What is our primary use case?
I am the senior network security engineer in an environment of more than 80 firewalls ranging from ASA 5506-X to ASA 5585-X and now to FortiGate 3960E. As part of this position, I need to be able to audit firewalls and ensure that they are compliant to a number of policies. Before AlgoSec, this was done in a very long, slow manual process, and it took days to audit even the smallest firewall. With AlgoSec, I can run a compliance report and see exactly where that firewall falls short.
How has it helped my organization?
AlgoSec has freed up my time to look into new solutions and complete other jobs that I have to get done. I have been able to shepherd the migration from Cisco ASA to FortiGate and using AlgoSec made that process much easier. Now, when I get a request for audit information, that information is available at a click. A PCI audit is no sweat. I know which firewalls fall under PCI, and I can provide the needed answers in minutes instead of days. This has improved my use of time.
What is most valuable?
Policy optimization, compliance, and change reports are the most valuable. I can clean up firewall rules quickly, optimizing the rule set and moving on in hours. Before, I was looking at days. Compliance is a breeze. The change reports are helpful to see changes over time and also be a "second set of eyes" when looking into issues.
The mapping tool is helpful.
Traffic queries are a great help when troubleshooting a problem, especially if the traffic is going through two or more firewalls.
What needs improvement?
I can't think of specific improvements. If anything, the product has been improving in usefulness constantly.
For how long have I used the solution?
I have been using AlgoSec Firewall Analyzer for approximately two and a half years now.
What do I think about the stability of the solution?
Product hotfixes are released regularly and are a breeze to install. I have dealt with other products that always promising to fix bugs, but it takes months or longer for the next patch to appear. AlgoSec is on top of this and in my opinion is a real leader with bug fixes.
How are customer service and technical support?
Technical support is the best that I have ever dealt with. I have yet to have a support engineer tell me that they couldn't fix a problem or that it was sunspots (Cisco TAC). They have gone above and beyond multiple times. I never hesitated to call as they have never made me feel that the problem is the user, even though I am sure that there were times it has been.
I have never had a problem that the technical support wasn't willing to dig into and get resolved.
Which solution did I use previously and why did I switch?
Not really. We used a homegrown VBScript that would parse the configurations on our firewalls for auditing. This didn't help at all with compliance.
How was the initial setup?
The setup is not difficult. The professional services were outstanding in installation and knowledge transfer.
What about the implementation team?
We implemented through a vendor team. Their expertise was outstanding. They made sure to spend a lot time doing knowledge transfer.
What's my experience with pricing, setup cost, and licensing?
The initial cost was high for us, but we have always been behind the tech curve and cost has always been the limiting factor. That attitude has changed. Now, we look for the best, not simply the cheapest.
Which other solutions did I evaluate?
We did look at a couple of other solutions. FireMon and Qualsys are the only two I remember.
What other advice do I have?
It has saved my bacon a number of times and is a great arrow to have in your quiver of tools.
Which deployment model are you using for this solution?