Try our new research platform with insights from 80,000+ expert users
reviewer1003116 - PeerSpot reviewer
Head of IT at a manufacturing company with 10,001+ employees
Real User
Tremendously improved our organization's security with much better and efficient firewall rules

What is our primary use case?

Our primary use case is to clean up firewall rules of migration from Cisco ASA to another firewall vendor. We try to get rid of old rules and get these converted into new rules which apply better to our environment.

How has it helped my organization?

It tremendously improved the security of our organization with much better and efficient firewall rules. We saved a lot of time using this tool to get the rules clean. Also, the overview of the network topology map is a very good thing to get a clear view of every single region in your network.

What is most valuable?

The best feature is, in my opinion, the firewall analyzer. Just let the tool analyze the traffic for a few days or weeks, and you will get perfect ideas on how to improve your rules and which rules are just unnecessary or too spacious. So getting a better security level by better firewall rules is just what you want to have if you're using a firewall. Otherwise, it would not make sense to have a firewall, right?

A nice feature as well is that it gives a compliance report on each of your security devices. This helps a lot to get an overview of every single security device in your network and its status.

What needs improvement?

The versioning is a bit weird. We used to use version 2017 which is quite current, but it looks like it is a 2017 version. As far as I know, they want to have this changed soon. Nevertheless, this is something which definitely needs to be improved.

Buyer's Guide
AlgoSec
November 2024
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,562 professionals have used our research since 2012.

For how long have I used the solution?

One to three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Senior Network Security Engineer at Prudential Corporation Asia
Real User
Helps with application connectivity and our users are able to documents their rules
Pros and Cons
  • "ABF is application-centric. which helps to track changes in the application from day one."
  • "We needs object level permissions and application level recertifications."

What is our primary use case?

  • ABF application centric
  • Risk and compliance
  • Zone matrix
  • Conditional workflow
  • IPT
  • Active change 

How has it helped my organization?

It improved a lot in our flow database. In the past, application owners did not know their application connectivity. AlgoSec helps with this and our users are able to documents their rules.

What is most valuable?

ABF: It is application-centric. which helps to track changes in the application from day one.

Compliance: It helps to have a zone matrix and capture risks.

What needs improvement?

ABF needs to be more integration with AFF/AFA. We needs object level permissions and application level recertifications.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

No stability issues.

What do I think about the scalability of the solution?

No scalability issues.

Which solution did I use previously and why did I switch?

We used a different network security policy management tool, but we felt it would not be able to fulfill our requirements and address our previous gap. We were looking for a place where we could keep our rules and also track ownership of each rule in the application.

How was the initial setup?

The initial setup was straightforward.

What about the implementation team?

We implemented through a vendor team, whose expertise level was high.

What was our ROI?

We are satisfied with our ROI.

Which other solutions did I evaluate?

We evaluated all of AlgoSec's competitors and chose AlgoSec as it was the best.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
AlgoSec
November 2024
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,562 professionals have used our research since 2012.
Security Analyst at Ethnos IT Solutions LTD
Real User
Analyzes existing policies that you have set up on your devices, gauging the risk
Pros and Cons
  • "ActiveChange integrates with your change workflow and ticketing system. For example, a change request is made to open port 8080. Then, if the guy who was supposed to implement that change mistakenly opened port 80, then ActiveChange will say, "What was approved was 8080, but what you actually opened was 80." That actually helps to fix human errors. It helps to check everything that is being done. You can go through the analysis and see changes that were made, and AlgoSec is able to alert you immediately. Whenever there is a change, notifications are sent to the administrators because it gives you that real-time alerting and change."
  • "Since COVID-19, a number of the technical support team members have been working from home or remotely. So, we haven't gotten support people right when we need them. Sometimes, it takes a couple of hours or even days for us to get that instant support that we used to get."

What is our primary use case?

We help deploy solutions to customers around Africa and Nigeria. We deploy it, then we also provide local support to our customers. We do PoCs, deploy solutions, and provide support whenever we have the opportunity to provide solutions which solve problems of one or two customers.

Most of our clients just want to stick with AFA. Most times, we just work around AFA and do a lot of things with it. We are quite conversant with AFA's portfolio.

How has it helped my organization?

AlgoSec provides our customers with full visibility into the risk involved in firewall change requests. Most of our customers are in the financial industry. AlgoSec can analyze existing policies that you have set up on your devices, gauging the risk. For example, with PCI requirements, there needs to be a description for each firewall rule change as to why it was made. Therefore, if a change was made by one of our clients, who was unable to put a description or comment against that rule, then automatically I would need to flag that.

ActiveChange integrates with your change workflow and ticketing system. For example, a change request is made to open port 8080. Then, if the guy who was supposed to implement that change mistakenly opened port 80, then ActiveChange will say, "What was approved was 8080, but what you actually opened was 80." That actually helps to fix human errors. It helps to check everything that is being done. You can go through the analysis and see changes that were made, and AlgoSec is able to alert you immediately. Whenever there is a change, notifications are sent to the administrators because it gives you that real-time alerting and change. 

What is most valuable?

The most valuable features are:

  • Compliance reporting
  • Their immediate support team
  • Maps: You can trace the traffic and what firewall is blocking what connections, services, and websites.

You don't need to be tech-oriented to work with AlgoSec.

One of the beautiful things about AlgoSec is that it gives you templates. There are quite a number of compliance templates, depending on the industry that you are in. For example:

  • The ISO number system
  • The information security - ISMS management system
  • PCI DSS
  • FISMA Compliance. 

For our clients, they especially have to maintain ISMS and PCI DSS, as these are the two compliance regulations that they have to maintain. You can run analysis or reporting based on the templates. Within minutes, you get into the report, can see your compliance status, and what exactly you need to fix. You can clearly see what parts of the requirements you are not meeting and where you are falling short within standards. It is very clear and visible. We can customize all of this with the reporting, however the client wants it. This is one of the critical parts for most of our clients.

What needs improvement?

In late December or early January, we were trying to add another solution, but it wasn't working because there was no support for the version that we were running at that point. After they released the hotfix, that took care of this issue. That particular device was then supported. So, it has been very stable and working fine since then.

For how long have I used the solution?

I have been using it for about three years now.

What do I think about the stability of the solution?

The stability is excellent.

There have been some recent updates and hotfixes that have been released. These have taken care of a number of things, which include support for some particular firewalls.

What do I think about the scalability of the solution?

The scalability is good. We have had to scale for some of our clients who have about 10 firewalls or 10 network devices, and they wanted to have more. All we had to do was acquire more licenses, then we just scaled. It is quite seamless.

How are customer service and technical support?

I have worked with AlgoSec for about three years. Before COVID-19 struck, the technical support used to be 10 of 10. You would make a support call, someone would join you on a session, and you would get help almost instantly. Since COVID-19, a number of the technical support team members have been working from home or remotely. So, we haven't gotten to support people right when we need them. Sometimes, it takes a couple of hours or even days for us to get that instant support that we used to get. I think they are working on it. The last time that I had a support session with them, which was about two months back, I saw some relative improvements.

How was the initial setup?

We have been using the OVA file on a virtual box. Once we slam it on the VM, it is quite straightforward. Once you are done with that, then you define the IPs.

What's my experience with pricing, setup cost, and licensing?

We have had quite a number of our prospective clients have come to us, and say, "Hey guys, we want AlgoSec," but one of their turn-offs has been the pricing. I would like it if AlgoSec would review their pricing and come down on it. The solution is quite amazing and versatile, so we would really appreciate it if the pricing could be reviewed for Nigeria because we definitely would get more sales if that happened. 

In Nigeria, quite a number of industries have been hit hard by COVID-19 and we are not a high income generating country, so a lot of people want to cut costs. When it comes to the security, companies would rather settle for less and take a step back because of the cost. They might even put infrastructures off. However, if the pricing is reasonable and affordable for people in this part of the world, then our company will definitely see more sales.

Which other solutions did I evaluate?

AlgoSec is 10 out of 10 compared to FireMon. Compared to any other solution that does firewall analysis and policy management, AlgoSec deserves 10 out 10 because of:

  • Its simplicity: Virtually everything about AlgoSec is straightforward.
  • Versatility, as far as the reporting and alerting.
  • Support, which is quite amazing.

What other advice do I have?

If you are looking for a tool that will provide you clear visibility into all the changes in your network and help people prepare well with compliance, then AlgoSec is the tool for you. Don't think twice - AlgoSec is the tool for any company that wants clear analysis into their network and policy management.

Anybody can use AlgoSec once they take all the training.

Compared with other tools on the market, the solution is 10 out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
PeerSpot user
Senior Security Analyst at Compugraf
Real User
Helps to manage large and complex environments, promoting efficiency and facilitating compliance
Pros and Cons
  • "In my opinion, the most valuable features are the network map, unused rules reports (IPT), and active change."
  • "Environments with many devices need a lot of hardware resources to avoid slowdowns."

What is our primary use case?

We use this solution for device changes auditing, device compliance, network mapping, active change, clean-up of the rule base, and a ticket system.

The device changes audit is a quick identification when changing the configuration on devices. Device compliance gives us the ability to generate device compliance reports. The network map is the method for locating the devices that are related to the communication of origin and destination.

Active change is used to centralize the creation of rules in AlgoSec without the need to access other devices. Cleaning up the rule base means that AlgoSec reports and helps remove unused rules and even unused objects within a rule.

In terms of the ticket system, FireFlow helps to record user requests.

How has it helped my organization?

AlgoSec products help to manage complex environments with many devices, so we can deliver requests more quickly.

Environments with many devices are difficult to identify problems, especially when there are new analysts on the team. AlgoSec helps in troubleshooting and streamlines the analysis.

AlgoSec helps in the agility of the analysis, speed in the delivery of compliance reports, automation in the request to create rules in firewalls, removal of unused rules, and optimization of the rule base.

What is most valuable?

In my opinion, the most valuable features are the network map, unused rules reports (IPT), and active change. They are features that help with automation and reduce the analyst's time spent troubleshooting.

The unused rules reports (IPT) help remove unused rules and even unused objects within a rule.

What needs improvement?

I would like an analysis to be created for user group rules (Check Point - identity awareness). 

Current versions of AlgoSec do not perform analysis of Identity awareness (Check Point). It would be important for the user to be able to request a rule by an access role group and then AlgoSec would create this rule automatically in the firewall.

An improvement in tool performance would be important. Environments with many devices need a lot of hardware resources to avoid slowdowns. Memory consumption of the server is very high.

For how long have I used the solution?

I have been working with AlgoSec for five years.

What do I think about the stability of the solution?

The tool is very stable and does not present many problems.

What do I think about the scalability of the solution?

Currently, the tool works well with large environments.

It may be necessary to create a distributed solution of the product on different servers (WEB / DB).

Which solution did I use previously and why did I switch?

We did use another solution prior to AlgoSec and the change was due to the reports having more information and easy customization.

How was the initial setup?

The initial setup is simple.

After that, it is possible to make customizations to adapt the tool as desired.

What's my experience with pricing, setup cost, and licensing?

The cost of the tool can be recovered with AlgoSec automations.

Which other solutions did I evaluate?

We evaluated Tufin and FireMon before choosing AlgoSec.

What other advice do I have?

AlgoSec is the best tool on the market.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Paulo Ataides - PeerSpot reviewer
Senior Information Technology Security Analyst at a integrator with 1,001-5,000 employees
MSP
Speeds time required for compliance audits and provides a safer environment
Pros and Cons
  • "Optimizing the operation making it possible to focus on other improvements."
  • "In an environment that is very large, with many firewalls and routers, it is sometimes impossible to buy all of the licenses."

What is our primary use case?

Increase the visibility of CyberSec and the area of compliance (audit) of the environment, with the AFA increasing the visibility of vulnerabilities in the environment caused by extensive configurations, and with the AFF optimizing the operation, allowing to focus on improvements.

We implemented in an environment with more than 280 Firewalls from different manufacturers and the AlgoSec solution enabled a more detailed analysis of the environment, ensuring greater security.

It made it possible to reduce the performance of the operating team in the reactive combat of threats, making the operation more active and focused on quality.

How has it helped my organization?

Reducing operational costs and decreasing the cat's time with rework and unproductive audits.

We find that the traffic simulation query, active change, policy optimization, FireFlow, and map features are especially useful. All other features of the app are also valuable.

The time spent on auditing before AlgoSec was very heavy, at least one analyst dedicated for a week for small audits, and for most, we lost an analyst for weeks.

After implementing AlgoSec, we reduced the audit time to three days.

The environment is much safer with more active configurations.

What is most valuable?

Analysis of the environment to optimize the use of the solution (firewall) and obtain a greater view of compliance.

Optimizing the operation making it possible to focus on other improvements.

The possibility for the end-user to request their rule and ensure that policies are complied with using AlgoSec adds greater security, and it also speeds up the request process. It also makes it possible to automate the implementation of rules.

The user receives the information if his request is within the policies and can continue the request, or if it is denied, the applicant must adjust their request to stay within the policies. The time spent for this without AlgoSec is up to one week, whereas with AlgoSec, in a maximum of 15 minutes we have the request analyzed.

What needs improvement?

I would like to see support more technologies, but I know that AlgoSec is always in the process of evolution.

Perhaps a better financial option would allow customers to choose the complete solution. In an environment that is very large, with many firewalls and routers, it is sometimes impossible to buy all of the licenses. This makes the AFF solution impossible.

What do I think about the stability of the solution?

This product is stable. There have been a few problems, but when there is some instability the support is always available.

What do I think about the scalability of the solution?

Scalability-wise, this product is good. You can increase capacity simply by buying more licenses.

How are customer service and technical support?

We had a few cases where we needed support, but whenever we did, it was available, and with the information needed to solve the problems.

How was the initial setup?

The initial setup is easy and simple.

What about the implementation team?

Always by supplier, highly qualified work with positive results.

What was our ROI?

The solution has a high cost, but the reduction in operation pays the investment.

What's my experience with pricing, setup cost, and licensing?

For the AFF solution, it is necessary to purchase a license for each network asset so that the solution is complete, depending on the size of the environment. 

Which other solutions did I evaluate?

Before choosing this product, we evaluated SolarWinds and FireMon.

What other advice do I have?

Overall, this is a good product and it meets the needs of customers.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1340760 - PeerSpot reviewer
Network & Collaboration Engineer at a financial services firm with 1,001-5,000 employees
Real User
More visibility into our firewall and security environment using a single pane of glass
Pros and Cons
  • "The product gave us more agility on the process to analyze and resolve tickets by requesting permissions to access services not enabled by default."
  • "The product should support more vendors with the same in-depth analysis that it already is providing. This would give more reasons to for other companies to adopt it."

What is our primary use case?

We use it daily to check existing rules created on all our firewalls and existing flows that are allowed, and if we can improve the performance of our firewalls by just doing the rearrangement of rules, etc.

We got more productive and agile using the product since the most time consuming job of our team is the creation of firewall rules, analyzing what is already created based on the requests of our users and internal costumers. The solution provides us an in-depth detail of what we have already in production and what we can do to resolve tickets/requests in the most effective way.

How has it helped my organization?

We now have more visibility into our firewall and security environment using a single pane of glass. We have a better audit of what our network and security engineers are doing on each device and are now able to see how much we are complaint with our baseline.

The product gave us more agility in the process to analyze and resolve tickets by requesting permissions to access services not enabled by default. At the same time, providing visibility of what we can improve on the scenario that we are already running on it.

What is most valuable?

The quick wins that the product can help us to achieve. With a few rule arrangements, we can improve the rule processing of the firewalls, increasing their performance and reducing possible bottlenecks, but keep us under the defined baseline of the company.

Also, the gain on the agility of checking what we already have created. The rules that can accommodate new requests instead of creating new rules have definitely helped us to resolve tickets in a faster way, achieving the expected SLA from users and internal customers of the company.

What needs improvement?

The product should support more vendors with the same in-depth analysis that it already is providing. This would give more reasons to for other companies to adopt it and make us preserve the investment in case we change the running environment.

For how long have I used the solution?

Five months.

What do I think about the stability of the solution?

It is very stable without any major issues.

What do I think about the scalability of the solution?

We don't see scalability on this product as a showstopper. We are confident that we can grow without any impact.

How are customer service and technical support?

Very good. They helped us on everything that we needed.

Which solution did I use previously and why did I switch?

We stopped using FireMon due to the price and lack of features.

How was the initial setup?

No.

What about the implementation team?

Through a vendor who fulfilled all our expectations.

What's my experience with pricing, setup cost, and licensing?

It is fair. 

For cloud environments, it can be expensive. The model adopted to use as licensing for the cloud environment should be reviewed since it sometimes can increase the value of the service/product in an unexpected way. For example, they should instead use the amount of instances, which should just take into consideration the number of Security Groups and ACLs.

Which other solutions did I evaluate?

No.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Network Administrator at Türkiye İş Bankası
Real User
FireFlow enables us to search equipment between the source and destination and saves us time
Pros and Cons
  • "We are in the process of implementing FireFlow in our daily operation, which will make our lives even easier. The idea is to search the Firewall Analyzer for the equipment between the source and destination, and then automatically jump off to FireFlow and open a ticket. This will then automatically implement what is needed without the need to go into the Firewall itself. This will save us a lot of time and will help us to onboard junior engineers very quickly, getting them up to speed on our network and daily operation in record time."
  • "One important thing they should improve is their support level. We have a lot of trouble with the basic enterprise support level. They are very slow to respond and solve problems."

We have been working with the AlgoSec firewall analyzer for almost six years in the product environment. It is well suited for firewall security optimization, tuning, change management, and application discovery. The most important feature is the Intelligence Policy Tuner (IPT) skills. This helps us know which devices are between the source and destination on the flows.

Since we increased our support level to preferred support, the support level has been very good for two months. They solved all the problems and the response time is very fast. Therefore, if you are working with AlgoSec, you should choose the preferred support license. If you have the chance, you must try this with this type of support that they are well equipped of people.

We are in the process of implementing FireFlow in our daily operation, which will make our lives even easier. The idea is to search the Firewall Analyzer for the equipment between the source and destination, and then automatically jump off to FireFlow and open a ticket. This will then automatically implement what is needed without the need to go into the Firewall itself. This will save us a lot of time and will help us to onboard junior engineers very quickly, getting them up to speed on our network and daily operation in record time

In the end, we tried other vendors for POC and all of them have problems. When we compared with AlgoSec, they were much worse and AlgoSec leads this sector. That’s why we are using Algosec in our environment. Also, it is the most growing vendor in their specific area, and it has much more skills that have been very helpful to analyze firewalls.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1115961 - PeerSpot reviewer
Works at a maritime company with 10,001+ employees
Real User
Change automation has made our IPS team more efficient and effective
Pros and Cons
  • "We have been able to increase the effectiveness of the team, allowing them to prioritize more complex and business-critical tasks in a faster manner."
  • "In terms of integrations, we would like to see a greater number with the upcoming and next-generation tools (i.e. SOAR and a selection of other SIEMs)."

What is our primary use case?

The automation and orchestration of security-related change requests on our selected firewall (in our case Checkpoint) to decrease the time it takes to raise, manipulate, and execute change requests. This is all done with minimal interaction from our Firewall and IPS team, allowing them to more effectively use their time.

How has it helped my organization?

It has eased the process of streamlining our firewall configuration management considerably. Our firewall and IPS team now has the ability to budget their time and focus on other tasks, rather than dealing with repetitive change request functions. This has enabled the team to work much more efficiently and effectively.

What is most valuable?

The feature we found most useful is the automation of the change process within our organization for firewalls. This feature has reduced the number of mundane tasks the firewall and IPS team undertake on a regular basis. We have been able to increase the effectiveness of the team, allowing them to prioritize more complex and business-critical tasks in a faster manner.

What needs improvement?

In terms of integrations, we would like to see a greater number with the upcoming and next-generation tools (i.e. SOAR and a selection of other SIEMs). This has been a problem for us, as we are going through the process of enhancing our security and some of the products we are looking at are lacking built-in support (integration). 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free AlgoSec Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free AlgoSec Report and get advice and tips from experienced pros sharing their opinions.