Likelihood to Recommend FireMon is best used in a large environment (for example, I have >100 firewalls in my environment). It's best used when trying to improve security posture and showing changes in firewall security over time. It might not be the best choice for smaller environments or those that aren't concerned about security management.
Read full review I think Palo Alto Panorama is suited for administrators of all levels because certain things can be locked down to certain permission levels. But there are executive dashboards all the way down to the weeds for the highest of administrators. This truly is a single pane of glass tool because you never have to go into the individual firewalls for anything.
Read full review Pros Give good real time reporting for anyone making a change to any of our firewalls Provides good reporting tools that are out of box Provide good customization tools that is specific to our needs Upgrades are a simple process and support does relatively well with assisting us. Read full review If you need to push a setting or config to multiple firewalls Panorama can do that flawlessly. Panorama has its logging centralized and this makes it easy to locate and reviews logs compared to having to get logs from each device. I love how the interface matches the interface on the firewall. This makes the learning curve less steep. Adding new firewalls to Panorama is super easy and not complex. Panorama can push a lot of the config and settings so you don't have to manually do it. Read full review Cons Some features could be added to the existing functionality which include NAT rules usage Rule expiration normalization from firewalls rather than entering them in rule documentation .csv exports of the files from the firewall pane only gives usage for 30 days by default and that should be increased Read full review The ability to push out OS updates could be improved in Panorama. It has the abilities, but the use is not intuitive, to the point that we generally connect directly to the firewalls to download the OS updates directly. Scheduling. It would be nice to be able to schedule jobs to run at certain times. Pushing out updates, like OS updates mentioned above, can require significant bandwidth. So being able to schedule that work for hours that would not directly affect the users would be a welcome addition. The list of devices in the Templates tabs should be sorted the same way that he devices are grouped in the Device Group tab, rather than just alphabetical. If there was a way to chose the order of the devices, maybe by tag, that would work as well. Read full review Likelihood to Renew The shell is locked out and we can't run any general centos commands. The implementation and maintainence of the arch is very complex. Even with the right identifiers on log messages the log collection keeps failing. The warning messages on the device are ambiguous. The log messages on firemon are a bit confusing and don't show the exact issue.
Read full review Panorama has given us much more than we expected and the support for the product, by Palo Alto Networks has been great. We would like to see some improvements that I mentioned in another review, like scheduling changes, but overall Panorama has provided a very capable product and we are very happy with it.
Read full review Usability It save me time and I'm able to have the review - review the rule independently with using my time.
Read full review You can do anything via the GUI without going to the CLI. High real time security as every five minutes, it updates the list of phishing websites. High protection as the firewall communicates with the cloud, a machine running artificial intelligence helps to detect malware or other threats.
Read full review Reliability and Availability FireMon has been relatively stable overall. However, there have been a handful of times where we had issues with the console. For example, we couldn't update which devices to include in a security assessment. The initial suggestion from support was to just reboot it. It seems like there weren't many other options available such as to restart services before going to the extreme of a complete reboot.
Read full review Performance I'm not sure we have the largest implementation of FireMon out there but we do have a few 1000 devices being probed by FireMon. Overall, the system's performance has been rock solid. The console refreshes quickly and reports are generated within an expected timeframe.
Read full review Support Rating FireMon technical support is awesome! They respond quickly to our requests and they are well trained and very knowledgeable about the tool. Some issues have to be referred to the development team, but technical support largely provides solutions for any issues that we may have.
Read full review Palo Alto has a very nice customer support. People are very nice and were quick to reply, whenever we had an issue with the subscription or the blacklist tool. There is also a great deal of information on their website that covers each and every detail about the uses and the threat signatures. The community keeps on updating their information very frequently. Small issues are easily solved from the documentation, and for other issues, the customer support service is always present. However, on Fridays it becomes a little delayed as per my observation.
Read full review Implementation Rating Implementation is fairly simple. Most issues can be resolved by referencing manuals.
Read full review Alternatives Considered I has worked with
AlgoSec and while they are very similar product, I find the FireMon is easier to understand and get rolling with. While both require some learning, FireMon is by far the easier one. Once you have an understanding of how things are arranged and labeled you can easily import firewalls and begin to work on them to improve them
Read full review Palo Alto Panorama and Junos Space Security Director have many similar features but Palo Alto Panorama excels in almost all of them. The monitoring tools in Palo Alto Panorama are easy to use and give more in-depth insight into what is going on in your network. Palo Alto's security is ranked much higher and the Web Application Security is also superior to that of the Junos counterpart.
Read full review Scalability Firemon Is easily scalable and maintainable with any size team. Although it requires some tech debt, it is well worth the time to invest to ensure compliance is visible and reports are accurate. Although our environment is very large we do not fully utilize the scalability of the Firemon product.
Read full review Return on Investment FireMon's Compliance Reporting provided an immediate and tangible benefit FireMon helps identify egregious or erroneous rules quickly across multiple platforms FireMon took our audit process from an Excel spreadsheet into a far more advanced process with readily available context for reviewers Read full review At a previous company, I deployed Palo Alto firewalls to a data center, and 12 branch locations. This allowed us to replace MPLS links with IPSec tunnels between the sites. This resulted in significantly more throughput and soft savings of increased productivity. However, the estimated net of $220,000 in hard savings over five years is what is most impressive. I could not have effectively managed all those devices without Palo Alto Panorama. Read full review ScreenShots