Secure Passage FireMon v5.0
Strengths: This is a great tool for managing firewall configurations and policy adherence
Weaknesses: Limited device support
Verdict: Manages supported products well and is an easy-to-use offering. Good PCI DSS documentation support
FireMon v5.0 is a distributed platform that actively monitors network devices and firewalls to provide configuration change control. It provides configuration and policy analysis supporting both compliance and risk reporting.
FireMon is an agentless solution and is delivered either as an appliance or a software download on a Windows server. There is an application server component that is loaded on a Windows server. There are data collectors loaded on the same server used to interface with the supported products for data exchange. FireMon comes complete with its own database backend for data storage. The GUI is loaded on any end-user station that wishes to access the server console.
The GUI was easy to use and well laid out. FireMon's change management capability supports change workflow, notification and visualisation. Other capabilities include policy analysis and policy optimisation. Policy analysis capabilities include policy test, which permits a user to virtually test how a firewall policy will behave under different traffic conditions. Policy optimisation is also available and includes rule usage statistics to identify unused rules and objects. This enables an organisation to clean up policies and reduce complexity, while improving firewall performance. An integrated policy planner and ticket tracking systems are also included. We liked the rule planner. This can provide an organisation with the tool to leverage good policy and procedures, while having a less costly resource make the changes.
We were impressed with the out-of-the-box compliance reports, including PCI analysis and risk reporting - such as Risky Rule analysis.
The out-of the box capabilities are complemented by an ability to add custom policy reports based upon specific policy requirements or unique compliance or analysis requirements.
The dashboard and reporting functions were great. The GUI made it easy to find and manage devices. The analysis and filtering capabilities provided some good risk analysis tools for conducting "what if" scenario modelling.
A full version of all the documents is available within the GUI, making this a very easy to use product.