4 tools for managing firewall rules

Poorly managed firewall rules can lead to security disasters. Here, security managers in the IT Central Station community review the top firewall management suites: Tufin, AlgoSec, FireMon and RedSeal.

Firewall devices are only as good as the hundreds, or even thousands, rules that govern them. Misconfigurations, unused rules and conflicting rules can cause firewalls to fail in their crucial missions. Firewall security management products can help security managers monitor compliance, orchestrate device policies, optimize rules and manage firewall changes.

According to the IT Central Station user community, the most important criteria to consider when choosing firewall security management software are visibility for network devices, scalability, and ensured security and compliance.

Four of the top firewall security management suites are Tufin, AlgoSec, FireMon and RedSeal, according to online reviews by enterprise users in the IT Central Station community.

But what do enterprise users really think about these tools? Here, users give a shout out for some of their favorite features, but also give the vendors a little tough love.

Editor’s note: These reviews of select firewall security management vendors come from the IT Central Station community. They are the opinions of the users and are based on their own experiences.


Valuable features:

“The first is that it allows us to track every change to our infrastructure, such as when the administrator makes new rules. Not only are we able to track every change, we can roll them back very easily as well. The second valuable feature is that when you have huge growth within your firewall, it predicts what the growth may be and makes adjustments accordingly.”
David D., Web Technology and Security Manager at a wholesaler/distributor
“The SecureTrack and SecureChange features are the most valuable for us. SecureChange can work with different appliances. The integration between topology, security and workflow is powerful, and the workforce capability to create a lot of different scenarios is great.”
SecurityArchSols127, Security Solution Architect at a tech company

Room for improvement:

“For implementing the rules of SecureChange, and trying to implement it with all of the software we have on our side … we need better integration with our existing tools that will make these changes a lot faster.”
Genesi P., Senior Network Engineer at a financial services firm
“Probably the ad hoc reporting. They give you the canned reports. We do use the API calls, but it would be nicer if they could just give you a drag-and-drop function in the reporting [so you could] pick anything out of the database and massage that data the way you want it.”
Duane E., Senior Network Security Engineer at a retailer

You can read more Tufin reviews on IT Central Station.


Valuable features:

“The firewall analyzer allows for a quick and consistent method of reviewing your firewalls ruleset for security, compliance and peace of mind. The ability to review and understand your firewall topology, run reports and have the ability for practitioners and auditors to review our security posture, gives us a sense of calm within this area of security.”
Security369891, Security Architect at a healthcare company
“There are hundreds of firewall administrators, and each one of them creates rules. Optimizing these rules and being able to make them more logical is a key feature of AlgoSec.”
Pratik G., Network Engineer at a tech services company

Room for improvement:

“The reporting feature needs work, and it's expensive to get new licenses, but it's worth it.”
NwkAdmin901, Network Administrator at a software R&D company
“It would be nice to have it integrate with the existing change-management portal.”
Solomon A., Network Design/Network Security Administrator at a financial services firm

You can read more AlgoSec reviews on IT Central Station.


Valuable features:

“FireMon allows us to monitor and assess our network, giving continuous visibility into -- and control over -- firewall infrastructure, network security policies and underlying IT risk.”
InfoSecEngineer099, Information Security Engineer at a real estate/law firm
“Firewall auditing is very important. We also use the solution for rule traffic analysis, traffic flow discovery and hidden/shadow rules within over 100 firewalls spanning five different brands. These features are valuable [because] firewall rules are constantly added but it's tough to determine what can get cleaned up over time.”
Brendan H., Senior Network Security Engineer at a local government agency

Room for improvement:

“I believe their network maps have a lot of room for improvement. I think they should allow more customization.”
Michael S., Network Engineer at a tech services company
“The reporting needs some improvement to ensure that we are provided with consistent data across each firewall device on the network.”
InfoSecEngineer099, Information Security Engineer at a real estate/law firm

You can read more FireMon reviews on IT Central Station.


Valuable features:

“The ability to create a comprehensive network map and tie it to vulnerability data. This was invaluable in providing critical context to remediation emphasis, planning and benchmarking.”
Fran S., Cyber Security Engineer at a tech services company
“The most valuable feature … is the ability to measure resilience. With our RedSeal Digital Resilience Score, we can measure, benchmark, and set targets to actively manage the digital resilience of our network and security infrastructure.”
Ivan A., Cybersecurity Integration Engineer at a tech services company

Room for improvement:

“Although we are talking about a very robust platform, I would like to see the Windows-compatible VM version come back. This is because I used v7.1.3 for Windows and it seemed more user friendly.”
— Ivan A.
“I did not like the Java dependency. The product needs to make use of HTML5 or something that is browser-agnostic.”
— Fran S.

You can read more RedSeal reviews on IT Central Station.

Copyright © 2016 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)