Secure Passage FireMon v5.0
October 29, 2009
£10,000 for appliance-based starter kit
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: This is a great tool for managing firewall configurations and policy adherence
- Weaknesses: Limited device support
- Verdict: Manages supported products well and is an easy-to-use offering. Good PCI DSS documentation support
FireMon v5.0 is a distributed platform that actively monitors network devices and firewalls to provide configuration change control. It provides configuration and policy analysis supporting both compliance and risk reporting.
FireMon is an agentless solution and is delivered either as an appliance or a software download on a Windows server. There is an application server component that is loaded on a Windows server. There are data collectors loaded on the same server used to interface with the supported products for data exchange. FireMon comes complete with its own database backend for data storage. The GUI is loaded on any end-user station that wishes to access the server console.
The GUI was easy to use and well laid out. FireMon's change management capability supports change workflow, notification and visualisation. Other capabilities include policy analysis and policy optimisation. Policy analysis capabilities include policy test, which permits a user to virtually test how a firewall policy will behave under different traffic conditions. Policy optimisation is also available and includes rule usage statistics to identify unused rules and objects. This enables an organisation to clean up policies and reduce complexity, while improving firewall performance. An integrated policy planner and ticket tracking systems are also included. We liked the rule planner. This can provide an organisation with the tool to leverage good policy and procedures, while having a less costly resource make the changes.
We were impressed with the out-of-the-box compliance reports, including PCI analysis and risk reporting - such as Risky Rule analysis.
The out-of the box capabilities are complemented by an ability to add custom policy reports based upon specific policy requirements or unique compliance or analysis requirements.
The dashboard and reporting functions were great. The GUI made it easy to find and manage devices. The analysis and filtering capabilities provided some good risk analysis tools for conducting "what if" scenario modelling.
A full version of all the documents is available within the GUI, making this a very easy to use product.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry