We have around 200 firewalls that we manage through AlgoSec. We use it for automation purposes in certain cases. We have 10 to 12 team members who use AlgoSec.
We have around 100 plus on-premises devices. However, we are moving over to the cloud. At present, we mainly have Microsoft Azure, and we are going to deploy AWS and Google Cloud soon.
We use AlgoSec FireFlow as well.
The amount of time spent on doing simple tasks, such as adding a particular rule or giving access to a particular person, or doing the same repetitive task has been reduced. We don't have to manually look into duplicate rules or look into traffic that is not getting hits. It will be automatically taken into consideration by AlgoSec, and the information will be given to us so that we can take action on that part. It saved us a lot of time.
When the staff is doing the same repetitive task all the time, there will be errors. AlgoSec helped to reduce human error and misconfigurations to a great extent.
One of the features that I like about AlgoSec is the topology table. It helps us understand where the traffic flows through, where it gets interconnected, and how the traffic flows from our device to the other device.
The other good feature that I have come across is that it suggests best practices. For example, we had a case where there was a legacy rule that was a wide-open rule. AlgoSec identified what IP traffic got hit and based on that suggested allowing those particular IPs instead of maintaining a wide-open rule.
In terms of the overall visibility that AlgoSec gives into our network security policies, I like the best practice assessment in terms of compliance. It helps us deal with wide-open rules and duplicates, and provides suggestions on how the rules can be written, restructured, and reordered.
AlgoSec reduced the time it takes to implement firewall rules. Also when it is upgraded, which we are in the process of doing, when a user tries to raise a ticket, that ticket will be associated with AlgoSec FireFlow. Then, the user will be able to access it themselves.
We work with multiple security vendors, but not all vendors integrate with AlgoSec. As a result, our team has both AlgoSec and Tufin. In terms of integrations, it's going well so far.
AlgoSec helped to simplify the job of our security engineers. For example, a new user who tries to gain access will have to raise a case, and automation will take that into consideration. It helped us to disable rules that are not being utilized, merge any duplicate rules, and reorder rules based on traffic hits to have a good flow. Any rule works from top to bottom, and AlgoSec will place the major items at the top. These helped to reduce latency as well.
Certain firewalls don't integrate with AlgoSec, and it would be great if this bug could be fixed.
AlgoSec looks into compliance and is helpful. However, it would be nice to have validations that can run before the changes are posted and implemented. Now, if something goes wrong the user would need to reach out to us, and then we would have to troubleshoot. Instead of that, if there are validations for simple tasks, it would be great.
I've also heard from our AlgoSec vendor about a feature that is coming up in the future. With the topology table, we can see the interconnected devices to understand the traffic flow. I was told that with this new feature, if we find a blockage, maybe on a firewall, that we would be able to go to that firewall and allow traffic through a specific rule. This would be done just by right-clicking on that particular device and getting the change implemented through automation. This would be a helpful feature.
I've been using AlgoSec for about a year.
The stability has been okay so far. There are a few bugs, but no device is perfect.
We previously used FireMon and switched to AlgoSec because we were not satisfied with it. FireMon was good but was not user-friendly.
I recommend AlgoSec because it has good features and is more user-friendly than FireMon. AlgoSec has fewer options in terms of tabs, so you'll be able to navigate and explore everything. From a technical point of view, AlgoSec is good for a newcomer. Therefore, I would give AlgoSec an overall rating of eight on a scale from one to ten.