I work at a multi-vendor firewall environment. AlgoSec is primarily used to see what firewall policies are in place, as well as PCI compliance levels.
Sr Firewall Engineer at a tech consulting company with 1,001-5,000 employees
The PCI compliance feature has been helpful in preparing for audits
Pros and Cons
- "AlgoSec has helped us save time by having one central location to view firewall policies, especially when crossing multiple vendors."
- "The PCI compliance feature has been helpful in preparing for audits."
- "We are still waiting to implement FireFlow, and getting it into place will hopefully speed up our implementation time and help with policy standardization."
What is our primary use case?
How has it helped my organization?
AlgoSec has helped us save time by having one central location to view firewall policies, especially when crossing multiple vendors.
What is most valuable?
The PCI compliance feature has been helpful in preparing for audits. The Firewall Analyzer has been very helpful.
What needs improvement?
We are still waiting to implement FireFlow, and getting it into place will hopefully speed up our implementation time and help with policy standardization. There have been some difficulties in getting this portion set up in our environment.
Buyer's Guide
AlgoSec
December 2024
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
No stability issues.
What do I think about the scalability of the solution?
No scalability issues.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Works at a insurance company with 10,001+ employees
We have reduced the attack surface of risky rules, improved our compliance scores, and streamlined our firewall change flow
Pros and Cons
- "We have reduced the attack surface of risky rules, improved our compliance scores, and streamlined our firewall change flow all thanks to AlgoSec Firewall Analyzer."
- "R&D patches to address issues that I have encountered have been timely and effective."
- "The Flash to HTML5 rewrite has been bumpy."
What is our primary use case?
Our primary use case started as policy optimization in a multi-vendor firewall environment. Now, our primary use case is giving access to firewall policies for development teams and infrastructure specialists. We are receiving better change requests based on actual requirements and less requests for access which already exists.
How has it helped my organization?
Over time, firewall vendors have added features, such as rule counters, that AlgoSec traditionally has offered. However, AlgoSec continues to add capabilities that firewall vendors simply cannot provide. We have reduced the attack surface of risky rules, improved our compliance scores, and streamlined our firewall change flow all thanks to AlgoSec Firewall Analyzer.
What is most valuable?
The ease of use and "one click" reports are very manager friendly. The policy browser is a fast, efficient way to find existing access, especially when granted via membership of a group or subnet. The ability to painlessly click through and navigate group objects ("what's in this object?") to filter.
What needs improvement?
The Flash to HTML5 rewrite has been bumpy. However, as a security professional, I appreciate the improvement in the product.
I am optimistic about possibly moving beyond AFA to other products.
For how long have I used the solution?
Three to five years.
How is customer service and technical support?
R&D patches to address issues that I have encountered have been timely and effective.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
AlgoSec
December 2024
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Regional Sales Engineer at RedSeal, Inc.
Making changes to multiple firewalls at the same time is beneficial for a small customer due to limited resources, but not good for enterprise grade level customers
Pros and Cons
- "There are some legacy customers still using AlgoSec. The benefit is the ease in management of firewalls and rules."
- "It gives you the capability to make changes to hundreds of your firewalls at the same time, but big enterprises have change management policies. Change managers will never allow you to make changes to more than 10 devices at the same time, which is a feature in AlgoSec. Because, what if something goes wrong, then you have to roll back and figure out what caused the impact, e.g., which firewall did not work well. Doing that post-mortem becomes a difficult thing. So, change automation on a firewall is actually defeating the purpose of the change management policies in any organization. If you run a bank, you will not allow anyone to make changes at the same time from a single click for 10 firewalls. The bank will never allow this."
What is our primary use case?
If a use case comes where a customer who has different firewalls, e.g., Palo Alto and Fortinet, wants a single pane of glass, where all the firewalls are visible, this is the only use case where AlgoSec would be used.
The customer has to judge, "Are they going to pay hundreds of thousands of dollars for the feature of seeing firewalls of different vendors under the same hood?" Is that the value they want versus the dollar value they are spending? Most of the time, the answer is no. Customers don't want to spend $300,000 or $400,000 just to see a single dashboard. Especially during COVID times, it has become even more impossible to sell such a product.
From a product perspective, AlgoSec has multiple components. Its security management solution is the primary one that you need to have. You must have this in order to install the platform.
How has it helped my organization?
There are some legacy customers still using AlgoSec. The benefit is the ease in management of firewalls and rules. Also, if they have a small setup, making changes to multiple firewalls at the same time is something the customer enjoys due to limited resources. When an organization becomes an enterprise, then change management comes into the picture as well as best practices, so making changes to multiple devices at the same time is not good.
It has the capability to be an enterprise grade product, but the use cases have not been fine-tuned for that in the past four years.
What needs improvement?
There are some integration-related issues too. For example, AlgoSec does not integrate with Forcepoint, and Forcepoint Firewalls have become very prevalent these days. They also don't integrate with Aruba devices. So, the integration ecosystem of AlgoSec is very limited, which is also the case with Firemon.
These days, people are looking at products which can visualize not only their firewalls, but also their networking equipment, under a single map. Can AlgoSec do this? Yes, it can, but with very limited capacity. If I try to sell the automation story of firewall management, there are vendors, like Forcepoint, who are not supported, so if a customer has Forcepoint, then I have to straight away walk off. The worst part of the story is they don't have even a roadmap for this.
Another problem with AlgoSec is that it gives you the capability to make changes to hundreds of your firewalls at the same time, but big enterprises have change management policies. Change managers will never allow you to make changes to more than 10 devices at the same time, which is a feature in AlgoSec. Because, what if something goes wrong, then you have to roll back and figure out what caused the impact, e.g., which firewall did not work well. Doing that post-mortem becomes a difficult thing. So, change automation on a firewall is actually defeating the purpose of the change management policies in any organization. If you run a bank, you will not allow anyone to make changes at the same time from a single click for 10 firewalls. The bank will never allow this. So, what is the use of this automation? Even if you are using this automation, you can do it from your native firewall vendor, e.g., Panorama or FortiManager, where everyone has their own cluster managers. At least if something goes wrong, you can still call Palo Alto and tell them you are Panorama has not done the change right, causing you an impact, and this is your Palo Alto firewall.
In this case, if I have to raise a case first, then I have to call AlgoSec and check why it has not worked. Second, I have to call the firewall vendors that their firewall is not working well, but AlgoSec has done the right job. Handling multiple vendors for such a trivial issue becomes a problem.
For how long have I used the solution?
I have been using AlgoSec for four years. First I was a customer, then I became a partner.
What do I think about the stability of the solution?
If you hit a bug with mass changes, do you troubleshoot on AlgoSec or the firewall? Now, you have two products that you have to tackle for bugs. The two vendors then finger point and you waste time. That is why having the firewall and firewall manager together from a vendor, like Palo Alto, is better.
How was the initial setup?
If the scope of work is just firewall management, it is easy to deploy. However, when you add the flow information, since AlgoSec can also import the flows of your firewall rules, that is live traffic. Then you include FireFlow, or it becomes a nightmare, because what you have to do is take a copy of traffic from different segments/firewalls and bring it into AlgoSec. Doing that becomes a challenge because a lot of companies, such as banks, will not allow you to sniff the firewall traffic live traffic because they have credit card information.
These days, the traffic has changed to HTTPS, which is all encrypted. Four or five years back, it was HTTP, which was all plain text. Even if you take a mirror of the traffic, how can you decrypt it? You need a decryptor to look inside. FireFlow looks at the packet of the transaction. In order to look at the packet/payload, I have to decrypt it because now it is encrypted. But, who will decrypt it? Then you have to buy another product that does decryption.
What was our ROI?
Customers look at return on investment to determine the benefit from a product, e.g., the tangible value in return. If I go to sell AlgoSec or Firemon today, the customer will say, "I already have Palo Alto," because Palo Alto Panorama has picked up a lot in the last five years of this market.
What's my experience with pricing, setup cost, and licensing?
AlgoSec is not a cheap product. If I compare Firemon and AlgoSec, because I am also Firemon certified, Firemon is still cheaper in price than AlgoSec. That is another catch.
Which other solutions did I evaluate?
AlgoSec-type products and requirements are not necessary or prevalent these days. If you look at AlgoSec, what do they have? They do firewall management, predominantly. Firewall management as a technology is dying. If you look at Palo Alto, Fortinet, Forcepoint, Cisco, or Juniper, all these firewall vendors are coming up with firewall management platforms. If you talk about Palo Alto, they have Panorama. If you talk about Juniper, they have Junos Space. If you talk about Fortinet, they have FortiManager. You can manage their firewalls using the respective vendor management consoles. The question comes, "Why would someone want to use AlgoSec to do firewall management?" The usability takes a dip in terms of capability because people trust the native vendor, e.g., someone who manages Palo Alto firewalls will do it with Panorama because Panorama is a product of Palo Alto.
AlgoSec's use case was good four years ago before FortiManager and Panorama. If you have a hundred firewalls from Fortinet, then you can manage all of them for a single FortiManager. If you have 50 Palo Alto Firewalls, you can manage those from Panorama in a single pane of glass. These solutions did not exist four years ago, and now AlgoSec is losing its essence in the market since these native vendors have been launched.
Four years ago when I started off with AlgoSec, and I'm still working with them, it was strategic. Now, it has become tactical. AlgoSec has a very good feature of doing firewall rule optimization, which has not been there in the native products. For the last couple of years, the native products also started coming up with firewall rule optimization. For example, Palo Alto (from PAN-OS 9.0 and above) was released a year and a half back. It does firewall rule analysis for you. It is the same case with Fortinet and Forcepoint. Therefore, if I have to sell products on firewall management, which does firewall rules on analysis, what is the use case that I give to customers with AlgoSec?
I am running out of AlgoSec use cases because the native vendors give you the capability to do firewall management, firewall rule analysis, and pushing conflicts to multiple firewalls from a single screen. These are the use cases of AlgoSec. This is what AlgoSec does. This story is not just limited to AlgoSec. Products like FireMon and AlgoSec and the way they used to do firewall management have become a commodity. Now, most of the firewalling vendors have the same functionality in their management console.
Companies, like RedSeal, or even to an extent, Skybox, are better built because they take the story to the next level. They don't just look at firewalls. They also look at the network, vulnerabilities, risk, governance, compliance, architecture issues, and incident response. This is the story which customers love to see because none of the native vendors are providing this.
RedSeal and Skybox are doing firewall management for free. They don't charge you for it. On top of it, they do:
- Complete network visualization.
- Give you best practice conflict checks.
- Security architecture issues.
- Risk analysis of every IP asset in your organization.
- Vulnerability prioritization.
What other advice do I have?
AlgoSec has been amazing, but it did not evolve well with time. If you look at AlgoSec from a cloud perspective, it does not support service chaining. So, if I have Palo Alto Firewall in the cloud, which has become very common, they can't detect that firewall. If I ask them to detect Oracle Cloud, they can't detect that. The problem about cloud, even if I'm doing service chaining with VMware NSX and Palo Alto, which is a very famous integration, they can't detect them. They cannot detect these because they are new things which have happened in the market in the last three years. So, they aren't able to catch up. The legacy part is good, but they are not able to catch up on the latest stuff, like service chaining. With anything new, AlgoSec is unfortunately running behind.
I have used all the components: CloudFlow, Firewall Analyzer, FireFlow, and Algo Bot (which I have used to optimize policies). I have not used AppViz a lot because it just came out. If you talk about the complete suite, then AppViz gives you application-related visibility. However, when you don't have a rich integration ecosystem versus a native firewalling vendor, like Palo Alto, who does give this. What is the use of having AlgoSec (or Firemon)?
I would rate this solution as a seven out of 10. The product is good, but the issue is with AlgoSec's use cases.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Sr Technical Consultant at a tech services company with 51-200 employees
Very powerful and useful tool; reduces operating costs by enabling access to all firewalls
Pros and Cons
- "Rather than logging in on separate firewalls, AlgoSec enables you to make changes on all firewalls from one pane of glass."
- "Lacking in support of other platforms."
What is our primary use case?
We are security consultants based in India. We provide solutions to our customers and implement for them. We deploy AlgoSec on cloud and on-premise, depending on the customer. The use case is generally for companies that have multiple firewall vendors. If you have FireEye, for example, you can create the rules according to your environment. But if you have four different kinds of firewalls, and you want to allow or block something, you need the configuration on all the firewalls. AlgoSec simplifies that process. Many of our clients in India use this solution. We are official partners of AlgoSec.
How has it helped my organization?
This solution will cut down operating costs in any company.
What is most valuable?
It's a bit difficult for a network engineer to login on the firewall and make the changes and in that sense, AlgoSec is a lifesaver. You don't need to log in on each separate firewall, you just login on AlgoSec and make changes on all the firewalls from one single pane of glass. You can get the logs from all the firewalls to your AlgoSec as well. And if you see any blocked traffic, you can delete it at the point it gets blocked. If you have five firewalls, it will show which firewall is getting blocked and that can be automated. It's a very powerful and useful tool that can be customized to your requirements. One of the main features is that you can configure all the rules in one place. It also provides a complete report of Euro firewall rules that complies with security authorities such as GDPR.
What needs improvement?
If we talk about Cloud and SDN Platforms it support AWS, Azure etc....
I'd like to see this solution support some other Cloud platforms as well such as Alibaba and a GCP to give the customer flexibility.
What do I think about the stability of the solution?
It's a very reliable and stable product because it's not dependent on any hardware, and is installed on a one-to-one machine.
What do I think about the scalability of the solution?
Scalability in this case really depends on whether the customer is able to provide the resources or not. It requires resources including memory, RAM, and those sorts of things. From a software point of view, I'd say it is very scalable.
How are customer service and technical support?
I haven't needed to access technical support because their documentation was so clean and in such a format that I was able to implement without any issues. My customers use it and they are pretty happy with it, because there is good customer support available in India.
How was the initial setup?
The initial setup is very straightforward. You just find the resources on the virtual machine and download.
What's my experience with pricing, setup cost, and licensing?
Licensing is on an annual basis. The best part is that if you have two or three firewalls, but you are using them in a cluster, it's counted as one. This is a basic aspect of the licensing with AlgoSec. I think the licensing is pretty good because they now have all the compliance issues sorted.
What other advice do I have?
If any user or customer has firewalls, maybe 15 or 20 plus, definitely go for this product. It cuts down operating costs. The benefit of AlgoSec is that you only need one engineer to do all the configurating, rather than separate engineers for the different firewalls. Not only that but you can automate as well. Obviously you have to integrate a texting management tool, but you can integrate and follow the focus.
I rate this solution a 10 out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Network Engineer at a energy/utilities company with 1,001-5,000 employees
Automatically optimizes existing rule sets to comply with our security policy
Pros and Cons
- "This has helped to restrict rules, delete rules that are too permissive, and create a configuration that complies with our security policy."
- "There are sometimes issues with the Risky Rules reports where the number of hits is registering zero, but we know that this is incorrect because we have checked the rules and see that they are indeed registering traffic."
What is our primary use case?
The primary use of this solution is to extract Risky Rules reports obtained from our Firewalls, check the rules, and proceed with changes on the Firewall as needed. In these reports, we also see the traffic being applied for different rules.
The traffic used for different Firewall rules can be obtained and then, we have a clear idea of the use for different rules. If some service or protocol is more often used or not, we can see.
We use the FireFlow tool to create the rule to be validated and applied in the appropriate Firewall. FireFlow can install the rule automatically.
How has it helped my organization?
This solution has improved our Security in our Firewalls. This has helped to restrict rules, delete rules that are too permissive, and create a configuration that complies with our security policy.
The reports are very useful for determining whether our Firewalls are compliant with our security rules and directives.
What is most valuable?
The feature that I've found most valuable is the risk classifications for different rules. The number of different risky rules that we have for each Firewall is determined automatically.
The traffic used or not for every service is very useful to check if some service is needed or not. In cases where it is not used, we can delete or disable it.
The FireFlow tool is very useful with the automatic installation of rules into Firewalls. It detects the router and applies the new rules, which saves us time in manual configuration.
What needs improvement?
There are sometimes issues with the Risky Rules reports where the number of hits is registering zero, but we know that this is incorrect because we have checked the rules and see that they are indeed registering traffic.
Sometimes the Trust setting on Firewall rules is changing to trusted by itself.
For how long have I used the solution?
I have been using AlgoSec for more than one year.
What do I think about the stability of the solution?
I have very good impressions of AlgoSec stability.
What do I think about the scalability of the solution?
The scalability is very good.
Which solution did I use previously and why did I switch?
I did not use another solution prior to this one.
Which other solutions did I evaluate?
I did not evaluate other options before choosing AlgoSec.
What other advice do I have?
Overall, I think this tool is very useful and we think that it's difficult to improve.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Network Engineer at Ti Automotive
Reduces costs and errors for compliance and audit preparation
Pros and Cons
- "It has reduced our audit preparation efforts and costs drastically and maintains continuous compliance."
- "The GUI has not been upgraded for a long time and could use updating."
What is our primary use case?
AlgoSec is a global tool that has been purchased to get a centralized view of our infrastructure. This enables us to review our security posture and implement a compliance strategy.
AlgoSec is also used for in-depth firewall analysis and intelligent policy tuning and optimization. It helps in regulatory compliance metrics and overall firewall security optimization. It is currently used by the network security, audit, and internal control departments of organizations, giving overall insight/visibility and enhancing improved security across the enterprise.
It has been really helpful in automating changes. This helps us to reduce operational work drastically. The product has centralized visibility, unified management, and reporting across an entire hybrid environment. It can be deployed on-premises, in a private cloud, public cloud, and in SDN platforms. It automatically discovers applications and their connectivity flows, then associates connectivity with their underlying firewall rules.
AlgoSec's solutions are incredibly powerful, providing us with intelligent process improvement that has directly translated into the highest level of security and compliance for our internal network.
How has it helped my organization?
AlgoSec is one of the most complete security management solutions on the market. It manages security and compliance based on the applications that power our business. It is one product combining multiple tools. This makes a real difference compared to its competitors.
It helps us deploy new business applications quickly and securely. It ties cyber threats directly to critical business processes.
Using AlgoSec is a double benefit to us. By using this solution we can reduce the cost and the number of errors in our daily operation and also expand our offerings.
It has reduced our audit preparation efforts and costs drastically and maintains continuous compliance.
AlgoSec delivers a rich set of change management workflows and enables zero-touch change processes if no risks are identified.
What is most valuable?
AlgoSec proactively analyzes all risks in the network security policy, across multi-vendor firewalls and cloud security groups.
AlgoSec is the only solution that supports the entire security policy management lifecycle from application connectivity discovery, through migration, maintenance, and decommissioning. Independent testing describes it as ‘one of the most complete security management solutions on the market’.
It seamlessly integrates with all leading brands of traditional and NGFWs, cloud security controls, routers, and load balancers.
The graphical user interface is much better than in other products.
What needs improvement?
The GUI has not been upgraded for a long time and could use updating.
For how long have I used the solution?
We have been using AlgoSec for several years.
What other advice do I have?
I'm sure we will use this solution for ten more years, at least, as long as it continues to do what is promised.
This product is ready to work within a next-generation infrastructure environment. It simplifies and automates network security policy management to make your enterprise more agile, more secure and more compliant – all the time.
Overall, this is a complete product that helps our organization on a daily basis.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Works at a tech services company with 10,001+ employees
Detects in a few seconds which flows are right or wrong which saves a lot of troubleshooting time
What is our primary use case?
I mainly use this application to check the flows. I work for a big company in the network team which needs to check the flows every day.
How has it helped my organization?
This application is very nice. We save a lot of time with troubleshooting the flows and we can detect in a few seconds what flows are right or wrong.
What is most valuable?
The AlgoSec Firewall Analyzer is for me the most valuable thing in this application. I don't know how much time we saved with this application, but I now know that without it, we would lose several hours every day solving networks incidents.
We also use the AlgoSec FireFlow to generate and manage the tickets concerning the flows.
What needs improvement?
I think that AlgoSec could improve the application by improving the treatment speed.
If AlgoSec could make few seconds less to analyze research, theses few seconds will be used by my team to be more efficient.
I mean, in the Traffic Simulation Query, it will be wonderful if Algosec could find a way to make the research faster than now. In fact, we are often waiting arround 1,30 min to see the results.
Maybe something can be done to make this reasearch faster?
For how long have I used the solution?
One to three years.
Which solution did I use previously and why did I switch?
No, it is my first application for this kind of work.
Which other solutions did I evaluate?
It was not my work to choose this solution; a project team did it.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Head of IT at a manufacturing company with 10,001+ employees
Tremendously improved our organization's security with much better and efficient firewall rules
What is our primary use case?
Our primary use case is to clean up firewall rules of migration from Cisco ASA to another firewall vendor. We try to get rid of old rules and get these converted into new rules which apply better to our environment.
How has it helped my organization?
It tremendously improved the security of our organization with much better and efficient firewall rules. We saved a lot of time using this tool to get the rules clean. Also, the overview of the network topology map is a very good thing to get a clear view of every single region in your network.
What is most valuable?
The best feature is, in my opinion, the firewall analyzer. Just let the tool analyze the traffic for a few days or weeks, and you will get perfect ideas on how to improve your rules and which rules are just unnecessary or too spacious. So getting a better security level by better firewall rules is just what you want to have if you're using a firewall. Otherwise, it would not make sense to have a firewall, right?
A nice feature as well is that it gives a compliance report on each of your security devices. This helps a lot to get an overview of every single security device in your network and its status.
What needs improvement?
The versioning is a bit weird. We used to use version 2017 which is quite current, but it looks like it is a 2017 version. As far as I know, they want to have this changed soon. Nevertheless, this is something which definitely needs to be improved.
For how long have I used the solution?
One to three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free AlgoSec Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
Firewall Security ManagementPopular Comparisons
Tufin Orchestration Suite
Fortinet FortiGate Cloud
FireMon Security Manager
Skybox Security Suite
Palo Alto Networks Panorama
AWS Firewall Manager
Azure Firewall Manager
ManageEngine Firewall Analyzer
Fortinet FortiPortal
Cisco Defense Orchestrator
Opinnate
Buyer's Guide
Download our free AlgoSec Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- From your experience, what are the technical differences between AlgoSec and FireMon?
- What Is The Biggest Difference Between AlgoSec and FireMon?
- What is the biggest difference between AlgoSec and Tufin?
- What is your opinion on Fortinet FortiManager vs AlgoSec? Are they complementary?
- What are the differences between Palo Alto Networks Panorama and AlgoSec?
- Comparing network security vendors and devices
- When should companies use SSL Inspection?
- When evaluating Firewall Security Management, what aspect do you think is the most important to look for?
- What are the most important features you would be looking for in a firewall?
- How do I estimate the required firewall throughput for my organization?