AlgoSec Review

It can really optimise configuring firewall policy rules.


What is most valuable?

  • It can identify the policy rules in the firewall that have a high risk and could have an impact on network infrastructure.
  • It suggests solutions to these issues, and provide compliance reports by standardizing PCI-DSS, ISO 27001, SOX and more.
  • It can monitor policy changes, and who made those changes.
  • It generates a topology of the network when it has scanned the network.
  • Using the network mapping, it identifies bottlenecks.

How has it helped my organization?

We have improved the performance of the firewall to handle requests and responses to/from clients as reduces the number of policies that are needed when the network is exposed to high risk.

What needs improvement?

They need to improve auditing of IP tables, as only monitoring them does not reduce their vulnerabilities.

For how long have I used the solution?

I used it for nine to ten months.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

It is quite stable for 24-hour network monitoring.

What do I think about the scalability of the solution?

There is no problem in the process of scanning and monitoring firewalls, and IP tables in
considerable quantities.

How are customer service and technical support?

Customer Service:

8/10 as they were quite fast in responding to my issues.

Technical Support:

10/10 as the technical support provide assistance if there is a problem via both email and telephone.

Which solution did I use previously and why did I switch?

I have not used a different solution previously.

How was the initial setup?

The initial set up is a bit complicated, because you have to open special ports in the firewall, and give open access to be able to read the configuration topology mapping in the firewall. This means that the process of scanning and monitoring AlgoSec can run smoothly.
Unlike the case with the initial setup for monitoring IP tables, you must use the root access serve (sudo su) so that the process of scanning and monitoring AFA could run smoothly.

What about the implementation team?

We implemented this in-house.

What was our ROI?

The advantage is that it can really optimise configuring firewall policy rules, and can
reduce the configuration that is vulnerable. It can provide solutions to make policy rules more simple and efficient.

What's my experience with pricing, setup cost, and licensing?

If you want to conduct an audit of firewall and want to optimize the configuration, you can try and use AlgoSec.

Which other solutions did I evaluate?

I didn't evaluate other options.

What other advice do I have?

Be patient and careful when doing the initial configuration of the firewall with AFA, but after the process is completed, everything has to run smoothly.

An example screenshot of network mapping results from AFA. Network mapping can
be useful also to detect if there is a connection network traffic is interrupted and can assist in documenting the topology that is owned.

The following screenshot shows an example of the policy rules that need to optimized, so you can improve the performance of firewall and its security level.

The following screenshot shows the result of scanning AFA reports that compliance with ISO 27001.

**Disclosure: My company has a business relationship with this vendor other than being a customer: AlgoSec’s partner in Indonesia.
Add a Comment
Guest
1 Comment

author avatar
Consultant

clearly explanation with real study case, this tools helpfull for infrastucture and security audit, beside that can be tool reporting and documentation infrastructure network.