What is our primary use case?
The primary use of this solution is to extract Risky Rules reports obtained from our Firewalls, check the rules, and proceed with changes on the Firewall as needed. In these reports, we also see the traffic being applied for different rules.
The traffic used for different Firewall rules can be obtained and then, we have a clear idea of the use for different rules. If some service or protocol is more often used or not, we can see.
We use the FireFlow tool to create the rule to be validated and applied in the appropriate Firewall. FireFlow can install the rule automatically.
How has it helped my organization?
This solution has improved our Security in our Firewalls. This has helped to restrict rules, delete rules that are too permissive, and create a configuration that complies with our security policy.
The reports are very useful for determining whether our Firewalls are compliant with our security rules and directives.
What is most valuable?
The feature that I've found most valuable is the risk classifications for different rules. The number of different risky rules that we have for each Firewall is determined automatically.
The traffic used or not for every service is very useful to check if some service is needed or not. In cases where it is not used, we can delete or disable it.
The FireFlow tool is very useful with the automatic installation of rules into Firewalls. It detects the router and applies the new rules, which saves us time in manual configuration.
What needs improvement?
There are sometimes issues with the Risky Rules reports where the number of hits is registering zero, but we know that this is incorrect because we have checked the rules and see that they are indeed registering traffic.
Sometimes the Trust setting on Firewall rules is changing to trusted by itself.
For how long have I used the solution?
I have been using AlgoSec for more than one year.
What do I think about the stability of the solution?
I have very good impressions of AlgoSec stability.
What do I think about the scalability of the solution?
The scalability is very good.
Which solution did I use previously and why did I switch?
I did not use another solution prior to this one.
Which other solutions did I evaluate?
I did not evaluate other options before choosing AlgoSec.
What other advice do I have?
Overall, I think this tool is very useful and we think that it's difficult to improve.
Which deployment model are you using for this solution?