We changed our name from IT Central Station: Here's why
Get our free report covering Tufin, AlgoSec, Skybox Security, and other competitors of FireMon. Updated: January 2022.
565,304 professionals have used our research since 2012.

Read reviews of FireMon alternatives and competitors

Aaron Zollinger
Sr. Network and Security Administrator at a insurance company with 501-1,000 employees
Real User
Out-of-the-box, you can run a compliance check against your environment that tells you exactly what needs to be fixed and why
Pros and Cons
  • "It gives us 100% visibility into our network security policies. It has given us a couple of surprises. Over the years, the network that we are administrating has been subject to people who have an idea of how a network should be set up. That differs from technician to technician or engineer to engineer. So, we are finding little pockets of hidden little self-engineered configurations and the way things were done that nobody knew about. Once the engineer left, the knowledge of that setup disappeared. You don't know about those until something either goes wrong, or you get something like AlgoSec to discover it for you, and it says, "Hey, there is this going on over here.""
  • "The reports are lacking information when they come out. They will not pull the URL or application information from Cisco FTDs. I know this works for Palo Alto Firewalls, which we currently do not have. If they could improve the integration with Cisco FTDs as a whole, that would be immensely helpful."

What is our primary use case?

We have actually played around quite a bit with the network flow piece of it (with the routers). That has helped us troubleshoot a few things with data flow and where it might be stopped or redirected to an incorrect location.

We use the following components of AlgoSec: AlgoSec Firewall Analyzer (AFA), FireFlow, and AppViz. We have a very limited cloud deployment at the moment.

We have a very complex network environment. It requires very specific compliance protocols to be put in place, including HIPAA compliance, PCI compliance, and HITRUST compliance. Therefore, we have very specific rules that we have to adhere to. We have 13 sites with very complex setups at each site to allow for redundancy and security, utilizing multiple vendors and technologies to achieve that. 

We are currently developing and going to have a hybrid deployment for the cloud and on-prem. Right now, 98% of our stuff is on-prem, and that will change. We are probably going to be about 75% on-prem and 25% in the cloud, which is very complex. This will allow our external vendors and external clients in as well as all our internal resources.

How has it helped my organization?

They have compliance rules built right into the system. Right out-of-the-box, you can run a compliance check against your environment that tells you exactly what needs to be fixed and why. Their compliance check is phenomenal. They even have a base compliance check. So, you can set your own standards to make sure that all your equipment meets those base compliances that you have for internal standards.

AlgoSec has reduced the time it takes to implement firewall rules in our organization. While our usage of it has been fairly limited to what we have tested so far, it has probably reduced the time by about 30%.

It gives us 100% visibility into our network security policies. It has given us a couple of surprises. Over the years, the network that we are administrating has been subject to people who have an idea of how a network should be set up. That differs from technician to technician or engineer to engineer. So, we are finding little pockets of hidden little self-engineered configurations and the way things were done that nobody knew about. Once the engineer left, the knowledge of that setup disappeared. You don't know about those until something either goes wrong, or you get something like AlgoSec to discover it for you, and it says, "Hey, there is this going on over here." 

It has helped us figure out how it was set up and why it was set up that way, then allowed us to engineer it so it fits a little better into our standards. We found a couple of secrets in our network that nobody would have known about. If we had an outage on those, nobody would have been able to figure them out without a tool like AlgoSec. This would have been a complete outage for our organization. Since we are healthcare insurance, that is a significant amount of money.

It has helped to simplify the job of our security engineers. We have a snapshot of where we are at with the correct data that we need to be able to fix the issues that we have. We keep finding little secret pockets of out-of-standard configurations that need to be addressed.

AlgoSec absolutely provides us with full visibility into the risk involved in firewall change requests. There is a risk analysis piece of it that allows us to go in and run that risk analysis against it, figuring out what rules we need to be able to change, then make our environment a little more secure. This is incredibly important for compliance and security of our clients. We deal a lot with patient health information that needs to be secure for physicians who are dealing with it and the patients themselves.

What is most valuable?

The most valuable for us so far has been the firewall rule analysis. Just to be able to get to a point where our infrastructure is secure and stable. The analysis runs everything that we actually need. When we run a report, we need to look at the report, then go back to the analysis because the analysis has all the information for us. We just have to match up the analysis to the report.

We have a security vendor who runs an analysis on the logs that we send them. We have multiple vendors who come in and do an annual security assessment. We have multiple vendors who come in and do an annual penetration test. We have vendors who deal with the end clients as well as vendors who deal with the servers for security, in addition to our firewalls, routers, and public interfaces. AlgoSec takes all of the information on our network, puts it into one single pane of glass where we can go and request what we need from the vendors. Plus, there are reports in AlgoSec that we can run and send out to our vendors so they have an eye into what we are looking at.

What needs improvement?

The reports are lacking information when they come out. They will not pull the URL or application information from Cisco FTDs. I know this works for Palo Alto Firewalls, which we currently do not have. If they could improve the integration with Cisco FTDs as a whole, that would be immensely helpful.

For how long have I used the solution?

We are actually in the process of purchasing AlgoSec. We have gone through a proof of concept with them. Right off the bat, running through that proof of concept with them was absolutely fantastic. Usually, they have an offsite proof of concept server that you connect up to, then kind of take a look at their technology to see how everything works and if you like it. However, we have a different setup onsite for some of our firewall rules. We wanted to make sure that their application/appliance worked on our internal environment. They were more than willing to set up an onsite PoC for us so we could make sure everything did work.

What do I think about the stability of the solution?

The stability is fantastic. We haven't had an issue with stability at all.

Two people are needed for maintenance (someone for backup plus me). Maintenance on it is fairly limited. It is very automated in the way that it handles all our data and firewall needs.

What do I think about the scalability of the solution?

The scalability is easy, just add more licenses if needed, then turn up another virtual machine. It is pretty straightforward.

There will probably be a dozen of us actually utilizing AlgoSec. This will mainly be the network and security team, then the security team themselves.

How are customer service and technical support?

During deployment, the technical support fixed our issue within 30 minutes of the phone call.

Which solution did I use previously and why did I switch?

We are in the process of doing microsegmentation right now. That is one of the reasons why we started looking into a utility like this because we needed to get that current snapshot of where we are at and where we need to go. AlgoSec is beyond phenomenal for helping to create and manage this type of initiative. With the automation piece and the fact that we can take a look at the traffic that is currently running through our firewalls and automate the rules being created for that. This will take a lot of manual work off of our shoulders that would have taken many man-hours to be able to implement.

How was the initial setup?

We ran into some errors/issues, so it probably took us a week to fully deploy it. The process was straightforward except for the typos that we had in the programming. Without those typos, it would have been up within half a day.

We had an implementation strategy that we laid out beforehand and went forward with that.

What about the implementation team?

James, the AlgoSec engineer who was working with me, spent about two weeks on and off with me trying to get the solution up and running, and he was successful at it. This was so we could utilize their proof of concept in our environment to make sure that it would fit our needs.

What was our ROI?

Because we went from having no unified tool to having AlgoSec, it has improved our security platform by probably 80% in just the short time that we have had and used it. It is invaluable. There is no question in my mind that it is a tool for anybody who has multiple sites, firewalls, and routers. It is something that everybody needs to look into getting because it is invaluable.

Even if we were to pay the first quote that we got, AlgoSec would be worth it. Just having the automation and that overall look into your security platform, you can't be without it.

What's my experience with pricing, setup cost, and licensing?

We are working with our finance department right now to be able to purchase it. The AlgoSec team is doing everything that they can in their power to get the costs down to where our budget is. They have worked a lot on it. They have cut the cost in half for us so far by questioning, "This is in the quote. Is this something that is actually needed?" They have pulled some stuff out and cut our costs down by 50% for the product itself.

Which other solutions did I evaluate?

There were four of us involved in the evaluation of the product.

We compared this tool to two other different tools. Even with their higher-end solution, when we had the full budget for this, AlgoSec was less expensive than some of the other top tools. We looked at FireMon and Tufin. The reason why we said, "No," when we had budget to FireMon and Tufin is because they were not pulling in the application data or URL data. 

AlgoSec actually pulls application data and URL data in. AlgoSec is a little easier to use than the other solutions. Cisco recommended AlgoSec to us.

What other advice do I have?

Don't trust what you think you know about your network. There are surprises everywhere, and sometimes it takes a utility like this to find those.

Don't don't hesitate. Go get it. If somebody came and asked me for an analysis tool, AlgoSec would be at the top of my list.

The integration is fine.

Migration to the cloud is on our roadmap. 

We have not set up any automation quite yet, but that is on the roadmap. That will make the tool even better.

I would rate this solution as a nine (out of 10).

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
Business Consultant. at a tech services company with 11-50 employees
Reseller
Top 5Leaderboard
Good solution with strong features
Pros and Cons
  • "The features that I have found most valuable with Skybox Security Suite, and this is because I work on the security side, are the firewall assurance, the change manager and the vulnerability control. These three features are the most impressive from Skybox Security."
  • "The initial setup with Skybox Security is hard. You need one or two strong security engineers on your team."

What is our primary use case?

We use the firewall assurance and the network assurance when we use change manager to check any changes in our firewall. We also use FortiGate's firewall for all our company. For six months, until 2020, we used the vulnerability control module to analyze our infrastructure.

For one of my customers, we used firewall assurance, network assurance and change manager - three modules. We optimized the firewall appliance and rules for one of the Ukrainian banks.

How has it helped my organization?

Skybox Security Suite is a great, strong solution. But you need a good engineer with high-level technical skills. For businesses it is a great solution - you look at the pie chart and understand everything. But if we talk about technical expertise, you need one or two technical expertise guys on your team to support this platform. You need to check, understand and discuss all cases and events, analyze these events, and make changes in your infrastructure. In terms of the technical aspect, it's good. For businesses, it is great.

What is most valuable?

The features that I have found most valuable with Skybox Security Suite, and this is because I work on the security side, are the firewall assurance, the change manager and the vulnerability control. These three features are the most impressive from Skybox Security.

In terms of the firewall rules, compliance, and vulnerability control, I need to understand what changes were provided from my IT team. I need to understand how these changes impact our compliance. I need to understand this to make decisions.

In terms of the vulnerability control, we need to understand how changes in our infrastructure impact the security in our company, such as having an open port to LinkedIn or Facebook. This could be very bad for the cybersecurity in our company, because some hackers or some non-loyal employees could make a lot of trouble.

So we need to understand how our changes impact the cybersecurity of our company. And Skybox Security is one of greatest solutions for this because you can see the firewall and the network infrastructure and you understand what's happening and how it could impact your cybersecurity.

What needs improvement?

In terms of what could be improved, I would say support for Cisco Firepower. This is one of the biggest segments in the Ukraine market. Many customers use Cisco Firepower. It is not a good solution for me, but it make sense. The second feature that could be improved is a deeper integration with Palo Alto. One of my customers uses Palo Alto and during the trial period with Skybox Security, we had some issues because when the IT administrator used the rules Skybox Security didn't understand. But it's not really a problem with Skybox Security. This was a problem for the company who used these stupid rules.

For how long have I used the solution?

I have been using Skybox Security Suite for the last 15 months. 

What do I think about the stability of the solution?

In terms of stability, humans write the code. So any solution will have some issues. So yeah, we have one or two issues, but for me, Skybox Security support is one of quicker supports in the world. I am familiar with support from Symantec and from Microsoft, these are bad support-wise. I also know about the support from McAfee and SolarWinds. For me, SolarWinds, Skybox and FireEye have quick, good support.

Support is good for me.

How was the initial setup?

The initial setup with Skybox Security is hard. You need one or two strong security engineers on your team. We have that. One of my colleagues has great experience as a cybersecurity engineer officer. So we deployed, but during deployment we asked the Skybox team for support. You need to understand what you are doing and why you are doing it.

What's my experience with pricing, setup cost, and licensing?

We use an NFR, not for resale, license because we have a strong relationship with Skybox Security. But Skybox Security sent me yearly support for the license, not monthly.

Skybox Security has good pricing.

If you need something like Skybox, you would pay more money than for a cybersecurity platform, because you need FireMon for firewalls. For firewalls, you would need a subscription to Cisco Tetration, for example, or for something else. These are more expensive solutions in collaboration. So if you want to save money and save time, use Skybox Security.

What other advice do I have?

I would absolutely recommend using Skybox Security.

If you need to check compliance and to understand how your IT teams work, use Skybox Security. If you need understand, like a clear glass of water, how your IT infrastructure works, use Skybox.

Tenable or Qualys or Rapid7 vulnerability controls in your infrastructure could be installed for vulnerability scans. But they don't know what kind of attack could be used or what vector of attack could be used. If you use Skybox you will see the impact, all the issues with your infrastructure and your configuration, and you can quickly change the situation to be more protected from outside and inside attacks.

On a scale of one to ten, I would give Skybox Security an eight.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
CyberSecurity Architecture Manager at a computer software company with 10,001+ employees
Real User
Easy to scale with good compliance and robust features
Pros and Cons
  • "You can easily scale the solution if you need to."
  • "The initial setup can be tough."

What is our primary use case?

We were primarily using the solution in order to grade the firewall rules.

How has it helped my organization?

How the solution benefits the organization is something that is currently being tested. We're considering doing something different, as we just used this product as a POC.

What is most valuable?

The compliance aspect of the solution is its most valuable aspect.

The stability is very good.

You can easily scale the solution if you need to.

The number of features is very robust - and there are a large number of features. That's a huge selling point, which is why its popularity is where it is.

What needs improvement?

I have heard many people complain that there is a high level of complexity. It may make it difficult to work with for some people. That said, I don't have those issues with the product.

The initial setup can be tough.

The product could use better integration with the cloud.

For how long have I used the solution?

I've been using the solution for years at this point, It's been a long time.

What do I think about the stability of the solution?

The stability is very, very good. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. The performance is good.

What do I think about the scalability of the solution?

The scalability of the product is excellent. If a company needs to expand it, it can do so relatively easily.

In our case, while I don't have an exact user count, I can say that there were quite a lot of people on the product.

We're talking about shifting potentially away from Tufin, however, if we had kept it would have been used extensively.

How are customer service and technical support?

While other people have the opinion that it could be better, I've mostly been satisfied with the level of support we've received. They've been okay. I've had three or four run-ins with them and they were all positive experiences.

Which solution did I use previously and why did I switch?

I also work with AlgoSec. We use both solutions currently.

How was the initial setup?

The initial setup is not straightforward. It's a little difficult, a little tough. New users need to expect this before they get started.

Often, a consultant is involved in the process, as there is a large learning curve, and many companies don't have the bandwidth to ramp up the staff. Bringing on a consultant can speed up the processes a bit.

The deployment took about a month or so.

We're still working on how many people we actually require to handle the maintenance aspect of the product.

What about the implementation team?

Typically, we get a consultant for everything, however, this last deployment, in particular, seemed to be more challenging for the consultant and for the staff.

That said, our experience with the consultant was very good overall.

What was our ROI?

While we are getting what we need out of the solution in terms of functionality, I haven't really looked into an exact ROI. We got what we were looking to get out of it. 

What's my experience with pricing, setup cost, and licensing?

The billing and licensing aspect of the product is not something I'm a part of. I don't have any insights into the costs involved in using the solution. I cannot see if there's just a flat licensing fee or if there are other costs needed on top of that.

Which other solutions did I evaluate?

We are considering moving away from the solution currently. We're looking for other options. We might shift towards FireMon, however, nothing is set in stone.

What other advice do I have?

We're just a customer and end-user.

We're likely not using the latest version of the solution. Currently, there is a team that directly supports it. I can't remember the exact version number off-hand.

I'd advise organizations considering the solution to do their homework first and see if they can find out from industry associations and professionals what their experience has been.

In general, I would rate the solution at a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Sr. Director, Security and Architecture at a pharma/biotech company with 11-50 employees
Real User
Top 20
Provides visibility into what is going on, 100% stable, and infinitely scalable
Pros and Cons
  • "Panorama enables you to provision all your firewalls and other things as a cluster. It is quite useful for that."
  • "Its UI and usability could be improved. The way the UI looks could be improved to make it a little bit more intuitive. Other than that, it is a pretty simple product."

What is our primary use case?

It is essentially a lightweight SIEM, so it'll detect and flag any sort of vulnerabilities or attacks on your network.

I've been using the most recent version of it. In terms of deployment, it is on the cloud. It is a private cloud. It is Palo Alto's Cloud, and I think they host on AWS.

How has it helped my organization?

It centralized the management of our Palo Alto systems. It provided more visibility into what was going on. It sort of gave a single painted glass picture instead of 25 different pictures.

What is most valuable?

Panorama enables you to provision all your firewalls and other things as a cluster. It is quite useful for that.

It is a very simple product. It does what it is designed to do.

What needs improvement?

Its UI and usability could be improved. The way the UI looks could be improved to make it a little bit more intuitive. Other than that, it is a pretty simple product.

For how long have I used the solution?

I have been using this solution for four or five years.

What do I think about the stability of the solution?

It is 100% stable.

What do I think about the scalability of the solution?

It is highly scalable. It is pretty much infinite.

In terms of the users, the Firewall Management team and the Security team use it. There are probably only 10 people who really have access to it. They also take care of its maintenance.

It is being used extensively at the moment. Its usage will just kind of naturally grow over time. As we deploy more devices, we'll put them into Panorama for management.

How are customer service and support?

Palo Alto is very good at technical support. They're a 10 out of 10. They're very good.

Which solution did I use previously and why did I switch?

We used FireMon in the past. It does a little bit more, but it is not as tightly integrated as the Palo Alto solution.

How was the initial setup?

It was very straightforward and very simple. I helped them roll it out and watch them spin it up. I didn't do anything configuration-wise, but I think it took us 10 minutes. It was that fast.

What about the implementation team?

It was done in-house.

What's my experience with pricing, setup cost, and licensing?

Its licensing is yearly and multi-yearly. It is not expensive.

What other advice do I have?

Be prepared for simple. It is not complicated. You're up and running in 10 minutes, so you'll be surprised.

It is only for Palo Alto products, so you can't scale it to anything else. It does what it is designed to do, which is to manage Palo Alto firewalls and other Palo Alto equipment.

I would rate it a 10 out of 10. It is a pretty simple platform; it is just the UI that can be made a little more intuitive. That's it.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Get our free report covering Tufin, AlgoSec, Skybox Security, and other competitors of FireMon. Updated: January 2022.
565,304 professionals have used our research since 2012.