We are using this product mainly for firewall and network management. It detects any firewall and network changes that are done manually and not within the change control time window. Finding out the traffic is blocked or not using BusinessFlow is really good.
DevOps Engineer at a tech company with 10,001+ employees
Automatically detects changes outside of approved times, but technical support is poor and documentation needs improvement
Pros and Cons
- "It detects if the requested network and ports are getting blocked by the network or firewalls by a simple query, which helps to identify the network blocking firewalls in the topology."
- "The FireFlow template does not allow the user to perform external actions like sending an email or triggering a specific action."
What is our primary use case?
How has it helped my organization?
It didn't improve in my organization. There is a lack of documentation when communicating between the AlgoSec appliance and the other appliance. When we raised these concerns to their support, they were not able to help us with the issues.
What is most valuable?
We loved the automatic policy or network topology change features in the AlgoSec appliance. It detects the changes and alerts when someone is trying to make changes in the firewalls or network devices during abnormal change-time windows.
It detects if the requested network and ports are getting blocked by the network or firewalls by a simple query, which helps to identify the network blocking firewalls in the topology.
What needs improvement?
- AlgoSec support needs improvement, and support needs training to better understand customer issues. ( Support team repeatedly fails to understand the customer issues, Response to the support ticket based on the severity is very poor, support team responses to severity 1 or 2 tickets are very very slow. Customer support representative need training on how to handle severity 1 or 2 tickets)
- Integration with other appliances needs improvement. ( AlgoSec integration with other ticketing systems like Service Manager / Service now is not good, It needs to have better integration with ticketing systems like Service Now and Atlassian JIRA)
- Documentation needs improvement. ( There is lack of documentation integration with other ticketing systems like HP service manager, Rest APIs, SOAP)
- There are limited sets of Python API calls, so they need to add more features in the API.
- The FireFlow template does not allow the user to perform external actions like sending an email or triggering a specific action. It needs improvement there.
Buyer's Guide
AlgoSec
November 2024
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,763 professionals have used our research since 2012.
For how long have I used the solution?
We have been using this solution for one year.
How are customer service and support?
AlgoSec support is very, very poor. Their support engineers do not even understand the problem or the severity of cases. AlgoSec is pretty bad with handling hardware appliance failure.
Which solution did I use previously and why did I switch?
This is the first solution we used.
What's my experience with pricing, setup cost, and licensing?
My advice is to please make sure that you evaluate other competitive products before choosing this solution.
The price is high but the support is extremely poor, so keep that in mind before choosing this product.
Which other solutions did I evaluate?
We evaluated FireMon before choosing this solution.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Ensures global policies are applied to all regional firewalls. Needs support for its cloud-based solution.
Pros and Cons
- "We use it for global firewall rules management to ensure global policies are applied to all regional firewalls, provide auditing and compliance."
- "It needs better API integration with its third-party firewall management."
- "It needs support for its cloud-based solution."
What is our primary use case?
We use it for global firewall rules management to ensure global policies are applied to all regional firewalls, provide auditing and compliance.
How has it helped my organization?
- Central firewall management
- Security policy change management
- Firewall auditing
- Compliance
- Firewall policy optimization
What is most valuable?
AlgoSec FireFlow:
- Eliminates mistakes and optimizes firewall rules.
- Firewall rule compliance with global security policies.
- Eliminates redundant and unused firewall rules.
- Reporting.
What needs improvement?
- It needs better API integration with its third-party firewall management.
- It needs support for its cloud-based solution.
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
No stability issues.
What do I think about the scalability of the solution?
No scalability issues.
How are customer service and technical support?
We have had no complaints about their support.
Which solution did I use previously and why did I switch?
We did not previously use a different solution.
How was the initial setup?
It is somewhat complex to initially setup.
What about the implementation team?
We implemented it in-house.
What was our ROI?
Not applicable.
What's my experience with pricing, setup cost, and licensing?
Not applicable.
Which other solutions did I evaluate?
Not applicable.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
AlgoSec
November 2024
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,763 professionals have used our research since 2012.
Director of Cybersecurity
It has the ability to create architectures improving performance and reducing costs
Pros and Cons
- "I like the auto-mapping features and configuration overview. We use this for many things, but primarily for quick reactions to security events, audit, project management, and quick operational efficiencies."
- "It improves audibility and security by having instant access to firewall configurations."
- "It has the ability to create architectures improving performance and reducing costs."
What is our primary use case?
To down level firewall care so context owners and operations can be more agile in their day-to-day operations. It improves audibility and security by having instant access to firewall configurations. It has the ability to create architectures improving performance, reducing costs and KPIs.
How has it helped my organization?
AlgoSec makes it quite easy to down level firewall auditing, running, and maintenance. This has given the operations team, audit, and security instant access to firewall configurations.
What is most valuable?
The whole platform is extremely useful. I like the auto-mapping features and configuration overview. We use this for many things, but primarily for quick reactions to security events, audit, project management, and quick operational efficiencies.
What needs improvement?
A modernized GUI would be a nice feature upgrade. The GUI looks a little outdated.
There are a lot of updates for the product which have been good. However, it is a pain to always have to upgrade the product.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
No stability issues.
What do I think about the scalability of the solution?
No scalability issues.
How are customer service and technical support?
Our experience with the support is fair.
Which solution did I use previously and why did I switch?
No.
How was the initial setup?
It is pretty easy to set up and run.
What about the implementation team?
We implemented it in-house.
What was our ROI?
It has improved our performance in operations, projects, and security.
It will reduce your operations costs with improved team performance.
Which other solutions did I evaluate?
We evaluated FireMon.
What other advice do I have?
Overall, the product is very good for firewall insights.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Sr Firewall Engineer at a tech consulting company with 1,001-5,000 employees
The PCI compliance feature has been helpful in preparing for audits
Pros and Cons
- "AlgoSec has helped us save time by having one central location to view firewall policies, especially when crossing multiple vendors."
- "The PCI compliance feature has been helpful in preparing for audits."
- "We are still waiting to implement FireFlow, and getting it into place will hopefully speed up our implementation time and help with policy standardization."
What is our primary use case?
I work at a multi-vendor firewall environment. AlgoSec is primarily used to see what firewall policies are in place, as well as PCI compliance levels.
How has it helped my organization?
AlgoSec has helped us save time by having one central location to view firewall policies, especially when crossing multiple vendors.
What is most valuable?
The PCI compliance feature has been helpful in preparing for audits. The Firewall Analyzer has been very helpful.
What needs improvement?
We are still waiting to implement FireFlow, and getting it into place will hopefully speed up our implementation time and help with policy standardization. There have been some difficulties in getting this portion set up in our environment.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
No stability issues.
What do I think about the scalability of the solution?
No scalability issues.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Works at a insurance company with 10,001+ employees
We have reduced the attack surface of risky rules, improved our compliance scores, and streamlined our firewall change flow
Pros and Cons
- "We have reduced the attack surface of risky rules, improved our compliance scores, and streamlined our firewall change flow all thanks to AlgoSec Firewall Analyzer."
- "R&D patches to address issues that I have encountered have been timely and effective."
- "The Flash to HTML5 rewrite has been bumpy."
What is our primary use case?
Our primary use case started as policy optimization in a multi-vendor firewall environment. Now, our primary use case is giving access to firewall policies for development teams and infrastructure specialists. We are receiving better change requests based on actual requirements and less requests for access which already exists.
How has it helped my organization?
Over time, firewall vendors have added features, such as rule counters, that AlgoSec traditionally has offered. However, AlgoSec continues to add capabilities that firewall vendors simply cannot provide. We have reduced the attack surface of risky rules, improved our compliance scores, and streamlined our firewall change flow all thanks to AlgoSec Firewall Analyzer.
What is most valuable?
The ease of use and "one click" reports are very manager friendly. The policy browser is a fast, efficient way to find existing access, especially when granted via membership of a group or subnet. The ability to painlessly click through and navigate group objects ("what's in this object?") to filter.
What needs improvement?
The Flash to HTML5 rewrite has been bumpy. However, as a security professional, I appreciate the improvement in the product.
I am optimistic about possibly moving beyond AFA to other products.
For how long have I used the solution?
Three to five years.
How is customer service and technical support?
R&D patches to address issues that I have encountered have been timely and effective.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Regional Sales Engineer at RedSeal, Inc.
Making changes to multiple firewalls at the same time is beneficial for a small customer due to limited resources, but not good for enterprise grade level customers
Pros and Cons
- "There are some legacy customers still using AlgoSec. The benefit is the ease in management of firewalls and rules."
- "It gives you the capability to make changes to hundreds of your firewalls at the same time, but big enterprises have change management policies. Change managers will never allow you to make changes to more than 10 devices at the same time, which is a feature in AlgoSec. Because, what if something goes wrong, then you have to roll back and figure out what caused the impact, e.g., which firewall did not work well. Doing that post-mortem becomes a difficult thing. So, change automation on a firewall is actually defeating the purpose of the change management policies in any organization. If you run a bank, you will not allow anyone to make changes at the same time from a single click for 10 firewalls. The bank will never allow this."
What is our primary use case?
If a use case comes where a customer who has different firewalls, e.g., Palo Alto and Fortinet, wants a single pane of glass, where all the firewalls are visible, this is the only use case where AlgoSec would be used.
The customer has to judge, "Are they going to pay hundreds of thousands of dollars for the feature of seeing firewalls of different vendors under the same hood?" Is that the value they want versus the dollar value they are spending? Most of the time, the answer is no. Customers don't want to spend $300,000 or $400,000 just to see a single dashboard. Especially during COVID times, it has become even more impossible to sell such a product.
From a product perspective, AlgoSec has multiple components. Its security management solution is the primary one that you need to have. You must have this in order to install the platform.
How has it helped my organization?
There are some legacy customers still using AlgoSec. The benefit is the ease in management of firewalls and rules. Also, if they have a small setup, making changes to multiple firewalls at the same time is something the customer enjoys due to limited resources. When an organization becomes an enterprise, then change management comes into the picture as well as best practices, so making changes to multiple devices at the same time is not good.
It has the capability to be an enterprise grade product, but the use cases have not been fine-tuned for that in the past four years.
What needs improvement?
There are some integration-related issues too. For example, AlgoSec does not integrate with Forcepoint, and Forcepoint Firewalls have become very prevalent these days. They also don't integrate with Aruba devices. So, the integration ecosystem of AlgoSec is very limited, which is also the case with Firemon.
These days, people are looking at products which can visualize not only their firewalls, but also their networking equipment, under a single map. Can AlgoSec do this? Yes, it can, but with very limited capacity. If I try to sell the automation story of firewall management, there are vendors, like Forcepoint, who are not supported, so if a customer has Forcepoint, then I have to straight away walk off. The worst part of the story is they don't have even a roadmap for this.
Another problem with AlgoSec is that it gives you the capability to make changes to hundreds of your firewalls at the same time, but big enterprises have change management policies. Change managers will never allow you to make changes to more than 10 devices at the same time, which is a feature in AlgoSec. Because, what if something goes wrong, then you have to roll back and figure out what caused the impact, e.g., which firewall did not work well. Doing that post-mortem becomes a difficult thing. So, change automation on a firewall is actually defeating the purpose of the change management policies in any organization. If you run a bank, you will not allow anyone to make changes at the same time from a single click for 10 firewalls. The bank will never allow this. So, what is the use of this automation? Even if you are using this automation, you can do it from your native firewall vendor, e.g., Panorama or FortiManager, where everyone has their own cluster managers. At least if something goes wrong, you can still call Palo Alto and tell them you are Panorama has not done the change right, causing you an impact, and this is your Palo Alto firewall.
In this case, if I have to raise a case first, then I have to call AlgoSec and check why it has not worked. Second, I have to call the firewall vendors that their firewall is not working well, but AlgoSec has done the right job. Handling multiple vendors for such a trivial issue becomes a problem.
For how long have I used the solution?
I have been using AlgoSec for four years. First I was a customer, then I became a partner.
What do I think about the stability of the solution?
If you hit a bug with mass changes, do you troubleshoot on AlgoSec or the firewall? Now, you have two products that you have to tackle for bugs. The two vendors then finger point and you waste time. That is why having the firewall and firewall manager together from a vendor, like Palo Alto, is better.
How was the initial setup?
If the scope of work is just firewall management, it is easy to deploy. However, when you add the flow information, since AlgoSec can also import the flows of your firewall rules, that is live traffic. Then you include FireFlow, or it becomes a nightmare, because what you have to do is take a copy of traffic from different segments/firewalls and bring it into AlgoSec. Doing that becomes a challenge because a lot of companies, such as banks, will not allow you to sniff the firewall traffic live traffic because they have credit card information.
These days, the traffic has changed to HTTPS, which is all encrypted. Four or five years back, it was HTTP, which was all plain text. Even if you take a mirror of the traffic, how can you decrypt it? You need a decryptor to look inside. FireFlow looks at the packet of the transaction. In order to look at the packet/payload, I have to decrypt it because now it is encrypted. But, who will decrypt it? Then you have to buy another product that does decryption.
What was our ROI?
Customers look at return on investment to determine the benefit from a product, e.g., the tangible value in return. If I go to sell AlgoSec or Firemon today, the customer will say, "I already have Palo Alto," because Palo Alto Panorama has picked up a lot in the last five years of this market.
What's my experience with pricing, setup cost, and licensing?
AlgoSec is not a cheap product. If I compare Firemon and AlgoSec, because I am also Firemon certified, Firemon is still cheaper in price than AlgoSec. That is another catch.
Which other solutions did I evaluate?
AlgoSec-type products and requirements are not necessary or prevalent these days. If you look at AlgoSec, what do they have? They do firewall management, predominantly. Firewall management as a technology is dying. If you look at Palo Alto, Fortinet, Forcepoint, Cisco, or Juniper, all these firewall vendors are coming up with firewall management platforms. If you talk about Palo Alto, they have Panorama. If you talk about Juniper, they have Junos Space. If you talk about Fortinet, they have FortiManager. You can manage their firewalls using the respective vendor management consoles. The question comes, "Why would someone want to use AlgoSec to do firewall management?" The usability takes a dip in terms of capability because people trust the native vendor, e.g., someone who manages Palo Alto firewalls will do it with Panorama because Panorama is a product of Palo Alto.
AlgoSec's use case was good four years ago before FortiManager and Panorama. If you have a hundred firewalls from Fortinet, then you can manage all of them for a single FortiManager. If you have 50 Palo Alto Firewalls, you can manage those from Panorama in a single pane of glass. These solutions did not exist four years ago, and now AlgoSec is losing its essence in the market since these native vendors have been launched.
Four years ago when I started off with AlgoSec, and I'm still working with them, it was strategic. Now, it has become tactical. AlgoSec has a very good feature of doing firewall rule optimization, which has not been there in the native products. For the last couple of years, the native products also started coming up with firewall rule optimization. For example, Palo Alto (from PAN-OS 9.0 and above) was released a year and a half back. It does firewall rule analysis for you. It is the same case with Fortinet and Forcepoint. Therefore, if I have to sell products on firewall management, which does firewall rules on analysis, what is the use case that I give to customers with AlgoSec?
I am running out of AlgoSec use cases because the native vendors give you the capability to do firewall management, firewall rule analysis, and pushing conflicts to multiple firewalls from a single screen. These are the use cases of AlgoSec. This is what AlgoSec does. This story is not just limited to AlgoSec. Products like FireMon and AlgoSec and the way they used to do firewall management have become a commodity. Now, most of the firewalling vendors have the same functionality in their management console.
Companies, like RedSeal, or even to an extent, Skybox, are better built because they take the story to the next level. They don't just look at firewalls. They also look at the network, vulnerabilities, risk, governance, compliance, architecture issues, and incident response. This is the story which customers love to see because none of the native vendors are providing this.
RedSeal and Skybox are doing firewall management for free. They don't charge you for it. On top of it, they do:
- Complete network visualization.
- Give you best practice conflict checks.
- Security architecture issues.
- Risk analysis of every IP asset in your organization.
- Vulnerability prioritization.
What other advice do I have?
AlgoSec has been amazing, but it did not evolve well with time. If you look at AlgoSec from a cloud perspective, it does not support service chaining. So, if I have Palo Alto Firewall in the cloud, which has become very common, they can't detect that firewall. If I ask them to detect Oracle Cloud, they can't detect that. The problem about cloud, even if I'm doing service chaining with VMware NSX and Palo Alto, which is a very famous integration, they can't detect them. They cannot detect these because they are new things which have happened in the market in the last three years. So, they aren't able to catch up. The legacy part is good, but they are not able to catch up on the latest stuff, like service chaining. With anything new, AlgoSec is unfortunately running behind.
I have used all the components: CloudFlow, Firewall Analyzer, FireFlow, and Algo Bot (which I have used to optimize policies). I have not used AppViz a lot because it just came out. If you talk about the complete suite, then AppViz gives you application-related visibility. However, when you don't have a rich integration ecosystem versus a native firewalling vendor, like Palo Alto, who does give this. What is the use of having AlgoSec (or Firemon)?
I would rate this solution as a seven out of 10. The product is good, but the issue is with AlgoSec's use cases.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Senior Network Engineer at a energy/utilities company with 1,001-5,000 employees
Automatically optimizes existing rule sets to comply with our security policy
Pros and Cons
- "This has helped to restrict rules, delete rules that are too permissive, and create a configuration that complies with our security policy."
- "There are sometimes issues with the Risky Rules reports where the number of hits is registering zero, but we know that this is incorrect because we have checked the rules and see that they are indeed registering traffic."
What is our primary use case?
The primary use of this solution is to extract Risky Rules reports obtained from our Firewalls, check the rules, and proceed with changes on the Firewall as needed. In these reports, we also see the traffic being applied for different rules.
The traffic used for different Firewall rules can be obtained and then, we have a clear idea of the use for different rules. If some service or protocol is more often used or not, we can see.
We use the FireFlow tool to create the rule to be validated and applied in the appropriate Firewall. FireFlow can install the rule automatically.
How has it helped my organization?
This solution has improved our Security in our Firewalls. This has helped to restrict rules, delete rules that are too permissive, and create a configuration that complies with our security policy.
The reports are very useful for determining whether our Firewalls are compliant with our security rules and directives.
What is most valuable?
The feature that I've found most valuable is the risk classifications for different rules. The number of different risky rules that we have for each Firewall is determined automatically.
The traffic used or not for every service is very useful to check if some service is needed or not. In cases where it is not used, we can delete or disable it.
The FireFlow tool is very useful with the automatic installation of rules into Firewalls. It detects the router and applies the new rules, which saves us time in manual configuration.
What needs improvement?
There are sometimes issues with the Risky Rules reports where the number of hits is registering zero, but we know that this is incorrect because we have checked the rules and see that they are indeed registering traffic.
Sometimes the Trust setting on Firewall rules is changing to trusted by itself.
For how long have I used the solution?
I have been using AlgoSec for more than one year.
What do I think about the stability of the solution?
I have very good impressions of AlgoSec stability.
What do I think about the scalability of the solution?
The scalability is very good.
Which solution did I use previously and why did I switch?
I did not use another solution prior to this one.
Which other solutions did I evaluate?
I did not evaluate other options before choosing AlgoSec.
What other advice do I have?
Overall, I think this tool is very useful and we think that it's difficult to improve.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Network Engineer at Ti Automotive
Reduces costs and errors for compliance and audit preparation
Pros and Cons
- "It has reduced our audit preparation efforts and costs drastically and maintains continuous compliance."
- "The GUI has not been upgraded for a long time and could use updating."
What is our primary use case?
AlgoSec is a global tool that has been purchased to get a centralized view of our infrastructure. This enables us to review our security posture and implement a compliance strategy.
AlgoSec is also used for in-depth firewall analysis and intelligent policy tuning and optimization. It helps in regulatory compliance metrics and overall firewall security optimization. It is currently used by the network security, audit, and internal control departments of organizations, giving overall insight/visibility and enhancing improved security across the enterprise.
It has been really helpful in automating changes. This helps us to reduce operational work drastically. The product has centralized visibility, unified management, and reporting across an entire hybrid environment. It can be deployed on-premises, in a private cloud, public cloud, and in SDN platforms. It automatically discovers applications and their connectivity flows, then associates connectivity with their underlying firewall rules.
AlgoSec's solutions are incredibly powerful, providing us with intelligent process improvement that has directly translated into the highest level of security and compliance for our internal network.
How has it helped my organization?
AlgoSec is one of the most complete security management solutions on the market. It manages security and compliance based on the applications that power our business. It is one product combining multiple tools. This makes a real difference compared to its competitors.
It helps us deploy new business applications quickly and securely. It ties cyber threats directly to critical business processes.
Using AlgoSec is a double benefit to us. By using this solution we can reduce the cost and the number of errors in our daily operation and also expand our offerings.
It has reduced our audit preparation efforts and costs drastically and maintains continuous compliance.
AlgoSec delivers a rich set of change management workflows and enables zero-touch change processes if no risks are identified.
What is most valuable?
AlgoSec proactively analyzes all risks in the network security policy, across multi-vendor firewalls and cloud security groups.
AlgoSec is the only solution that supports the entire security policy management lifecycle from application connectivity discovery, through migration, maintenance, and decommissioning. Independent testing describes it as ‘one of the most complete security management solutions on the market’.
It seamlessly integrates with all leading brands of traditional and NGFWs, cloud security controls, routers, and load balancers.
The graphical user interface is much better than in other products.
What needs improvement?
The GUI has not been upgraded for a long time and could use updating.
For how long have I used the solution?
We have been using AlgoSec for several years.
What other advice do I have?
I'm sure we will use this solution for ten more years, at least, as long as it continues to do what is promised.
This product is ready to work within a next-generation infrastructure environment. It simplifies and automates network security policy management to make your enterprise more agile, more secure and more compliant – all the time.
Overall, this is a complete product that helps our organization on a daily basis.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free AlgoSec Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Firewall Security ManagementPopular Comparisons
VMware NSX
Tufin Orchestration Suite
Fortinet FortiManager
Fortinet FortiGate Cloud
FireMon Security Manager
Skybox Security Suite
Palo Alto Networks Panorama
AWS Firewall Manager
Azure Firewall Manager
RedSeal
ManageEngine Firewall Analyzer
Fortinet FortiPortal
Cisco Defense Orchestrator
Opinnate
Buyer's Guide
Download our free AlgoSec Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- From your experience, what are the technical differences between AlgoSec and FireMon?
- What Is The Biggest Difference Between AlgoSec and FireMon?
- What is the biggest difference between AlgoSec and Tufin?
- What is your opinion on Fortinet FortiManager vs AlgoSec? Are they complementary?
- What are the differences between Palo Alto Networks Panorama and AlgoSec?
- Comparing network security vendors and devices
- When should companies use SSL Inspection?
- When evaluating Firewall Security Management, what aspect do you think is the most important to look for?
- What are the most important features you would be looking for in a firewall?
- How do I estimate the required firewall throughput for my organization?