What is our primary use case?
The automation and orchestration of security-related change requests on our selected firewall (in our case Checkpoint) to decrease the time it takes to raise, manipulate, and execute change requests. This is all done with minimal interaction from our Firewall and IPS team, allowing them to more effectively use their time.
How has it helped my organization?
It has eased the process of streamlining our firewall configuration management considerably. Our firewall and IPS team now has the ability to budget their time and focus on other tasks, rather than dealing with repetitive change request functions. This has enabled the team to work much more efficiently and effectively.
What is most valuable?
The feature we found most useful is the automation of the change process within our organization for firewalls. This feature has reduced the number of mundane tasks the firewall and IPS team undertake on a regular basis. We have been able to increase the effectiveness of the team, allowing them to prioritize more complex and business-critical tasks in a faster manner.
What needs improvement?
In terms of integrations, we would like to see a greater number with the upcoming and next-generation tools (i.e. SOAR and a selection of other SIEMs). This has been a problem for us, as we are going through the process of enhancing our security and some of the products we are looking at are lacking built-in support (integration).