Prevasio Reviews

We use it for firewall ruleset management. It's mainly to manage the firewall ruleset changes and for monitoring compliance.

In our environment we use Algosec Firewall Analyzer. Our network environment is a mixture of public and private clouds. We have more than 3,000 network switches and we are managing almost 20 firewalls that are on-premises. That doesn't include the cloud firewalls because AlgoSec does not extend to that area.

The main benefit is mainly related to security and our network operation. It helps with firewall and ACL management. In terms of security, it helps us safeguard the firewall ruleset. It's not directly important to the business for income, but it helps us to safeguard our operations and security.

It's also good to have AlgoSec for monitoring, as a measure for security compliance, because the firewall is the gateway from on-premises to the internet or to our business partners. It plays an important role.

It makes the audit process much easier because it provides an almost instant "yes" or "no" regarding compliance. On top of that, you can generate a move-and-change record for auditing purposes. It fulfills the requirements.

Algosec's automation helps reduce human error as well. It helps ensure our firewall policy integrity. It's the kind of machine that helps cross-check those areas, and that helps. Before we really applied AlgoSec for operations, we just used it as a monitoring tool. But after we started discovering manual errors, we tried to use AlgoSec as a prerequisite, and to check the ruleset changes that would be applied to production before they were applied in production. It works well as a checker.

In addition, it has reduced our workload in terms of manual checking to some extent. The lead time for AlgoSec to check against basic, fundamental compliance is great; much better than when done by humans. It reduces the time needed for that part of the analysis. And it helps me to make sure that the applied changes are meeting compliance requirements.

The firewall policy summarization is the most valuable feature. It helps us to cross-check the firewall ruleset. That's the main purpose of it. And of course, it monitors changes of the firewall policy. It provides full visibility into the risk involved in firewall change requests. It helps us to check for any integrity issues and conflicts with other rulesets, and of course the compliance.

When it comes to integrating with the leading vendors, we haven't had any hiccups integrating Algosec with existing firewalls or network switches, router switches, ASAs, or VPNs. It has to be great. I don't think another brand name or latecomer will do better than Algosec.

I have been using AlgoSec for more than seven years.

The stability is good. When we had the appliances it ran for a couple of years. Now that we've moved to the VM it is more stable and independent of hardware.

We used to be in an appliance for AlgoSec but two years ago we moved it to a VM version. The vendor supported us in that process. That was good. Other than that, we haven't needed to contact their technical support much.

I don't work directly with their technical support, my subordinate works with them. According to what I've heard so far, it's been very good and very helpful.

The initial setup was a long time ago. I remember it being a little bit hard, but I don't think we're a good reference point because it was almost seven years ago. When we moved to the VM version two years ago, we updated our skill set and it is manageable for my people. It should be easy to integrate.

For our initial setup, I remember the Check Point firewalls were seeing some key exchange. When there is an upgrade, you need to do a key installation. That was a little bit difficult seven years ago, but I believe most people now have experience and they know how to handle that. Back then, not many people had experience on Check Point firewalls or even AlgoSec.

Overall, the deployment is easy, but because our organization has a change process, the testing process involved with that takes a longer time. The actual integration is not difficult and it won't take much time.

Rather than talking about simplifying the installation, it should be standardized. There should be more documentation for AlgoSec. The firewall vendors, and even the network equipment vendors have more "Welcome to This Type of Management Tool." They have more clear documentation.

Some of the use cases appear in the community but the vendor could set up a forum where users can share tricky experiences and how to resolve them. An actual case-scenario Knowledge Base is much better than documentation that only describes the straightforward settings.

For maintenance of Algosec we need just one person. The deployment was done by our network team. I used to be on the network team and I was the one who introduced it. Later, I transferred to the security team. I log in to the content now, but not the platform. It is now managed by one of the network team members. Across our organization, there are about five people accessing it.

We used a system integrator to deploy it, called Dimension Data. 

It does its job. I don't expect more than that. We use it to manage the firewall and the firewall is such a mature product, and everything is satisfied.

We don't use it to help us in speeding up setting the firewall ruleset or doing testing phases, because our development cycle is a little bit different. The developers have to state what they need and then we apply it. We only use AlgoSec to cross-check when the testing result moves to production. It doesn't help us much in the development stage.

In terms of the cloud, we are just beginning to build a CoE, a core of excellence. There are many other native solutions provided by the CSP and there are some CASPI solutions—CWP, PP, and CSPM—that will help us with the governance of firewalls or the network security policies. We haven't determined our direction yet.

We needed something to tell us the quality of our firewall rules in terms of their implementation.

We use the following components of AlgoSec: AlgoSec Firewall Analyzer (AFA), FireFlow, AppChange, and CloudFlow.

I get reports that address the different types of things that we look for in security which it protects for, mainly things in the firewall with monitoring or compliance. With this, I felt like it is a great product.

Because of how sophisticated the product is, it allowed us to get very useful, actionable information, reducing the time it takes to implement firewall rules in our organization by 40 percent. However, we are still trying to figure out if we are going to switch to it permanently.

I felt like the compliance blueprints were more sophisticated, which is kind of what we need. The type of environment we need in order to reduce risk is to have a number of different compliance blueprints that will give us the flexibility of being able to handle multiple different kinds of audits.

We use it to assess some of the readiness of some of our projects. We use it to model what we potentially would do if we keep it on, which it looks like we probably might. So, we did use it to help with some modeling.

AlgoSec's automation helped to reduce human error and misconfigurations. They have built-in ISO and other types of compliance fabrics. That reduces errors because it does a lot of policy thinking for you. This has improved our security operations.

It empowered our security engineers because you need to have the best, top-end tool if you are looking at modern high-end threats. 

We have used the solution to implement and manage microsegmentation initiatives. That is the whole point of modeling towards, "Hey, how will this work for a specific situation in the end?" I think it's a great solution because a lot of companies are not just going to the cloud, but microsegmentation and service-delivered products. So, I feel like it is very capable and comparatively better than its peers, if not equal.

AlgoSec is very complimentary to Cisco ACI because a lot of people are doing SDN. Having that integration is critical because a lot of the applications are more geared toward ACI. So, having something that compliments but doesn't break or get in the way of what the client finds important is ideal. Because, in some cases, we are not just representing ourselves, we have to extend what the client wants.

The Analyzer was the thing that had the most value because I am all about the quality of the rules and number of the rules. I thought it was really a great product, especially because we have more than one type of firewall.

I liked the level of detail. I thought it was a good measure of what people needed to understand. It had really useful information about controlling the environment. It looked like AlgoSec has done a really good job with developing what customers might find useful.

AlgoSec provides us with full visibility into the risk involved in firewall change requests. There is a lot of competition out there. This provides a comprehensive environment where risk is properly captured, which is very valuable.

The list of tools in the AlgoSec suite all seem to complement each other, which is what we needed towards making sure that we weren't leaving anything out. So, it seemed to be comprehensive enough between all the different products.

AlgoSec helped us to gain visibility into our application connectivity flows, which was important. We have Splunk, so we need a firewall/security expert view on top of Splunk. I felt like AlgoSec gave us that information. This allowed us to show that AlgoSec could be a valuable contributor to our security environment.

It enables us to manage multiple or dispersed environments in a single pane of glass. This is good because we have a complex support model that we are trying to simplify. There are as few panes of glass as necessary. Even with a separate security pane, it is worth it. 

The API integration could potentially improve. I didn't get a chance to look and see how well this solution can integrate with ServiceNow or our GRC environment.

We demoed it for about three months.

It is a very stable product. It is definitely more stable than FireMon. I felt pretty good about it. I didn't have to worry about apologizing for the product because of integrity issues, which is usually a thing. I felt like I did not have to worry about it.

It was very scalable, which is important. One of the reasons that I was able to champion it (in terms of the demo) is because we were starting small. However, if everybody likes it, we will ramp up pretty big.

The SOC has about 10 admins. There are a lot of IP addresses. These 10 guys administer about 3,000 devices.

We haven't really had to call much. That was one thing we were trying to figure out: If we are going to get a consultant or get some a la carte stuff during the demo. We will probably look up a support agreement from the corporate side, if this goes into production. There are some people with whom we are talking about the contract on the backside.

The initial setup was pretty straightforward. We had some help, but it just seemed pretty straightforward.

Deployment took about a month because of some internal stuff. This was fine because I couldn't get a lot of buy-in time on how much time we have for development.

We run a full SDLC where we use a project management organization who uses kind of an agile/waterfall hybrid. We have multiple departments that all have a stake in terms of how we deploy the demo to make sure that everything models exactly when we turned it on.

The migration process was easy because it was a complete product. We need something ready out-of-the-box to help where we don't have to figure out the product or use cases as much because it fits the use cases with its features. AlgoSec felt like a great fit to us.

We had some in-house talent who had some experience with AlgoSec. We also contracted an integrator.

It helps to have somebody who really knows the product well enough in order to get it modeled quickly. That way, the executives who are looking at it see success quickly. 

It is worth the cost. 

I heard that the licensing was around $100,000 a year, and I don't know how accurate that is. That seemed a little high, but compared to everybody else, it seemed about the same.

I have been at other companies in the past who did bake-offs.

It is not up to me. I just give them the information, putting the information into their hands and having them make the decision. However, I feel pretty strongly that AlgoSec could be it. Once we got rid of our third place (FireMon), I said, "Oh good. That gives AlgoSec a fighting chance." 

I have always thought it should be between Tufin and AlgoSec. That has always been the most realistic comparison to me. I didn't like FireMon's level of support. We thought AlgoSec was more scalable and efficient with better visibility. 

AlgoSec vs Tufin: I would have thought that Tufin would have won. AlgoSec kind of surprised me because: 

• We had better performance with AlgoSec.
• We were able to set it up easier. 
• The regulatory compliance matrices were better. 
• The ranking of risk in the firewall rules was better.
• The role-based access was really good at the time.

I probably wouldn't look at anything else if you're not going to integrate the API. Although a head-to-head trial is a good idea, a lot of people don't really have the time for all of that. Just start with AlgoSec. It is number one in a lot of markets for a reason.

We work with multiple security vendors for different tools and functionality. AlgoSec is an absolute leader when it comes to integrating with the leading vendors. I need to have things that are leading their sectors because that is the only way of answering security controls for risk.

We haven't had a breach as far as I know. However, I feel like if we were breached, this would be a critical tool because people would want to know what the firewalls saw. This is the best of the very best firewall tools. When you need something that tells you what is happening with top security devices and tools, this would be the first place where we would get intelligence about the breach. 

If we use AlgoSec, then we will use it 90 to 100 percent. If this solution gets the go ahead, then we may get the rest of the suite. Though, we are pretty much using the entire suite.

I would rate this solid nine (out of 10).