We needed something to tell us the quality of our firewall rules in terms of their implementation.
We use the following components of AlgoSec: AlgoSec Firewall Analyzer (AFA), FireFlow, AppChange, and CloudFlow.
I get reports that address the different types of things that we look for in security which it protects for, mainly things in the firewall with monitoring or compliance. With this, I felt like it is a great product.
Because of how sophisticated the product is, it allowed us to get very useful, actionable information, reducing the time it takes to implement firewall rules in our organization by 40 percent. However, we are still trying to figure out if we are going to switch to it permanently.
I felt like the compliance blueprints were more sophisticated, which is kind of what we need. The type of environment we need in order to reduce risk is to have a number of different compliance blueprints that will give us the flexibility of being able to handle multiple different kinds of audits.
We use it to assess some of the readiness of some of our projects. We use it to model what we potentially would do if we keep it on, which it looks like we probably might. So, we did use it to help with some modeling.
AlgoSec's automation helped to reduce human error and misconfigurations. They have built-in ISO and other types of compliance fabrics. That reduces errors because it does a lot of policy thinking for you. This has improved our security operations.
It empowered our security engineers because you need to have the best, top-end tool if you are looking at modern high-end threats.
We have used the solution to implement and manage microsegmentation initiatives. That is the whole point of modeling towards, "Hey, how will this work for a specific situation in the end?" I think it's a great solution because a lot of companies are not just going to the cloud, but microsegmentation and service-delivered products. So, I feel like it is very capable and comparatively better than its peers, if not equal.
AlgoSec is very complimentary to Cisco ACI because a lot of people are doing SDN. Having that integration is critical because a lot of the applications are more geared toward ACI. So, having something that compliments but doesn't break or get in the way of what the client finds important is ideal. Because, in some cases, we are not just representing ourselves, we have to extend what the client wants.