AlgoSec Review

The risk and compliance area is key to ensuring we conform to company regulations


What is our primary use case?

We use the AFA to accurately determine rule use and where we can make improvements across our checkpoint estate. We have around 17 clusters of firewalls that are in constant use and frequently change rules.

How has it helped my organization?

AlgoSec has given us the confidence to remove unused rules, consolidate where appropriate, and prove reachability prior to searching a rule base to check access for an application or user. Breaking down a rule to specify used objects within groups and protocols used has proved invaluable for us to narrow exposure to potential threats.

What is most valuable?

A number of features are used more than others. We use the policy optimiser to search out unused objects in rules and determine when the rule was last hit accurately.

The risk and compliance area is key to ensuring we conform to company regulation. Having a number of compliance options to baseline ensures that we get the basics right before looking at advanced risks and remediation.

Finally, the traffic simulator can be used to check if a request from a user or project is already a function enabled or we have a full access change to implement.

What needs improvement?

  • The maps are a little clunky and could be made easier with some automatic layout technology which assists in spacing out the devices for easier viewing.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It runs well with little intervention.

What do I think about the scalability of the solution?

Good, it has the ability to add more devices anytime.

How are customer service and technical support?

We use Bytes to escalate, and this has proved effective.

Which solution did I use previously and why did I switch?

No. 

How was the initial setup?

Straightforward, it needs to run for a period to ensure accuracy.

What about the implementation team?

We used Bytes Security to assist in setup and initial optimization. 

What was our ROI?

Not really applicable.

What's my experience with pricing, setup cost, and licensing?

Setup is easy; we use a VM to run it. Having knowledge in Linux is not a requirement but helps when required to update the software. Also, ensure the reseller has the ability to escalate any issues in case they can't fix it for you. Your licensing should cover the support of the product.

Which other solutions did I evaluate?

Yes, we looked at Tufin and FireMon.

What other advice do I have?

Put it in, let it collect for up to 12 months and ensure you run regular reports. Only then can you be sure that you don't use rules. Remember, DR testing and failovers sometimes happen on a 6 or 12-month basis, and removing rules covering this will cause issues when you least expect it.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More AlgoSec reviews from users
...who work at a Financial Services Firm
...who compared it with FireMon
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: January 2021.
456,966 professionals have used our research since 2012.
Add a Comment
Guest