- It can identify the policy rules in the firewall that have a high risk and could have an impact on network infrastructure.
- It suggests solutions to these issues, and provide compliance reports by standardizing PCI-DSS, ISO 27001, SOX and more.
- It can monitor policy changes, and who made those changes.
- It generates a topology of the network when it has scanned the network.
- Using the network mapping, it identifies bottlenecks.
Improvements to My Organization
We have improved the performance of the firewall to handle requests and responses to/from clients as reduces the number of policies that are needed when the network is exposed to high risk.
Room for Improvement
They need to improve auditing of IP tables, as only monitoring them does not reduce their vulnerabilities.
Use of Solution
I used it for nine to ten months.
It is quite stable for 24-hour network monitoring.
There is no problem in the process of scanning and monitoring firewalls, and IP tables in
Customer Service and Technical Support
8/10 as they were quite fast in responding to my issues. Technical Support
10/10 as the technical support provide assistance if there is a problem via both email and telephone.
I have not used a different solution previously.
The initial set up is a bit complicated, because you have to open special ports in the firewall, and give open access to be able to read the configuration topology mapping in the firewall. This means that the process of scanning and monitoring AlgoSec can run smoothly.
Unlike the case with the initial setup for monitoring IP tables, you must use the root access serve (sudo su) so that the process of scanning and monitoring AFA could run smoothly.
We implemented this in-house.
The advantage is that it can really optimise configuring firewall policy rules, and can
reduce the configuration that is vulnerable. It can provide solutions to make policy rules more simple and efficient.
Pricing, Setup Cost and Licensing
If you want to conduct an audit of firewall and want to optimize the configuration, you can try and use AlgoSec.
Other Solutions Considered
I didn't evaluate other options.
Be patient and careful when doing the initial configuration of the firewall with AFA, but after the process is completed, everything has to run smoothly.
An example screenshot of network mapping results from AFA. Network mapping can
be useful also to detect if there is a connection network traffic is interrupted and can assist in documenting the topology that is owned.
The following screenshot shows an example of the policy rules that need to optimized, so you can improve the performance of firewall and its security level.
The following screenshot shows the result of scanning AFA reports that compliance with ISO 27001.
Disclosure: My company has a business relationship with this vendor other than being a customer: AlgoSec’s partner in Indonesia.
Dec 22 2015