What is our primary use case?
We use AlgoSec to see where our firewalls stand, configuration-wise, and where we can make the policies safer for the environment. We are a large Government organization that provides critical services to the community.
We have a mix of ASA and Firepower that we use in the environment. The tempo is pretty high and there is a large amount of opportunity for error due to the size of the team and sometimes lacking in technical experience with configuring the firewall platforms.
This tool allows us to check the config really easily.
How has it helped my organization?
Our pen testers were constantly using AlgoSec for the firewall assessments, even when going with different vendors. We decided to buy the product in order to check the policy in real-time and ensure there were not miss-configurations that would linger until next year's pen test.
We also get an automated email of firewall changes in addition to being able to see if there are any rules that are poorly configured.
I am less stressed thinking there could be a glaring misconfiguration that could cause an incident.
What is most valuable?
We primarily use the firewall analyzer feature. It is really great for looking at stuff like PCI, HIPPA, etc. There are sometimes false positives but I don't know of a product out there that does not have false positives.
The firewall analyzer is great if you deploy a new firewall platform and need to see if it provides an adequate level of protection, where you don't have any dangerous rules.
I like the peace of mind that we get from seeing what our overall score is for the configs. I also like that I can check against PCI requirements.
What needs improvement?
This is a tough one because it has a lot of good features.
I think that the rate of false positives can be improved. I would like a FireFlow or packet-tracer-like capability at a lower licensing level.
I liked the additional capabilities for an analyst or lower-level network admin or service desk tech to be able to check the rules to see if there is something blocking the traffic. However, I was not able to get the licensing approved above just FA.
I like the training available as it is very informative, but, I wish it was just available from YouTube and I could easily play it from my cell phone without additional logins.
For how long have I used the solution?
I have been using AlgoSec for a few years.
Which solution did I use previously and why did I switch?
We just relied on tech skills and pen tests. This way led us to be reactionary instead of getting ahead of problems.
How was the initial setup?
Setup was not too difficult.
What's my experience with pricing, setup cost, and licensing?
The cost is kind of high but I really did not check any other vendors.
Which other solutions did I evaluate?
I did not evaluate other options. I do like NetBrain's Path tool. This gives us a similar capability to FireFlow and has some other really great tools.