The company has a lot of sites that are involved in food production and has locations with on-premises firewalls and a data center. There is a cloud in Asia as well.
Right now, AlgoSec is being used to optimize the firewall and the firewall policies, and to clean up any unused rules or those that are too open.
We have 10 to 15 users.
I like that the firewall will analyze the tools within the risk profiles and the policy optimizations within the AFA. This can also be used to create reports for the customer with the risk profiles to optimize the firewall rules.
I think it's a powerful tool that gives good visibility. One of AlgoSec's nice features is the map of your entire environment. When you need to change something, you can see the whole path for the traffic, that is, where you need to implement the change, where the traffic is blocked, and where it's allowed.
AlgoSec provides full visibility into the risks involved in firewall change requests. This is important because when your environment grows to a certain scale, it becomes harder and harder to get the full overview of all your firewalls and rule sets.
AlgoSec can reduce the time it takes to implement firewall rules. I tried the FireFlow module in a course with AlgoSec. With active implementation, it smooths out the process so much more. If you have two or three firewalls that you need to implement, AlgoSec does everything for you. It reduces the time in terms of both looking through your environment to see where you would need the firewall rules and implementing them as well.
If you're just looking at your firewalls, you might not notice all the security risks and open rules. AlgoSec's automation helped to reduce human error and misconfigurations. It helps with cleanup and keeps your firewall as tight as possible. It helped to simplify the job of our security engineers.
Our organization works in multiple environments, and the firewalls are located across the globe. This solution enables us to manage these multiple or dispersed environments in a single pane of glass.
I'm responsible for the maintenance of the server, that is, patching and upgrading, and it's straightforward. It cleans itself up with the retention and everything you configure on it.
All our firewalls were renamed, and AlgoSec saw these devices as new devices. As a result, all the reports from the same device but with the old hostname were no longer connected. AlgoSec did not clean up the old reports as well. After a few days, it depleted its own storage, and then, the server became inaccessible.
There's no fail-safe for AlgoSec to not stop creating reports if its own storage is at 98% or 99% capacity because the server becomes inaccessible when it reaches 100%.
I've also been fighting an issue with the Chisel service running on the server regarding AlgoCare for some time now. I have been in contact with AlgoSec's technical support regarding this, and they've been helpful and responsive.
I've been using AlgoSec for six months, but the organization has been using it for some time.
When it doesn't fill its own storage and kills itself, the stability is fine. It has only happened one time; the ms-metro service went down, so the web GUI became inaccessible. All in all, though, the stability is good.
AlgoSec's technical support is swift, knowledgeable, and professional. We had some issues when we upgraded from A32.10 to A32.20, and they helped us to get it up and running again. All the contact I've had with them has been very positive, and I'd give them a ten out of ten.
Consider whether your infrastructure needs this solution. The organization should be a specific size before this product will come in handy for you. If you are a large enterprise with a lot of sites and a large infrastructure, then you should certainly consider using AlgoSec. I've loved working with it and would rate it a ten on a scale from one to ten.