What is our primary use case?
First and mostly, as a large company, we had some issues regarding the main rating companies as they found some issues compromising our assets. There are different management systems and models with human interaction and sometimes with a different validation. This was impacting our business, so we put a lot of effort into solving problems, case by case, with manual operations. AlgoSec came into action in order to avoid this and streamline our process.
AlgoSec is one security management tool with the main target to find any rule that is not in compliance with our internal standards. New rules cannot be configured in any firewall unless it has been validated from security.
How has it helped my organization?
We were able to identify every rule configured on each firewall in our facilities with AlgoSec. This included every risky rule, shadow rule, and non-compliant rule. After this, we were working with a fully cleaned-up process.
Now, any rule is pushed automatically with AlgoSec. In fact, every user in the company is raising tickets through it to request a new open flow across firewalls. If AlgoSec detects that this flow has no risk, it is automatically pushed onto the firewall. If not, it goes to a dedicated approval process.
What is most valuable?
Among all of the different AlgoSec modules, I think that FireFlow is the most valuable and we have integrated it into our internal processes. This is something that increases business efficiency and helps avoid bottlenecks in our NOC team. Moreover, we have eliminated any human mistakes that we have dealt with in the past and now we want to avoid as we are moving toward a completely automated network.
What needs improvement?
There are a few things that we have already raised to AlgoSec in order to improve the tool. First, as the highest volume in our network is SaaS traffic, we need to secure this connection. To secure SaaS traffic there are a few vendors such as Palo Alto and Zscaler, but AlgoSec is not yet able to push rules onto these clouds. It’s in the roadmap but this is something that blocks our whole design.
The network map design is not very useful for the administrator as the information displayed is not user-friendly.
For how long have I used the solution?
It's been almost two and a half years since when we were looking for a fully integrated Security Management tool and we decided to run this solution in our multi-vendor network.
What do I think about the stability of the solution?
Stability is good, but we are still debugging tiny things because we have to accommodate the solution to our large IT infrastructure.
What do I think about the scalability of the solution?
It will be good as long as they can move this solution to hybrid or fully cloud deployments.
How are customer service and technical support?
All issues raised so far have had a good response SLA.
Which solution did I use previously and why did I switch?
We didn't use any security managament tool prior to this one.
How was the initial setup?
This initial setup was tough because of the network map configuration. There is no visibility on the provider (ISP) because they cannot grant access to us. So, the configuration was mostly set up manually.
What about the implementation team?
AlgoSec was deployed with the support of professional services coming from the vendor. This made the implementation smooth for us. The expertise was good, as they had experience with this solution.
Which other solutions did I evaluate?
We were doing some workshops with both AlgoSec and Tufin.
Which deployment model are you using for this solution?