Automated policy analysis has reduced audit time and improves compliance across multi-vendor firewalls
What is our primary use case?
My main use case for FireMon Security Manager is continuous firewall policy monitoring and compliance management, and I typically use this solution for analyzing firewall rules across multiple firewalls such as FortiGate or Palo Alto, identifying risky or non-compliant configurations and maintaining a clean and optimized rule base.
A specific example of how I use FireMon Security Manager for firewall policy monitoring or compliance management is that I regularly audit firewall rules. FireMon scans policies across devices, highlights unused rules, overly permissive access, and any rule that violates compliance, allowing me to review and clean up rules based on its recommendations.
What is most valuable?
The best feature FireMon Security Manager offers is the policy analysis feature, as it deeply inspects the firewall rules, and it also works with different firewall brands, making these two things very useful.
FireMon's deep inspection of firewall rules helps me in my daily work by deeply analyzing the firewall rules of all the firewalls integrated with the solution, evaluating the logic and behavior of the rule base, including rule usage, such as rule relationships and whether any shadow or redundant or overlapping rules are present, and it provides the risk level of open ports defined by any rule or exposure, making its compatibility with different firewall brands significantly beneficial for my team.
FireMon Security Manager has positively impacted my organization by being helpful in analyzing firewall policies, better controlling risks, reducing risky configurations, and improving the compliance readiness environment.
It improved compliance readiness as I have seen a better environment and found the solution enables faster policy reviews, typically involving less time in this solution because it works automatically, meaning I do not have to do anything manually.
What needs improvement?
FireMon Security Manager is working well and providing great features with full visibility across all firewalls, so I do not see any improvement needed at this time.
For how long have I used the solution?
I have two years of experience using FireMon Security Manager.
What do I think about the stability of the solution?
FireMon Security Manager is stable.
What do I think about the scalability of the solution?
FireMon Security Manager's scalability is excellent, as it can handle multiple firewalls at a time.
How are customer service and support?
Customer support is excellent in their technical knowledge, and they are able to solve complex technical issues.
I would rate customer support a nine out of ten.
Which solution did I use previously and why did I switch?
I have not switched from a different solution, as I have been using FireMon Security Manager since the beginning.
What about the implementation team?
I purchased FireMon Security Manager through the AWS Marketplace.
What was our ROI?
I have seen a great return on investment, as I am able to save time for my team along with money savings.
I have seen that audit preparation has been reduced to a few hours compared to previously taking days or weeks, resulting in almost 60 to 70% time savings, and it has reduced the efforts in rule analysis and cleanup by 40 to 50%.
Which other solutions did I evaluate?
I have not evaluated other options before choosing FireMon Security Manager.
What other advice do I have?
My advice to others looking into using FireMon Security Manager is that any mid-sized organization with a hybrid environment, especially those with multi-vendor firewalls, should consider this solution as a game changer, as it helps in compliance readiness, policy analysis, or policy cleanup, so I highly recommend considering this solution as one of the best options. I would rate this solution an eight out of ten overall.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Automated risk analysis has reduced review time and improves firewall policy compliance
What is our primary use case?
My main use case for FireMon Security Manager is Firewall Policy Management and Compliance Monitoring. We mainly use it to do our review, identify risky rules, and unused rules.
What is most valuable?
The best features that FireMon Security Manager offers are Risk Analysis and Rule Validation, Continuous Compliance and Monitoring, Policy Change Automation, Rule Usage and Traffic Visibility, and Centralized Multi-Firewall Management.
I find myself using the Risk Analysis and Rule Review feature the most. It automatically flags over-permissive, unused, or conflicting firewall rules and prioritizes them so I can quickly fix high-risk policies. This brings the most value because it continuously evaluates the policies and highlights vulnerabilities in real-time, helping reduce misconfiguration and maintain compliance without manual reviews.
FireMon Security Manager positively impacts our organization by improving visibility, reducing risk, and simplifying compliance. It continuously analyzes the firewall policies, identifies high-risk or unused rules, and helps fix misconfiguration before they cause issues. It also improves audit readiness and operational efficiency by automating compliance checks, generating reports, and reducing manual review work, which helps us maintain a stronger security posture.
What needs improvement?
As of now, I am satisfied with FireMon Security Manager, and there is nothing to add at this time. However, in the future, if I identify something that needs to be added, I will update my review and let others know who are considering purchasing this solution.
Customer support for FireMon Security Manager is neither good nor bad, but they can improve.
For how long have I used the solution?
I have been using FireMon Security Manager for almost a year.
What do I think about the stability of the solution?
FireMon Security Manager is very stable.
What do I think about the scalability of the solution?
FireMon Security Manager is a highly scalable solution.
How are customer service and support?
Customer support for FireMon Security Manager is neither good nor bad, but they can improve.
Which solution did I use previously and why did I switch?
We have not used any solution previously.
How was the initial setup?
My experience with pricing, setup cost, and licensing for FireMon Security Manager is that these three parameters are very smooth and straightforward since this particular FireMon solution is used by enterprise customers, so it is very straightforward and quite simple.
What was our ROI?
I am not the right person from a technical background regarding return on investment metrics. I will say that time saving is a major factor in this case, as I mentioned in my review.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing for FireMon Security Manager is that these three parameters are very smooth and straightforward since this particular FireMon solution is used by enterprise customers, so it is very straightforward and quite simple.
Which other solutions did I evaluate?
We have not evaluated any other options before choosing FireMon Security Manager.
What other advice do I have?
For example, I ran a daily task and a daily risk report in FireMon Security Manager that flagged a rule allowing any source to a service subnet. I reviewed the usage, confirmed it was too broad, and tightened it to the specific IPs and ports to reduce the risk.
FireMon Security Manager has saved our team a significant amount of manual review time. For example, rule reviews that used to take three to four hours manually are now done in thirty to forty-five minutes or less using automated risk and usage analysis. We also reduced unused firewall rules during cleanup, which improved policy clarity and lowered risk. Overall, it helps speed up audits, reduce manual efforts, and improves firewall hygiene.
If you are looking for a good solution such as FireMon Security Manager, then you should improve or increase your budget. I would rate this product an eight out of ten.
Strong visibility and control over firewall policy management
What do you like best about the product?
Users frequently appreciate that it doesn’t just list rules—it analyzes them for over-permissioning, unused rules, and potential attack paths. That “risk scoring + context” is often cited as more useful than basic audit tools.
What do you dislike about the product?
Steep learning curve / complexity
A common complaint is that the platform can feel complex to fully master, especially for new users or teams without prior policy management tooling experience. Advanced features (like optimization, reporting, or workflow tuning) often require significant product knowledge.
Some users also note that while the UI is usable, deeper functionality isn’t always intuitive and takes time to configure properly.
What problems is the product solving and how is that benefiting you?
“We have too many firewall rules and no one fully understands them”
Over time, rules accumulate across firewalls, cloud security groups, and vendors. This leads to:
Duplicate or conflicting rules
Orphaned/unused access
Overly permissive “temporary” rules that never get removed
Real-Time Visibility and Compliance for Complex Multi-Cloud Firewalls
What do you like best about the product?
Is a solution designed to automate firewall rule management, enforce compliance, and reduce risk across hybrid and multi‑cloud environments. It provides real‑time visibility, continuous compliance monitoring, and policy optimization, making it especially valuable for enterprises managing complex, multi‑vendor firewalls.
What do you dislike about the product?
Improve more on Insight part such as assist create Assessment and control on FireMon
What problems is the product solving and how is that benefiting you?
FireMon Policy Manager benefits organizations by improving operational efficiency, reducing misconfigurations, and ensuring continuous compliance across hybrid and multi cloud environments.
Makes Managing Multiple Firewall Devices Easy
What do you like best about the product?
It helps me manage multiple types of firewall devices.
What do you dislike about the product?
One of the biggest challenges I’ve had with Policy Manager is how complex it can be to visualize and manage large rule sets. The platform would also benefit from stronger automation and more AI-driven capabilities to cut down on manual work. Integration with external systems, along with more flexible reporting options, are additional areas where improvements would make a noticeable difference and significantly enhance operational efficiency.
What problems is the product solving and how is that benefiting you?
Policy Manager helps us tackle the complexity of managing large-scale, multi-vendor firewall policies by giving us centralized visibility and deeper analysis. It flags risky, redundant, and unused rules, which helps us reduce our attack surface and keep the policy base clean and well maintained. It also streamlines compliance and audit work through automated reporting, and supports better change management with impact analysis before updates are made. Overall, it improves our operational efficiency, lowers risk, and strengthens our security posture.
Effortless Policy Management with Minor Reporting Hiccups
What do you like best about the product?
I really like the Policy Manager for its ease of use and how it keeps everything for unified network security policy management all in one place. I'm quite happy with how it operates currently.
What do you dislike about the product?
I have challenges with the report. The reporting UI could be more user-friendly.
What problems is the product solving and how is that benefiting you?
I use Policy Manager for unified network security policy management, with all details in one place, making it easy to use. However, I face challenges with the reporting UI not being user-friendly.
Love the Reporting Features
What do you like best about the product?
Getting the customized report as required
What do you dislike about the product?
Not getting the exact report which is required
What problems is the product solving and how is that benefiting you?
It helps to clean up the unused firewall rules as well as objects. Also helps in optimizing the policies.
Real-time visibility and powerful automation to keep everything under control
What do you like best about the product?
What I value most is the real-time visibility and centralized management, because it allows me to have everything under control from a single place. It also highlights the very powerful automation of changes and compliance, which reduces manual work and helps maintain order. Finally, the proactive risk analysis provides peace of mind by anticipating potential problems before they escalate.
What do you dislike about the product?
The learning curve is quite steep. Additionally, the interface can be overwhelming, especially at first. I have also noticed high resource consumption, which affects the user experience.
What problems is the product solving and how is that benefiting you?
1. Incorrect configurations and risky rules.
2. Lack of centralized visibility.
3. Manual change management: slow and error-prone.
4. Audits and compliance that can take weeks.
5. Accumulation of rules over time.
6. Slow response to incidents.
Great ACL Analysis That Highlights Overly Permissive Rules
What do you like best about the product?
The analysis of existing ACL's and the ability to highlight overly permissive rules that require more configuration to make more secure.
What do you dislike about the product?
Some of the analysis output organization can be a little confusing.
What problems is the product solving and how is that benefiting you?
We require constant auditing of our firewall policies for compliance purposes and Firemon perfectly addresses this requirement.
Keeps Our Security Devices Clean and Organized
What do you like best about the product?
It help to keep my security devices clean
What do you dislike about the product?
Need more accurate report of rule which we want to export.
What problems is the product solving and how is that benefiting you?
It help me to get the unwanted rules from the security devices and also help me to monitor any unwanted changes in the firewall.
