What is our primary use case?
The solution helps us to accurately determine rule use and where we can make improvements across our checkpoint firewall products. We had originally designed a few dozen clusters of firewalls that experience a heavy network flow with a multitude of rules, and it has been a doddle to harness the power of AFA to get the ball rolling.
How has it helped my organization?
AlgoSec has highlighted to us a huge number of unused rules and restored the confidence in us to remove them where appropriate. At the same time, it enables us to consolidate and enforce the point of reach prior to searching a rule base to check access for an application or user. Breaking down a rule to specify used objects within groups and protocols has proven invaluable for us because we are able to narrow exposure to potential threats, and more generally, areas in which we are exposed.
Reporting features are a godsend when it comes to executive review and monthly directorship calls.
What is most valuable?
Most of the features proved to be very useful within our massive setup, with some getting additional airtime during production changes. Our perimeter team uses the policy optimizer to search out unused objects in rules and determine when the rule was most recently hit accurately.
From my personal experience, the traffic simulator can be used to check if a request from a user or project is already a function enabled, or instead, we have an access change to implement. This saves an enormous amount of time during CAB calls.
The risk and compliance area is key to ensuring we conform to company regulation and our perimeter detection policy. Having a number of compliance options to baseline ensures that we get the basics right before looking at advanced risks and remediation.
What needs improvement?
Some UI experience is a little clunky (for e.g. MAPS module) and could be made more user-friendly.
We experienced some initial challenges with technical support, although this considerably improved once the teams got to know one another.
The API support isn't as versatile as we would like it to be. It needs more integration.
For how long have I used the solution?
What do I think about the stability of the solution?
The product and appliances have been very stable.
What do I think about the scalability of the solution?
This solution has no problem with scalability and is easily able to integrate with firewalls in their thousands.
How are customer service and technical support?
We had some initial struggles due to communication, but once ironed out it was smooth sailing.
How was the initial setup?
Straightforward initially, and versatile well into production.
What about the implementation team?
We implemented this solution through our vendor.