I am a cybersecurity and networking practitioner with experience in product, engineering, and consulting.
We are currently evaluating AlgoSec and FireMon. What are the biggest differences between the two? We are specifically looking for users' feedback in terms of the:
Thanks! I appreciate the help.
Well before both the products have their own pros and cons. But the criteria you mention, I would say you can go with AlgoSec with the following reasons:
1. It's less expensive compared to FireMon.
2. Need very less amount of resources as compare to FireMon who need a huge amount of resources with their basic level VM as well.
3. Easy to manage and configure.
4. I found AlgoSec better than FireMon in terms of reporting.
But the biggest drawback with AlgoSec is their tech support which takes a huge amount of time to respond and investigate the issue. And in the end, they will always provide you one solution which is a known bug in the product and they will release an HA for that.
Thank you, Sunil and Carlo, for your insightful responses.
I really appreciate that and will investigate further.
It’s been too long since I evaluated AlgoSec to give some solid feedback here. I can say that mapping in FireMon is terrible if you have a complicated network, otherwise, it works pretty well.
FireMon performance- make sure you get the best server, you can break them out and put certain roles on different boxes to get a lot of expansion possibilities though it might not be necessary this depends heavily on the size of your configs. If you have 1,000 firewalls with 100 rules each no problem but a handful of firewalls with 900k+ rules can become problematic.
We have not pulled MPLS configs into the system but their protocol support (FireMon) seems top notch.
DR, well you can distribute the environment all over the place so it’s really up to you with Firemon how robust your DR is. I’ve never had a failure requiring a massive restore, even our older servers running their pre-web UI version is still running fine.
Unfortunately we chose Tufin over both those products, sorry I cannot give you a comparison on either. For us, Tufin simplifies the needs we have for Risks/Cleanup/Violations in our FW policies.
We also leverage compliance policy for best practices. You can also take advantage of the reporting functionally which suites your environment or infrastructure such as:
- New Revision
- Advance Change
- FW Modul Change
- Object Change
- Expired Rules
- Rule and Object Usage
- Policy Analysis
- Security Risk
- Rule Documentation.
If you were talking to someone whose organization is considering AlgoSec, what would you say?
How would you rate it and why? Any other tips or advice?
Let the community know what you think. Share your opinions now!