What is our primary use case?
We have deployed the first brick of AlgoSec solution suite, Algosec Firewall Analyzer (AFA).
We wanted to get a live Network Mapping and to directly be able to check if a flow is allowed or not, without needing to test and then check the logs. We also need to check for compliance, baselines, and risks over our network.
How has it helped my organization?
This solution provides visibility and comprehension of the network in our organization. It assists us in network security reviews and audits. In the end, a lot of time, we add context and build a security matrix matching our own standards. The optimization tools are much appreciated by the network operators.
What is most valuable?
The What-if analysis allows us to check the security rating under hypothetical rules that may be implemented on our firewalls.
Baseline compliance allows you to run and check the results of commands on the Firewalls and Routers. This solution is perfect for checking compliance against best practices, as proposed by the CIS.
What needs improvement?
The user interface is better than some competitors, but it is starting to get old. Space is not always fully used, especially for the risk and compliance part. As example today, Excel file should be used to deal with network segment definition and risk matrix, it is hard to do it directly from user interface and there is no way to organize, order a set of test.
Priority should be to improve the user interface for the risk and compliance part, making it more responsive and user-friendly.
For how long have I used the solution?
What do I think about the stability of the solution?
We have had no problem with stability to this point. We have High Availability and have tested it correctly. Disaster recovery mode is also available.
What do I think about the scalability of the solution?
Scalability seems to be one of the strongest points of this solution. Worldwide architecture with remote agents, or slave master architecture. Be careful in terms of how you will deal with the log management as to not impact your network. A distributed architecture can help.
How are customer service and technical support?
We have one ongoing ticket to solve an issue with SSO. They are working on it seriously.
Which solution did I use previously and why did I switch?
We did not use another solution prior to this one.
How was the initial setup?
The initial setup is long. The more knowledge you have of your network, the faster it will be.
What about the implementation team?
We implemented with the help of Orange Cyberdefense.
Their expert is very good, and honest with respect to the solution's capabilities.
What's my experience with pricing, setup cost, and licensing?
Licenses are provided by firewall and routers. Do not underestimate the number of routers because the price can be significantly reduced as you buy more licenses. Same if you go for more than one product (i.e. FireFlow, BusinessFlow)
Which other solutions did I evaluate?
Before choosing this solution we evaluated FireMon and Tufin.
Disclosure: I am a real user, and this review is based on my own experience and opinions.