AlgoSec Reviews

We are using this product mainly for firewall and network management. It detects any firewall and network changes that are done manually and not within the change control time window. Finding out the traffic is blocked or not using BusinessFlow is really good.

It didn't improve in my organization. There is a lack of documentation when communicating between the AlgoSec appliance and the other appliance. When we raised these concerns to their support, they were not able to help us with the issues.

We loved the automatic policy or network topology change features in the AlgoSec appliance. It detects the changes and alerts when someone is trying to make changes in the firewalls or network devices during abnormal change-time windows.

It detects if the requested network and ports are getting blocked by the network or firewalls by a simple query, which helps to identify the network blocking firewalls in the topology.

1. AlgoSec support needs improvement, and support needs training to better understand customer issues. ( Support team repeatedly fails to understand the customer issues, Response to the support ticket based on the severity is very poor, support team responses to severity 1 or 2 tickets are very very slow. Customer support representative need training on how to handle severity 1 or 2 tickets)
2. Integration with other appliances needs improvement. ( AlgoSec integration with other ticketing systems like Service Manager / Service now is not good, It needs to have better integration with ticketing systems like Service Now and Atlassian JIRA)  
3. Documentation needs improvement. ( There is lack of documentation integration with other ticketing systems like HP service manager, Rest APIs, SOAP)
4. There are limited sets of Python API calls, so they need to add more features in the API.
5. The FireFlow template does not allow the user to perform external actions like sending an email or triggering a specific action. It needs improvement there.

AlgoSec support is very, very poor. Their support engineers do not even understand the problem or the severity of cases. AlgoSec is pretty bad with handling hardware appliance failure.

This is the first solution we used.

My advice is to please make sure that you evaluate other competitive products before choosing this solution.

The price is high but the support is extremely poor, so keep that in mind before choosing this product.

We evaluated FireMon before choosing this solution.

We use it for global firewall rules management to ensure global policies are applied to all regional firewalls, provide auditing and compliance.

• Central firewall management
• Security policy change management
• Firewall auditing
• Compliance
• Firewall policy optimization

AlgoSec FireFlow:

• Eliminates mistakes and optimizes firewall rules.
• Firewall rule compliance with global security policies.
• Eliminates redundant and unused firewall rules.
• Reporting.
  

• It needs better API integration with its third-party firewall management.
• It needs support for its cloud-based solution.

No stability issues.

No scalability issues.

We have had no complaints about their support.

We did not previously use a different solution.

It is somewhat complex to initially setup.

We implemented it in-house.

Not applicable.

Not applicable.

Not applicable.

To down level firewall care so context owners and operations can be more agile in their day-to-day operations. It improves audibility and security by having instant access to firewall configurations. It has the ability to create architectures improving performance, reducing costs and KPIs. 

AlgoSec makes it quite easy to down level firewall auditing, running, and maintenance. This has given the operations team, audit, and security instant  access to firewall configurations.  

The whole platform is extremely useful. I like the auto-mapping features and configuration overview. We use this for many things, but primarily for quick reactions to security events, audit, project management, and quick operational efficiencies. 

A modernized GUI would be a nice feature upgrade. The GUI looks a little outdated. 

There are a lot of updates for the product which have been good. However, it is a pain to always have to upgrade the product. 

No stability issues.

No scalability issues.

Our experience with the support is fair. 

No.

It is pretty easy to set up and run.

We implemented it in-house. 

It has improved our performance in operations, projects, and security. 

It will reduce your operations costs with improved team performance. 

We evaluated FireMon.

Overall, the product is very good for firewall insights. 

I work at a multi-vendor firewall environment. AlgoSec is primarily used to see what firewall policies are in place, as well as PCI compliance levels.

AlgoSec has helped us save time by having one central location to view firewall policies, especially when crossing multiple vendors.

The PCI compliance feature has been helpful in preparing for audits. The Firewall Analyzer has been very helpful.

We are still waiting to implement FireFlow, and getting it into place will hopefully speed up our implementation time and help with policy standardization. There have been some difficulties in getting this portion set up in our environment.

No stability issues.

No scalability issues.

Our primary use case started as policy optimization in a multi-vendor firewall environment. Now, our primary use case is giving access to firewall policies for development teams and infrastructure specialists. We are receiving better change requests based on actual requirements and less requests for access which already exists.

Over time, firewall vendors have added features, such as rule counters, that AlgoSec traditionally has offered. However, AlgoSec continues to add capabilities that firewall vendors simply cannot provide. We have reduced the attack surface of risky rules, improved our compliance scores, and streamlined our firewall change flow all thanks to AlgoSec Firewall Analyzer.

The ease of use and "one click" reports are very manager friendly. The policy browser is a fast, efficient way to find existing access, especially when granted via membership of a group or subnet. The ability to painlessly click through and navigate group objects ("what's in this object?") to filter.

The Flash to HTML5 rewrite has been bumpy. However, as a security professional, I appreciate the improvement in the product.

I am optimistic about possibly moving beyond AFA to other products.

R&D patches to address issues that I have encountered have been timely and effective.

If a use case comes where a customer who has different firewalls, e.g., Palo Alto and Fortinet, wants a single pane of glass, where all the firewalls are visible, this is the only use case where AlgoSec would be used.

The customer has to judge, "Are they going to pay hundreds of thousands of dollars for the feature of seeing firewalls of different vendors under the same hood?" Is that the value they want versus the dollar value they are spending? Most of the time, the answer is no. Customers don't want to spend $300,000 or $400,000 just to see a single dashboard. Especially during COVID times, it has become even more impossible to sell such a product. 

From a product perspective, AlgoSec has multiple components. Its security management solution is the primary one that you need to have. You must have this in order to install the platform. 

There are some legacy customers still using AlgoSec. The benefit is the ease in management of firewalls and rules. Also, if they have a small setup, making changes to multiple firewalls at the same time is something the customer enjoys due to limited resources. When an organization becomes an enterprise, then change management comes into the picture as well as best practices, so making changes to multiple devices at the same time is not good. 

It has the capability to be an enterprise grade product, but the use cases have not been fine-tuned for that in the past four years.

There are some integration-related issues too. For example, AlgoSec does not integrate with Forcepoint, and Forcepoint Firewalls have become very prevalent these days. They also don't integrate with Aruba devices. So, the integration ecosystem of AlgoSec is very limited, which is also the case with Firemon.

These days, people are looking at products which can visualize not only their firewalls, but also their networking equipment, under a single map. Can AlgoSec do this? Yes, it can, but with very limited capacity. If I try to sell the automation story of firewall management, there are vendors, like Forcepoint, who are not supported, so if a customer has Forcepoint, then I have to straight away walk off. The worst part of the story is they don't have even a roadmap for this.

Another problem with AlgoSec is that it gives you the capability to make changes to hundreds of your firewalls at the same time, but big enterprises have change management policies. Change managers will never allow you to make changes to more than 10 devices at the same time, which is a feature in AlgoSec. Because, what if something goes wrong, then you have to roll back and figure out what caused the impact, e.g., which firewall did not work well. Doing that post-mortem becomes a difficult thing. So, change automation on a firewall is actually defeating the purpose of the change management policies in any organization. If you run a bank, you will not allow anyone to make changes at the same time from a single click for 10 firewalls. The bank will never allow this. So, what is the use of this automation? Even if you are using this automation, you can do it from your native firewall vendor, e.g., Panorama or FortiManager, where everyone has their own cluster managers. At least if something goes wrong, you can still call Palo Alto and tell them you are Panorama has not done the change right, causing you an impact, and this is your Palo Alto firewall. 

In this case, if I have to raise a case first, then I have to call AlgoSec and check why it has not worked. Second, I have to call the firewall vendors that their firewall is not working well, but AlgoSec has done the right job. Handling multiple vendors for such a trivial issue becomes a problem.

I have been using AlgoSec for four years. First I was a customer, then I became a partner.

If you hit a bug with mass changes, do you troubleshoot on AlgoSec or the firewall? Now, you have two products that you have to tackle for bugs. The two vendors then finger point and you waste time. That is why having the firewall and firewall manager together from a vendor, like Palo Alto, is better.

If the scope of work is just firewall management, it is easy to deploy. However, when you add the flow information, since AlgoSec can also import the flows of your firewall rules, that is live traffic. Then you include FireFlow, or it becomes a nightmare, because what you have to do is take a copy of traffic from different segments/firewalls and bring it into AlgoSec. Doing that becomes a challenge because a lot of companies, such as banks, will not allow you to sniff the firewall traffic live traffic because they have credit card information. 

These days, the traffic has changed to HTTPS, which is all encrypted. Four or five years back, it was HTTP, which was all plain text. Even if you take a mirror of the traffic, how can you decrypt it? You need a decryptor to look inside. FireFlow looks at the packet of the transaction. In order to look at the packet/payload, I have to decrypt it because now it is encrypted. But, who will decrypt it? Then you have to buy another product that does decryption.

Customers look at return on investment to determine the benefit from a product, e.g., the tangible value in return. If I go to sell AlgoSec or Firemon today, the customer will say, "I already have Palo Alto," because Palo Alto Panorama has picked up a lot in the last five years of this market. 

AlgoSec is not a cheap product. If I compare Firemon and AlgoSec, because I am also Firemon certified, Firemon is still cheaper in price than AlgoSec. That is another catch. 

AlgoSec-type products and requirements are not necessary or prevalent these days. If you look at AlgoSec, what do they have? They do firewall management, predominantly. Firewall management as a technology is dying. If you look at Palo Alto, Fortinet, Forcepoint, Cisco, or Juniper, all these firewall vendors are coming up with firewall management platforms. If you talk about Palo Alto, they have Panorama. If you talk about Juniper, they have Junos Space. If you talk about Fortinet, they have FortiManager. You can manage their firewalls using the respective vendor management consoles. The question comes, "Why would someone want to use AlgoSec to do firewall management?" The usability takes a dip in terms of capability because people trust the native vendor, e.g., someone who manages Palo Alto firewalls will do it with Panorama because Panorama is a product of Palo Alto.

AlgoSec's use case was good four years ago before FortiManager and Panorama. If you have a hundred firewalls from Fortinet, then you can manage all of them for a single FortiManager. If you have 50 Palo Alto Firewalls, you can manage those from Panorama in a single pane of glass. These solutions did not exist four years ago, and now AlgoSec is losing its essence in the market since these native vendors have been launched.

Four years ago when I started off with AlgoSec, and I'm still working with them, it was strategic. Now, it has become tactical. AlgoSec has a very good feature of doing firewall rule optimization, which has not been there in the native products. For the last couple of years, the native products also started coming up with firewall rule optimization. For example, Palo Alto (from PAN-OS 9.0 and above) was released a year and a half back. It does firewall rule analysis for you. It is the same case with Fortinet and Forcepoint. Therefore, if I have to sell products on firewall management, which does firewall rules on analysis, what is the use case that I give to customers with AlgoSec?

I am running out of AlgoSec use cases because the native vendors give you the capability to do firewall management, firewall rule analysis, and pushing conflicts to multiple firewalls from a single screen. These are the use cases of AlgoSec. This is what AlgoSec does. This story is not just limited to AlgoSec. Products like FireMon and AlgoSec and the way they used to do firewall management have become a commodity. Now, most of the firewalling vendors have the same functionality in their management console. 

Companies, like RedSeal, or even to an extent, Skybox, are better built because they take the story to the next level. They don't just look at firewalls. They also look at the network, vulnerabilities, risk, governance, compliance, architecture issues, and incident response. This is the story which customers love to see because none of the native vendors are providing this. 

RedSeal and Skybox are doing firewall management for free. They don't charge you for it. On top of it, they do:

• Complete network visualization.
• Give you best practice conflict checks.
• Security architecture issues.
• Risk analysis of every IP asset in your organization.
• Vulnerability prioritization.

AlgoSec has been amazing, but it did not evolve well with time. If you look at AlgoSec from a cloud perspective, it does not support service chaining. So, if I have Palo Alto Firewall in the cloud, which has become very common, they can't detect that firewall. If I ask them to detect Oracle Cloud, they can't detect that. The problem about cloud, even if I'm doing service chaining with VMware NSX and Palo Alto, which is a very famous integration, they can't detect them. They cannot detect these because they are new things which have happened in the market in the last three years. So, they aren't able to catch up. The legacy part is good, but they are not able to catch up on the latest stuff, like service chaining. With anything new, AlgoSec is unfortunately running behind. 

I have used all the components: CloudFlow, Firewall Analyzer, FireFlow, and Algo Bot (which I have used to optimize policies). I have not used AppViz a lot because it just came out. If you talk about the complete suite, then AppViz gives you application-related visibility. However, when you don't have a rich integration ecosystem versus a native firewalling vendor, like Palo Alto, who does give this. What is the use of having AlgoSec (or Firemon)?

I would rate this solution as a seven out of 10. The product is good, but the issue is with AlgoSec's use cases.

The primary use of this solution is to extract Risky Rules reports obtained from our Firewalls, check the rules, and proceed with changes on the Firewall as needed. In these reports, we also see the traffic being applied for different rules.

The traffic used for different Firewall rules can be obtained and then, we have a clear idea of the use for different rules. If some service or protocol is more often used or not, we can see.

We use the FireFlow tool to create the rule to be validated and applied in the appropriate Firewall. FireFlow can install the rule automatically.

This solution has improved our Security in our Firewalls. This has helped to restrict rules, delete rules that are too permissive, and create a configuration that complies with our security policy.

The reports are very useful for determining whether our Firewalls are compliant with our security rules and directives.

The feature that I've found most valuable is the risk classifications for different rules. The number of different risky rules that we have for each Firewall is determined automatically. 

The traffic used or not for every service is very useful to check if some service is needed or not. In cases where it is not used, we can delete or disable it.

The FireFlow tool is very useful with the automatic installation of rules into Firewalls. It detects the router and applies the new rules, which saves us time in manual configuration.

There are sometimes issues with the Risky Rules reports where the number of hits is registering zero, but we know that this is incorrect because we have checked the rules and see that they are indeed registering traffic.

Sometimes the Trust setting on Firewall rules is changing to trusted by itself.

I have been using AlgoSec for more than one year.

I have very good impressions of AlgoSec stability.

The scalability is very good.

I did not use another solution prior to this one.

I did not evaluate other options before choosing AlgoSec.

Overall, I think this tool is very useful and we think that it's difficult to improve.

AlgoSec is a global tool that has been purchased to get a centralized view of our infrastructure. This enables us to review our security posture and implement a compliance strategy.

AlgoSec is also used for in-depth firewall analysis and intelligent policy tuning and optimization. It helps in regulatory compliance metrics and overall firewall security optimization. It is currently used by the network security, audit, and internal control departments of organizations, giving overall insight/visibility and enhancing improved security across the enterprise.

It has been really helpful in automating changes. This helps us to reduce operational work drastically. The product has centralized visibility, unified management, and reporting across an entire hybrid environment. It can be deployed on-premises, in a private cloud, public cloud, and in SDN platforms. It automatically discovers applications and their connectivity flows, then associates connectivity with their underlying firewall rules.

AlgoSec's solutions are incredibly powerful, providing us with intelligent process improvement that has directly translated into the highest level of security and compliance for our internal network.

AlgoSec is one of the most complete security management solutions on the market. It manages security and compliance based on the applications that power our business. It is one product combining multiple tools. This makes a real difference compared to its competitors.

It helps us deploy new business applications quickly and securely. It ties cyber threats directly to critical business processes.

Using AlgoSec is a double benefit to us. By using this solution we can reduce the cost and the number of errors in our daily operation and also expand our offerings. 

It has reduced our audit preparation efforts and costs drastically and maintains continuous compliance.

AlgoSec delivers a rich set of change management workflows and enables zero-touch change processes if no risks are identified.

AlgoSec proactively analyzes all risks in the network security policy, across multi-vendor firewalls and cloud security groups.

AlgoSec is the only solution that supports the entire security policy management lifecycle from application connectivity discovery, through migration, maintenance, and decommissioning. Independent testing describes it as ‘one of the most complete security management solutions on the market’.

It seamlessly integrates with all leading brands of traditional and NGFWs, cloud security controls, routers, and load balancers.

The graphical user interface is much better than in other products.

The GUI has not been upgraded for a long time and could use updating.

We have been using AlgoSec for several years.

I'm sure we will use this solution for ten more years, at least, as long as it continues to do what is promised.

This product is ready to work within a next-generation infrastructure environment. It simplifies and automates network security policy management to make your enterprise more agile, more secure and more compliant – all the time.

Overall, this is a complete product that helps our organization on a daily basis.