Prevasio Reviews

We use AFA (AlgoSec Firewall Analyzer), FireFlow, AppViz, and CloudFlow. Our use cases depend on the customer. In general, we use it for rule optimizations, security risks, to manage rules with FireFlow, and for application visibility, as well as for optimization and automation.

AlgoSec has reduced the time it takes to implement firewall rules in our clients' organizations by 60 percent.

And the automation the tool provides has helped to reduce human error, absolutely. The flow can create some security risk controls. It makes suggestions about what is the best configuration to apply. It passes through five steps where the network administration sees which kinds of firewalls must be modified. And the security team can see the risks and which risks are mitigated by new rules. The information is helpful for different teams.

It simplifies the job of security engineers a lot. The troubleshooting and network simulation are very useful for the network team. The team that is responsible for risk has a lot of precise information about what the risks are if they apply certain rules, how to mitigate some of those risks, and which are the riskiest rules. That is all very helpful for them.

We use AlgoSec to monitor multiple firewalls. AlgoSec makes it very easy to maintain and manage our policies, the configuration, and various other maintenance of a particular firewall. It fulfills our requirement and monitors the configuration as well as the policies which have been made by the network team or the administrator of the existing environment.

AlgoSec provides visibility into our network security policies. With the help of a single management control and the help of the Analyzer, we can monitor and check the gaps and the configuration of the features and functionality of the firewalls. We onboard all of our firewall devices using the single management control. We activated the analysis feature of the solution, which automatically analyzes all the firewalls. We receive notifications whenever there is a gap in any of the firewalls within our environment, giving us visibility into the configuration changes, including whether the policies are in place or not, as well as which ports are open.

AlgoSec provides full visibility into the risk involved in firewall change requests helping us prevent any misconfiguration within the firewalls in order to restrict unwanted entry into our environment.

With AlgoSec's change management and Fireflow module, the solution reduces the time it takes to implement firewall rules by pushing the rules to all the firewalls automatically from a centralized management console, which also improves productivity.

Before implementing AlgoSec, I required two to three hours to configure and set up the policies for a firewall, but with AlgoSec, the time is cut down to half an hour.

It helps reduce human error and misconfiguration by checking the built-in templates in the firewalls. If there are any gaps in the templates, the software fixes them and pushes the policy to the firewalls. 

AlgoSec has helped the organization a lot because it is an automated tool. There is no human interference required. Automation significantly reduces the chance of error when configuring the firewalls, which helps improve our security operations.

AlgoSec has eased the workload of our security operations by monitoring the log files. Previously, the security operations team received many incidents that were not valid or required monitoring, taking up a lot of their time.

We are a retail company with about 2,500 stores, and we have at least 5,000 devices just on the retail side of it. We mostly use Cisco products in our organization. From the firewall perspective, we have a multi-vendor architecture. We have Check Point, Palo Alto, and FortiGate.

We are using AlgoSec Firewall Analyzer to identify the risks, do some quality assessment of the firewall, and then do our troubleshooting. We are working towards automating our firewall process that is currently manual. We are also enabling AppViz with different application teams. So far, we have onboarded a couple of them from the SAP team. The whole idea is to keep the firewall rules transparent and relevant to the application that an application team supports.

AlgoSec FireFlow is going to be adopted soon. I'm working on the project right now, and it is almost at the end stage where we're going to deploy it to the business.

We are in a hybrid environment, and we have our presence in multiple cloud vendors such as Azure, Google, and Oracle. We have our on-prem computing systems, and we are working towards migrating most of our on-prem computing systems to the cloud.

AlgoSec's deployment in our environment is a high-availability deployment. We have active and standby nodes. We also have a load distribution node, which is a virtual system. The active and standby systems are AlgoSec appliances.

It provides overall visibility into our environment's security posture from the network access perspective. It is also helpful in eliminating human errors and keeping the standard posture for the firewall staging process.

We have onboarded all of our firewalls, and we see that AlgoSec is running its regular monitoring and analysis process to provide a hundred percent visibility into our policies.  

Based on our testing, we have seen a reduction in human error and misconfiguration. When engineers are staging the firewall policies, human errors are being eliminated in terms of them forgetting to stage a rule in one of the firewall policies. Previously, if they had to stage three or four firewalls and they didn't know the environment properly, they would easily miss one of the policies. Such things have definitely been eliminated.

FireFlow will reduce the time taken to implement firewall rules in our organization. The firewall approvals and staging process currently take about seven days. Based on what we've seen from the tests that we have run, it has reduced the duration to about one and a half days.

It also brings standardization. It recommends the way in which the objects should be named. It brings a certain amount of standardization for objects and rules creation, which has helped as well. We are also targeting to reduce the number of people managing the firewalls after the FireFlow module is in full swing.

It simplifies the job of our security engineers. There is an expectation from the engineers to have a common understanding of our architecture and design, but there is always going to be some amount of difference in the way they understand our design and architecture. AlgoSec has eliminated such differences within the team. So, it doesn't matter if I have an L1, L2, or L3 engineer to stage the rules and how complex these rules are. It eliminates the difference in skill competency between individuals within a team.

We use several of the AlgoSec components including the firewall analyzer (AFA) and FireFlow. We may also use CloudFlow. 

We use AlgoSec primarily for Check Point. We run a script that works with Check Point and spits out rules. We also use it to create changes. Specifically, it will create new roles and we can use it to check if there are blocks on Check Point, as well.

In the future, we may use it with Palo Alto.

AlgoSec gives us good visibility into our network security policies. Overall, I would rate it a ten out of ten in this regard.

Before firewall change requests are made, it provides us with full visibility into the risks that are involved. This really helps because it lets people know that they should question the traffic. It gives them alerts and those red flags really help because it doesn't require having to do a deep dive into each change request.

I have used it for replicating rules in the process of migrating to the cloud. It makes replicating rules faster and I would rate it a ten out of ten in terms of being able to help with migration such that there are no security gaps. The process is not hard at all. It will show every rule to replicate, right there on multiple firewalls at once. Overall, it's very easy.

As we have migrated rules to the cloud, AlgoSec has given us better visibility into our application connectivity flows. This has made my life a lot easier because I can quickly tell, even before putting the request in, if the rule is needed or not needed.

AlgoSec has helped to simplify the job of our security engineers because the guys that question the traffic can see it in FireFlow. When I put a request in, the information protection people can see that request and they can use FireFlow to send a response back saying they need to explain why this is needed or provide something else in order to get the request through. Essentially, they can utilize it to question traffic, which is awesome.

The integration with Cisco works well. It's able to spot the Cisco devices perfectly and I'm sure that when we start using Palo Alto, it's going to handle them just as easily.

We needed something to tell us the quality of our firewall rules in terms of their implementation.

We use the following components of AlgoSec: AlgoSec Firewall Analyzer (AFA), FireFlow, AppChange, and CloudFlow.

I get reports that address the different types of things that we look for in security which it protects for, mainly things in the firewall with monitoring or compliance. With this, I felt like it is a great product.

Because of how sophisticated the product is, it allowed us to get very useful, actionable information, reducing the time it takes to implement firewall rules in our organization by 40 percent. However, we are still trying to figure out if we are going to switch to it permanently.

I felt like the compliance blueprints were more sophisticated, which is kind of what we need. The type of environment we need in order to reduce risk is to have a number of different compliance blueprints that will give us the flexibility of being able to handle multiple different kinds of audits.

We use it to assess some of the readiness of some of our projects. We use it to model what we potentially would do if we keep it on, which it looks like we probably might. So, we did use it to help with some modeling.

AlgoSec's automation helped to reduce human error and misconfigurations. They have built-in ISO and other types of compliance fabrics. That reduces errors because it does a lot of policy thinking for you. This has improved our security operations.

It empowered our security engineers because you need to have the best, top-end tool if you are looking at modern high-end threats. 

We have used the solution to implement and manage microsegmentation initiatives. That is the whole point of modeling towards, "Hey, how will this work for a specific situation in the end?" I think it's a great solution because a lot of companies are not just going to the cloud, but microsegmentation and service-delivered products. So, I feel like it is very capable and comparatively better than its peers, if not equal.

AlgoSec is very complimentary to Cisco ACI because a lot of people are doing SDN. Having that integration is critical because a lot of the applications are more geared toward ACI. So, having something that compliments but doesn't break or get in the way of what the client finds important is ideal. Because, in some cases, we are not just representing ourselves, we have to extend what the client wants.

We are using the FireFlow and Firewall Analyzer components. I'm not the manager of the project, so I don't know if we are using any other module. We use FireFlow to make our firewall change requests.

As an architect, if I'm deploying something and a flow needs to be put in place, I need to go into the tool and specify the details about the flow that needs to be set in place. I also need to provide some contextual information, and then there is a whole workflow that gets started. It will first analyze the flow to determine which firewalls and modifications are required, and then there is an approval step for which someone responsible for security needs to give approval. After that, it goes to the implementation team that does the actual implementation. In the end, there is a validation step where when they say it has been implemented, you can check that the flow is open, and it works fine. You can then either close the ticket or say that it's not working and please check again or perform additional tests.

We have a mixed proprietary network. We have stuff in private clouds, and we have stuff in public clouds with major cloud providers. We have a very global and complicated network in more than 60 countries.

It has certainly improved the way our organization functions. It has simplified my job in terms of creating a request. I know at which stage of the implementation we currently are. It has provided visibility into my firewall requests. Previously, the process and the tools that we had were like a black box. You send it to somebody, and then you didn't know what was happening for two or fours weeks. Now, at least you get your tech ticket number, and you can go in, follow up, and hunt people down. 

When it comes to integrating with the leading vendors, it is okay, and it is able to give us visibility. It tells us about the Palo Altos, Checkpoints, and Fortinets that we have.

We use FireFlow. Our environment is a mixture of private and public platforms. We have been aggressively moving infrastructure up to the cloud, so everything that used to be on-prem now is all pretty much in the cloud. We have hundreds of servers and instances up in the cloud. On-prem, we still have the same. It's a couple of hundred servers on-prem that we use for the day-to-day business functions as well.

AlgoSec would help to manage our multiple environments if we had CloudFlow but we don't have that license.

Back in 2016, we migrated firewall vendors over to Palo Alto Networks. During that time when we migrated, we had over 4,000 security rules. Using AlgoSec, we were able to trim it down by some ridiculous amount, around 72%.

AlgoSec has a built-in feature for identifying risks. It'll inform the user if we have rules that allow a certain protocol open to the internet that we shouldn't. It identifies applications that are permitted in our network that pose a risk. Some examples include SNMPv1 without it being secured and that sort of thing. AlgoSec notifies us of those risks. There are also cleanup tasks it assists with. Obviously, the simpler the ruleset of your firewalls, the easier it is to manage and the less confused administrators get. AlgoSec is able to help keep the firewall ruleset simple while still maintaining its security posture.

AlgoSec provides us with full visibility into the risk involved in firewall change requests. We perform risk analysis before adding rules anyway. Even if AlgoSec said a rule is risky or not risky, it's not something we rely on heavily. We have other tools and processes to identify if the rule we added is going to be introducing risks or not.

The overall visibility that AlgoSec gives into our network security policies is pretty high. It's very clever in the logic it uses to provide insights, especially into risks and clean-up tasks. It's very valuable. It saved a lot of hours on the cleanup tasks for sure. It has saved us days to weeks.

AlgoSec's automation helped to reduce human error and misconfigurations to an extent. If I'm considering duplicate rules and human error, then yes for sure. But if not, then no, not really.

It implements and manages micro-segmentation initiatives. We recently did a project on that. We did the service segmentation using natively built reporting functionality in the firewalls. After that, we used AlgoSec to clean up those rules and trim them down. So it's not exactly to create micro-segmentation but more to manage it. It performed very well for that role, which is the experience we've had with that specific function in the past with it as well.

We use it for firewall ruleset management. It's mainly to manage the firewall ruleset changes and for monitoring compliance.

In our environment we use Algosec Firewall Analyzer. Our network environment is a mixture of public and private clouds. We have more than 3,000 network switches and we are managing almost 20 firewalls that are on-premises. That doesn't include the cloud firewalls because AlgoSec does not extend to that area.

The main benefit is mainly related to security and our network operation. It helps with firewall and ACL management. In terms of security, it helps us safeguard the firewall ruleset. It's not directly important to the business for income, but it helps us to safeguard our operations and security.

It's also good to have AlgoSec for monitoring, as a measure for security compliance, because the firewall is the gateway from on-premises to the internet or to our business partners. It plays an important role.

It makes the audit process much easier because it provides an almost instant "yes" or "no" regarding compliance. On top of that, you can generate a move-and-change record for auditing purposes. It fulfills the requirements.

Algosec's automation helps reduce human error as well. It helps ensure our firewall policy integrity. It's the kind of machine that helps cross-check those areas, and that helps. Before we really applied AlgoSec for operations, we just used it as a monitoring tool. But after we started discovering manual errors, we tried to use AlgoSec as a prerequisite, and to check the ruleset changes that would be applied to production before they were applied in production. It works well as a checker.

In addition, it has reduced our workload in terms of manual checking to some extent. The lead time for AlgoSec to check against basic, fundamental compliance is great; much better than when done by humans. It reduces the time needed for that part of the analysis. And it helps me to make sure that the applied changes are meeting compliance requirements.