you're looking for. That can help with the cleanup.

I've also dabbled in the Policy Analyzer to see what information I can get from that.

Some of the things that you want to do in FireMon are not exactly straightforward, like creating certain reports or controls. Some of the functions could be a little more user-friendly, such as creating certain filters.

For example, I was trying to do a traffic analysis and it can be a little tricky trying to change your firewalls on that profile. You almost have to create the entire thing over again. So there could be some enhancements in the user-friendliness.

I have been using FireMon for eight months.

FireMon is pretty stable.

There has been one issue when I try to run reports. Sometimes it gives me an error and I have to reboot the web services. I'm not sure if that's unique to us or an ongoing issue. I've opened quite a few tickets with FireMon on that.

Apart from that, it's pretty stable. It doesn't go down.

The support has been good. They have been slow to respond sometimes, but overall, it has been good.

Networking-wise, I used a number of different solutions, but I didn't use anything similar to FireMon before.

My advice would be to spend a good amount of time on the training videos. And if you can set up some sessions with your FireMon contact, that would also help. I do so many different things that I don't get enough time to spend on FireMon. I do use it pretty often, but maybe in terms of training, especially, there's a lot more I could gain from it, as opposed to just running reports. I could get into automation, for example.

In addition to what I've been using it for, I know there's a lot more within FireMon, like getting an understanding of your network topology, bringing many different points together, and analyzing the risk factors. FireMon also helps automate firewall policy changes across large, enterprise environments, but we don't have it set up to that yet.

Real-time compliance management is great. That's something that we are looking into and we have created some PCI rules. It's just a matter of learning how to make the reports. It's not very difficult at all.

The maintenance that we go through with FireMon is mainly upgrades. I'm the point of contact and we have a couple of networking guys who are hands-on as well.

Firewall policy cleanup is definitely a priority. If you have rules that are not properly configured or overly permissive, you open your environment to a lot of serious compromises.

We use FireMon for monitoring, reporting, and logging purposes.

FireMon's real-time compliance management is good.

The ability to evaluate the overall security measures of our organization is beneficial. However, not essential for small to medium-sized companies like ours. These features are also provided by OEMs. For example, Palo Alto and other firewall solutions offer similar features on their devices. This includes the ability to identify unused or excessively permissive rules.

Generating compliance reports is a straightforward process. These are auto-generated reports that are produced once we forward our traffic to the SIEM devices. The devices automatically generate standard compliance reports that we can customize if necessary. This feature is advantageous because it saves time and ensures that the necessary reports are generated.

FireMon can help organizations automate firewall policy changes across large multi-vendor enterprise environments.

FireMon can impact the cleanup of firewall rules in a large enterprise environment. With FireMon, it is possible to view shared rules and assign tasks to different users within our team. Additionally, tagging is available which allows us to easily revisit and save alerts on these rules. This feature is particularly useful for large organizations.

FireMon helps save us significant time by accurately creating, approving, and deploying firewall policy rules and eliminating duplicate rules.

FireMon helps us identify errors in misconfigured policies by displaying the errors in the dashboard allowing us to remove those rules.

The most valuable feature of FireMon is its ability to configure multiple devices and consolidate them into a single desktop, which allows us to manage all of our security devices, such as Palo Alto and Zscaler, from one place.

The training for configuring new users or operators is confusing because the UI is not user-friendly and has room for improvement.

The technical support team's responsiveness needs improvement.

I have been using FireMon for one year.

FireMon is extremely stable with zero downtime.

FireMon is scalable. The scalability is based on the number of licenses.

The technical support team is not promptly addressing any issues. As a result, it can take some time to have the tech engineers available when we require features to be enabled or configurations to be updated.

FireMon's initial setup is straightforward. Three individuals from our team and one engineer from FireMon's team participated in the deployment.

The implementation was completed by the professional services team.

I give FireMon a nine out of ten.

I recommend that prospective users thoroughly familiarize themselves with all the features and capabilities of FireMon before configuring it. This will help ensure that no features are overlooked and that all features are utilized correctly.

Firewall policy rule cleanup and management should be a top priority for all organizations. Improper configuration of these rules can pose a significant security risk. It is crucial to have knowledge of the allowed traffic, necessary policies, and unnecessary policies. Additionally, it is essential to monitor web traffic and accessed web port applications within the organization, including which users are accessing them. Configuring policies correctly is crucial to gaining control over malicious activity and user access.