What is our primary use case?
Firewall rule base management and FCR processing is the main reason we use AlgoSec.
We also use it for troubleshooting purposes and reporting. In that sense, there are three instances that are the main consumers of it. Our infrastructure management uses reporting to get insights, our Network and Security team does all of the FCR processing and troubleshooting of network problems, and our security department that also uses reporting and is part of the approval process for FCRs that are placed in AlgoSec.
How has it helped my organization?
AlgoSec provided a much easier way to process FCRs and get visibility into traffic. With previous vendors, we had to guess what was going on with our traffic and we were not able to act accordingly.
By automating some parts of the work, business pressure is also reduced since we now deliver much faster. I received feedback from our security department that their FCR approval process is also now much easier. The network team is also now able to process FCRs much faster and with more accuracy.
What is most valuable?
Most of all, Technical Reviews are now top-notch and AlgoSec does part of the job automatically that had been done manually with our previous vendor.
We now process FCRs much faster, which helps us to deliver faster and implement reworks at a quicker rate.
With Business Flow and Firewall Analyzer, it provides much better visibility into traffic and process flows. Visibility into traffic was our main problem in the past since we had no clue what was going on but now, we have all sorts of analyses and reports. This makes our decision process, firewall clean up, and troubleshooting much easier.
What needs improvement?
All of the search options needed are there but the search menu could be a bit more intuitive. In other words, I can perform any search I want without any problems but combining different search parameters can sometimes be a problem.
Creating more intuitive menus could be helpful, especially for the first-time users.
For example, it would be useful to be able to save searches with complex structure so they can be easily reused with simple change of parameter. Also, "contain" criteria sometimes misses just like ability to search using any value in basic search box, instead of reaching out to Advanced search (it would be great if simple typing IP address, or Project ID in basic search box lists all rules containing such a value).
For how long have I used the solution?
We have been using AlgoSec in production for about one year. Before that, we used it as a PoC for around six months.
What do I think about the stability of the solution?
We have had no issues in the past year.
What do I think about the scalability of the solution?
This solution is very scalable.
Which solution did I use previously and why did I switch?
We used another vendor prior to AlgoSec but we were not satisfied with the "intelligence" of the product when it came to the processing of FCRs.
Which other solutions did I evaluate?
We also evaluated Skybox.
What other advice do I have?
I have not seen any major issues with AlgoSec and it is better than the previous product we used. I am glad to have it now.
Which deployment model are you using for this solution?
Which version of this solution are you currently using?