We use AlgoSec Firewall Analyzer and AppViz. We have bought the FireFlow license, but we do not use it currently. We plan to use it, but we are not using it right now.
Firewall Analyzer is helpful for network assurance and meeting some requirements of PCI DSS.
We use it to manage only our on-prem environment. Our network environment is mostly on-prem. We do not use cloud networking. We have an internal cloud, which is hosted in the Netherlands, but it is like a private cloud.
It gives us a pretty good understanding of what's going on in our network in terms of network security policies. In terms of the overall visibility that it gives into our network security policies, I would rate it a nine out of 10.
For preparing for audits and ensuring that our firewalls are in compliance, Firewall Analyzer gives a great overview of what's going on with the firewalls in terms of rules, etc. It offers a great input for auditors or for reporting to auditors.
We use Firewall Analyzer in order to monitor the PCI DSS network area. It is helpful for meeting some requirements of PCI DSS.
We work with multiple security vendors. It works when it comes to integrating it with the leading vendors. We didn't have any problems integrating with the solutions of our top three vendors.
Firewall Analyzer and AppViz are the most important features because they provide a lot of information regarding network segmentation. For us, this is a valuable input in order to provide network segmentation for various applications that we have developed in-house or that we bought from vendors. Our network is not properly segmented right now, but we plan to do it using AlgoSec. This is the most important feature for us right now. We also plan to use FireFlow in order to automate the firewall change management.
The Firewall Analyzer module can be improved to implement a vulnerability management solution, or they can link Firewall Analyzer with a vulnerability management solution in order to get a better overview of what's going on in our network in terms of vulnerabilities.
We started implementing AlgoSec in April this year.
So far, so good. We didn't have any problems. It is pretty stable.
From what I've heard and what I've read on their portal, it is pretty scalable. There are no issues around this.
We have not opened any tickets on the portal. We have a dedicated support person who assists us in the deployment. They are pretty fast to react. If I ask them a question today, they will respond very quickly.
We didn't have a different solution.
It was pretty straightforward. We started implementing AlgoSec in April this year. We are not fully into production, but we have been using it since May. Technically, it took less than a month, but we still have to do some paperwork in terms of security procedures, security monitoring, etc. So, it has been all paperwork from May till today.
The patching process of this solution is also pretty straightforward. They provide monthly patches, and it doesn't take a whole bunch of people to maintain it. Just one or two people can do the job.
Even though we had a reseller involved in this process, we did it on our own but with a little help from AlgoSec.
We have not yet seen an ROI. We are currently at the beginning of implementing the solution, and there is still a lot of time before we see a return on investment.
Price is not my concern. If a tool does its job, it is not my concern to obtain a good price for it. If a tool is needed, we are going to buy it.
We evaluated other solutions such as Skybox, Tufin. We found the graphical user interface of AlgoSec to be very user-friendly. It provides the information that you need. The information that you need is very well organized as compared to other solutions.
It depends on your needs. If you want to have a better overview of your network, AlgoSec is a tool that you can rely on. You can have an overview of your network by using your own equipment, but you have to dig in deeper. AlgoSec provides better visibility with a little amount of effort.
We haven't had any breaches in the past. We have not used it to implement and manage microsegmentation initiatives. We use it for network segmentation, which is done at the network level which includes firewalls, switches routers, and so on. Network segmentation is an ongoing process.
I would rate it a nine out of 10.
We use two main modules. We really appreciate the change manager. It's one of the most valuable aspects of the solution.
The technical support is pretty good.
We need the solution to have full compliance with IPV6.
We also use VMware features and we need the solution to be fully integrated. We used to make micro-segmentation. We'd like to be able to do this again, and for that to happen, we need more integration.
The pricing of the solution is rather expensive.
It needs to be more comprehensive. There are also some drawbacks in trying to import a policy matrix inside. If some people design a policy matrix in the file, in an Excel file, the problem is that we will have to work a bit to interact with it properly. Something more economical needs to be in place to deal with the policy matrix.
We have a small team working with Tufin. That said, even though the team is not a big team, we have a lot for it to do. Tufin now is our policy manager for the private cloud. It's the main policy manager. We also use Skybox for the legacy part.
I've dealt with technical support in the past. They are okay. They really try to work with us. I'd describe them as being helpful and responsive for the most part. We're largely satisfied with their level of service.
We also use Skybox Security Suite. We use both that and Tufin simultaneously.
The initial setup was actually handled by another team. I can't speak to the implementation process due to the fact that I did not participate in the process directly.
As an architect, the pricing seems expensive to me. For what it does, I would say it's expensive.
I can only really compare it to Skybox, which is a solution we also use.
If I compare it with Skybox, I see it is the best. It is better than the Skybox. However, we need it to do more.
We are not a reseller. We are an IT enterprise. We are customers and end-users. That said, our relationship is evolving. It's becoming something like a partnership, as we need more features and are making suggestions and trying to develop it out a bit.
I'm not sure of which version of the solution we're using. I can't recall the version number off-hand.
I'd rate the solution at a seven out of ten.
