What is our primary use case?
We use this solution for rulebase analysis. AlgoSec provides great unified visibility into all policy packages in one place. Also, the compliance feature is quite useful.
It is great for checking rules/objects across numerous policies/domains, as well as generating advanced reports about risks, trends in recent changes, covered and unused rules, and if you want to go really deep in rule base optimisation - unused objects. This helps our team to keep network access up to date and secure.
How has it helped my organization?
Growing big requires an increased level of automation and less manual tasks, and this is where AlgoSec comes into the picture.
It has being used for CheckPoint environment with numerous domains, hundreds of Firewalls and numerous policy packages, and Algosec able to provide single point of review. Security risks reports and rules analysis are very handy to optimise company's security posture and operational excellence.
What is most valuable?
The most valuable feature is the rule base optimization, which provides extremely valuable information about inactive rules, and rules that can be optimized or unified.
In addition it is about tracking insecure changes and getting better visibility into network security environment - either on-prem, cloud or mixed.
We are also going to implement full change management via Algosec as it allows to eliminate human error, ease on security governance and improve general ROI.
What needs improvement?
In my opinion, the user should be granted more flexibility to choose exactly which devices per CMA should be analyzed.
The process to replace a decommissioned device with a new device is not straightforward.
With the upgrade to CheckPoint R80.xx we have started to see some issues, although this version was already some time on the market, hence I was surprised that there was no full compatibility achieved. Nevertheless, working with support and professional services solved our problems.
For how long have I used the solution?
I have been using this solution for one to three years.
What do I think about the stability of the solution?
This solution is stable. There has been zero technical support interaction during last two years.
How are customer service and technical support?
Support is build in tier model so the case can be always escalated to more advanced level if needed
Which solution did I use previously and why did I switch?
We did not use another solution prior to this one. However, it was picked up after careful review and comparison with similar products.
How was the initial setup?
The setup was long in the past but recent upgrades were flawless and support engineers knowledgeable
What about the implementation team?
Our company have close relationship with Algosec team and they are always showing great level of expertise along with the will to develop custom solutions in case of need
What's my experience with pricing, setup cost, and licensing?
The pricing for this solution seems to be reasonable for the functionality.
Which other solutions did I evaluate?
We have evaluated number of solutions which are available on the Market. In my opinion several of them were concentrating to much on security operations and SOAR while not having that much functionality related to managing rulebases. Solid firewall change management is something must to have as it is provide strong basis for security governance, improves company's posture and allow to reduce risks in rapidly growing companies associated with multiple changes which might be not properly assessed or implemented as a security exception.
What other advice do I have?
As my company uses basic package, I quite happy with the functionality.
Which deployment model are you using for this solution?