FireMon Security Intelligence Platform
Strengths: Robust risk and policy analysis engine.
Weaknesses: Documentation light on screen shots. Limited no cost support options.
Verdict: Comprehensive with solid performance. Price makes it attractive for medium sized enterprises.
SummaryThe FireMon Security Intelligence Platform consists of a central security manager appliance fed via data collectors spread throughout the network. Data is collected from network devices of all types - including switches, firewalls and routers - and then analysed by FireMon's robust risk analysis engine. This product features the ability to easily audit and monitor thousands of network devices from a single management console to ensure that not only are the devices compliant with security policy, but also delineate the amount of risk associated with any vulnerable rules.
We found deployment of the appliance to be simple and straightforward. The initial configuration is done by simply plugging in the appliance and connecting a monitor and keyboard. At first boot up we were presented with a short configuration wizard that was easy to follow. At completion of the wizard, the appliance was connected the network and we were able to download the management client onto our management machine from the appliance. After we installed the management client, we were able to connect to the appliance and start adding devices to manage.
We found the overall flow of configuring and managing the appliance to be intuitive and simple and we found the management interface to be simplistic but well-organised. We found the true power of this product lives under the hood in the powerful, yet easy to use risk analysis engine. Once devices are added, the FireMon Security Manager is able to analyse compliance and risk factors and then provide remediation options and recommendations, including remediation steps for unused firewall rules and non-compliant network device configurations. Also included are out-of-the-box compliance reporting templates for PCI-DSS, HIPAA, NERC and NSA.
Documentation included several PDFs, including getting-started, user and administrators guides. Also provided was a quick-start guide that provided a few short steps to get the appliance up and running. This also provided a good amount of detail on initial configuration as well as on basic use of features and functions. We found that all documentation provided clear and easy-to-follow step-by-step instructions and configuration examples. Screen shots were not abundant but the few provided helped our understanding of certain configuration steps.
FireMon offers no-cost support during product evaluation. Once purchased, customers must purchase additional support if needed. FireMon offers two fee-based levels: Silver includes 12/7 phone- and email-based technical support as well as one business day response time, and Gold provides 24/7 phone and email support along with faster response times. All customers also get access to software updates and product downloads via a web-based support portal.
At a price starting just shy of £4,500 this product packs a pretty good bang for the buck. We found the FireMon Security Intelligence Platform to provide solid features, an easy-to-use management interface, ready-to-go compliance reporting and a robust risk analysis engine all packed into a single appliance. Prices are US-based, thus indicative only.