One of the most popular comparisons on IT Central Station is AlgoSec vs FireMon.
One user says about Algosec, "This product allowed us to identify unused rules more easily and doing this simplifies policies in our firewall. We now have documentation of our application with objects sync with real configuration."
Another user says about FireMon, "The ability for spotting the shadowed-based rules helps us to eliminate overlapping rules that may not be otherwise needed or maybe under-used. It helps us to identify that stuff and gives us the ability to go back and audit the firewalls."
In your experience, which is better and why?