What is our primary use case?
- The flagship feature used is its correlation of filtering rules (ACL/firewall).
- The audit of changes made in our environment is also very useful in the investigation of failure.
In an environment where onion layer security is strongly implemented, the filter elements can be configured in various places, and the traffic simulator proves, in this case, to be life-saving, whether in diagnostic time or in efficiency.
How has it helped my organization?
The AlgoSec solution has allowed us to achieve a clean-up and optimization of our filtering rules across our entire environment. The rules analysis allowed us to delegate the tool for operational purposes for the evaluation of firewall opening and audit requirements.
What is most valuable?
- The filter rules correlator allows us not only to have a clear view of the blocking points but also the quality of the filtering performed on the various firewalls highlighted by their risk index.
- Another interesting feature of the product is its ability to highlight filtering rules that would mask other more specific rules and thus lead to an optimization of the system.
- AlgoSec also allows us to have a history of changes. This feature is especially useful in the event of an outage or an unwanted change.
What needs improvement?
Although I'm very satisfied with the product, one of the ways of improving the product could lie, perhaps, in the acceleration of the analysis process and especially in the section — traffic simulation query.
Another improvement would be the support of an orchestration of different firewalls in a heterogeneous environment, mainly at the level of the management of the objects so as to have a homogeneous nomenclature.
For how long have I used the solution?
More than five years.