FireMon is an agentless solution and is delivered either as an appliance or a software download to be deployed on a Windows server. There is an application server component that is loaded on a Windows server. There are data collectors that are loaded on the same server and are used to interface with the various supported products for data exchange. FireMon comes complete with its own database backend for data storage.
The GUI was very easy to use and was well laid out. FireMon's change management capability supports change workflow, change notification and change visualization. Other key capabilities include policy analysis and policy optimization. Policy analysis capabilities include Policy Test, which permits a user to virtually test how a firewall policy will behave under different traffic conditions. Policy optimization capabilities are also available and include detailed rule usage statistics to indentify unused rules and unused objects. This feature enables an organization to clean-up policies and reduce policy complexity while improving firewall performance. An integrated policy planner and ticket-tracking systems are also included. We liked the rule planner functionality. It can provide an organization with the necessary tool to leverage good policy and procedures while having a less costly resource make those changes.
We were very impressed with the out-of-the-box compliance reports, including PCI analysis and risk reporting, such as risky rule analysis. The out-of-the-box capabilities are also complemented by the users' ability to add custom policy reports based on specific policy requirements or unique compliance or analysis requirements.
The dashboard and reporting functions were great. The GUI made it easy to find and manage devices. The analysis and filtering capabilities provided some very nice risk analysis tools for conducting "what if" scenario modeling. A full version of all the documents are available within the GUI, making this a very easy-to-use product.