AlgoSec Review

Reduces our workload and generates reports that facilitate auditing

What is our primary use case?

The primary use case for this solution is to make our security team's life easier in our daily operations. Usually, we have a lot of requests to open flows on our complex network that is composed of a lot of firewalls and routers containing access lists. AlgoSec allows us to easily identify the equipment we need to work on to open the flows that are required. This saves us a lot of time.

We also need the audit report and risk assessment features to send to our InfoSec team so that they can use it in our audit documentation. This is also very important because it significantly reduces our workload, and makes it very easy to have the documentation ready to show to our auditors.

How has it helped my organization?

Since we deployed AlgoSec, we have been able to assign more of our time to what really matters. It now takes less than half of the time it took before we had this tool to deploy the flows requested by the business. In the past this was a very painful job - analyze which pieces of equipment are between the source and the destination machines and also check which ones need modifications to the firewall rules or router access lists. Now we just put the source and destination into the AlgoSec Firewall Analyzer and most of the job for the flows is done.

We are now working on putting FireFlow to work so that we can go one step further and allow AlgoSec to automatically implement the changes that are needed.

What is most valuable?

The feature we find the most valuable is the Firewall Analyzer. This helps us know which devices are between the source and destination on the flows that we need to open for the business. The audit tools are also very important to us because we can easily have everything that needs to be presented to the security auditors.

We are in the process of implementing FireFlow in our daily operation, which will make our lives even easier. The idea is to search the Firewall Analyzer for the equipment between the source and destination, and then automatically jump off to FireFlow and open a ticket. This will then automatically implement what is needed without the need to go into the Firewall itself. This will save us a lot of time and will help us to onboard junior engineers very quickly, getting them up to speed on our network and daily operation in record time.

Until now we are very satisfied and surprised about the results we have been having with FireFlow, and expect to be fully working with this tool within the next three months.

What needs improvement?

One important area for improvement is the support for Dell switches, which we have a lot of in our company network. At a minimum, we would like to get information about the routing table to complete the work diagram. We have been told that AlgoSec is working on this, and we expect to have support for those devices soon.

We would like to see more features in the GUI so that we don't have to work with the API as extensively. For example, a feature to schedule pushes to the Firewalls at a pre-defined time would be great for us. This way we can schedule the operation to be done at the end of the day, after hours, and have no impact on the users.

For how long have I used the solution?

We have been using this solution for about one year.

What do I think about the stability of the solution?

The solution is very stable.

What do I think about the scalability of the solution?

The solution is very scalable and for now, all of our equipment seems to have correctly on-boarded. We have no complaints about scalability.

In terms of the software itself, you can at a first phase, buy only the AFA licence (Firewall Analyzer), and work with it until you have all the devices onboarded and you can (if you want) only buy the other two modules (Fireflow and Business Flow) which will take advantage of all the work you did with Firewall Analyzer module by onboarding all your equipment. Of course, you can buy all the modules at the first stage, but I recommend to work on AFA to get all devices onboarded and only then go to the other modules, which will save you some money.

Which solution did I use previously and why did I switch?

We did not use a solution previously. This is the first one.

How was the initial setup?

The initial setup is straightforward. The only issue we ran into was with the Dell switches, which aren't supported.

What about the implementation team?

We implemented with the help of Compta. They have been helpful in the implementation of the solution.

What was our ROI?

The time we save in our daily operation allows us to have a smaller security engineering team, which reduces the costs.

What's my experience with pricing, setup cost, and licensing?

The pricing for this solution is not cheap, but we get a good value for what we pay. We get free time to work on other projects and it facilitates our daily operations.

Which other solutions did I evaluate?

We had been told that AlgoSec would be the right fit for us from our Firewall vendor, and we followed their advice. We haven't really evaluated other options, but until now we are very satisfied and don't regret the decision.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment