What is our primary use case?
We use this solution for Firewall Rule Management, to know who did what and why.
We use AlgoSec FireFlow to create Rules for the Firewalls with detailed information. It is used by end-users who supply the requirements for which this rule is needed, and then it goes to Security for approval.
We use AlgoSec Firewall Analyzer to get the audit reports on the firewall and to verify that change, which was approved by the Security and Network teams, is implemented in the right way.
It is a great tool for audit purposes.
Also it tells us if our firewall is compliance with PCI or not.
We use this for Compliance purposes also.
They are both integrated with each other.
How has it helped my organization?
This solution is helping us in the long term for managing the firewall configurations.
AlgoSec FireFlow Network Security solution is an end-to-end solution that ensures that firewall changes are approved, necessary, and implemented in the right way.
If some change is not implemented correctly then it warns you right away.
Also, while migrating from Cisco to AlgoSec, we can see the hit counts on the security rules and when the last time each rule was used. Depending on this information, we only use security rules that are more recently used when configuring new firewalls for migration.
For Palo Alto Firewalls, we have configured a lot of virtual routers as part of the network. This segmentation allows different network traffic to be isolated from a security point of view.
For us, it is a great management and audit tool.
What is most valuable?
This appliance has a lot of great features to offer.
You can buy the physical appliance or VM depending on your company requirements.
Features we like are:
- Multi-approval AlgoSec Fireflow rule creation system. The end-user can only implement the rule if it is approved by all of the IT groups.
- Very good integration with other vendor's products like Cisco or Palo Alto Firewalls.
- This Appliance gives you the full Network MAP, which is obtainable from the Routing table.
- It is easy to find whether a security policy is blocked, as well as where and by which device.
What needs improvement?
We love all the features of this device. It can be a bit expensive for small companies but they also have a VM model for that.
It seems that AlgoSec created a VSYS (Virtual system) for each virtual router name, even though our firewall has only a single VSYS. We are ok to work with this, but if this can be fixed in a future release then that will be great.
For how long have I used the solution?
We have been using this solution for three years.
What do I think about the stability of the solution?
We have had no Hardware or Software issue so far with this Product.
This Appliance never went down and whenever we did any software upgrades it went very smooth. Also in our environment we had no issues due to any software bugs.
Their Software is pretty stable and bug free.
What do I think about the scalability of the solution?
We love the scalability of this product.
How are customer service and technical support?
This solution has Five Star technical support.
It is great to work with its Customer and Technical support team.
Which solution did I use previously and why did I switch?
We used a different solution prior to this one and we had issues integrating with our new firewall vendor which was Palo Alto
How was the initial setup?
The initial setup is straightforward, and we had no issues during the installation.
What about the implementation team?
We performed the implementation in-house.
What was our ROI?
It seems we have recovered our money on this appliance, so it is money well spent.
What's my experience with pricing, setup cost, and licensing?
Initial setup was not that hard. Vendor did this for us.
Licensing depends on how many firewalls your company has.
They have license options for small to big customers depending on the network.
Price is fair for Licensing and Product.
Which other solutions did I evaluate?
We evaluated a few other options, including Tufin, before choosing this solution.
What other advice do I have?
My advice is to go with this product. It is easy to set up and use. It has great features and very good technical support to back it.
So far, we find ourselves below limitations on this appliance with the version we are currently running.
Overall, this is a Great security management product with good automation options to help your security teams function.
Which deployment model are you using for this solution?
Which version of this solution are you currently using?