AlgoSec Reviews

I mainly use this application to check the flows. I work for a big company in the network team which needs to check the flows every day.

This application is very nice. We save a lot of time with troubleshooting the flows and we can detect in a few seconds what flows are right or wrong.

The AlgoSec Firewall Analyzer is for me the most valuable thing in this application. I don't know how much time we saved with this application, but I now know that without it, we would lose several hours every day solving networks incidents.

We also use the AlgoSec FireFlow to generate and manage the tickets concerning the flows.

I think that AlgoSec could improve the application by improving the treatment speed.

If AlgoSec could make few seconds less to analyze research, theses few seconds will be used by my team to be more efficient.

I mean, in the Traffic Simulation Query, it will be wonderful if Algosec could find a way to make the research faster than now. In fact, we are often waiting arround 1,30 min to see the results.

Maybe something can be done to make this reasearch faster?

No, it is my first application for this kind of work.

It was not my work to choose this solution; a project team did it.

Our primary use case is to clean up firewall rules of migration from Cisco ASA to another firewall vendor. We try to get rid of old rules and get these converted into new rules which apply better to our environment.

It tremendously improved the security of our organization with much better and efficient firewall rules. We saved a lot of time using this tool to get the rules clean. Also, the overview of the network topology map is a very good thing to get a clear view of every single region in your network.

The best feature is, in my opinion, the firewall analyzer. Just let the tool analyze the traffic for a few days or weeks, and you will get perfect ideas on how to improve your rules and which rules are just unnecessary or too spacious. So getting a better security level by better firewall rules is just what you want to have if you're using a firewall. Otherwise, it would not make sense to have a firewall, right?

A nice feature as well is that it gives a compliance report on each of your security devices. This helps a lot to get an overview of every single security device in your network and its status.

The versioning is a bit weird. We used to use version 2017 which is quite current, but it looks like it is a 2017 version. As far as I know, they want to have this changed soon. Nevertheless, this is something which definitely needs to be improved.

• ABF application centric
• Risk and compliance
• Zone matrix
• Conditional workflow
• IPT
• Active change 

It improved a lot in our flow database. In the past, application owners did not know their application connectivity. AlgoSec helps with this and our users are able to documents their rules.

ABF: It is application-centric. which helps to track changes in the application from day one.

Compliance: It helps to have a zone matrix and capture risks.

ABF needs to be more integration with AFF/AFA. We needs object level permissions and application level recertifications.

No stability issues.

No scalability issues.

We used a different network security policy management tool, but we felt it would not be able to fulfill our requirements and address our previous gap. We were looking for a place where we could keep our rules and also track ownership of each rule in the application.

The initial setup was straightforward.

We implemented through a vendor team, whose expertise level was high.

We are satisfied with our ROI.

We evaluated all of AlgoSec's competitors and chose AlgoSec as it was the best.

We use this solution for device changes auditing, device compliance, network mapping, active change, clean-up of the rule base, and a ticket system.

The device changes audit is a quick identification when changing the configuration on devices. Device compliance gives us the ability to generate device compliance reports. The network map is the method for locating the devices that are related to the communication of origin and destination.

Active change is used to centralize the creation of rules in AlgoSec without the need to access other devices. Cleaning up the rule base means that AlgoSec reports and helps remove unused rules and even unused objects within a rule.

In terms of the ticket system, FireFlow helps to record user requests.

AlgoSec products help to manage complex environments with many devices, so we can deliver requests more quickly.

Environments with many devices are difficult to identify problems, especially when there are new analysts on the team. AlgoSec helps in troubleshooting and streamlines the analysis.

AlgoSec helps in the agility of the analysis, speed in the delivery of compliance reports, automation in the request to create rules in firewalls, removal of unused rules, and optimization of the rule base.

In my opinion, the most valuable features are the network map, unused rules reports (IPT), and active change. They are features that help with automation and reduce the analyst's time spent troubleshooting.

The unused rules reports (IPT) help remove unused rules and even unused objects within a rule.

I would like an analysis to be created for user group rules (Check Point - identity awareness). 

Current versions of AlgoSec do not perform analysis of Identity awareness (Check Point). It would be important for the user to be able to request a rule by an access role group and then AlgoSec would create this rule automatically in the firewall.

An improvement in tool performance would be important. Environments with many devices need a lot of hardware resources to avoid slowdowns. Memory consumption of the server is very high.

I have been working with AlgoSec for five years.

The tool is very stable and does not present many problems.

Currently, the tool works well with large environments.

It may be necessary to create a distributed solution of the product on different servers (WEB / DB).

We did use another solution prior to AlgoSec and the change was due to the reports having more information and easy customization.

The initial setup is simple.

After that, it is possible to make customizations to adapt the tool as desired.

The cost of the tool can be recovered with AlgoSec automations.

We evaluated Tufin and FireMon before choosing AlgoSec.

AlgoSec is the best tool on the market.

Increase the visibility of CyberSec and the area of compliance (audit) of the environment, with the AFA increasing the visibility of vulnerabilities in the environment caused by extensive configurations, and with the AFF optimizing the operation, allowing to focus on improvements.

We implemented in an environment with more than 280 Firewalls from different manufacturers and the AlgoSec solution enabled a more detailed analysis of the environment, ensuring greater security.

It made it possible to reduce the performance of the operating team in the reactive combat of threats, making the operation more active and focused on quality.

Reducing operational costs and decreasing the cat's time with rework and unproductive audits.

We find that the traffic simulation query, active change, policy optimization, FireFlow, and map features are especially useful. All other features of the app are also valuable.

The time spent on auditing before AlgoSec was very heavy, at least one analyst dedicated for a week for small audits, and for most, we lost an analyst for weeks.

After implementing AlgoSec, we reduced the audit time to three days.

The environment is much safer with more active configurations.

Analysis of the environment to optimize the use of the solution (firewall) and obtain a greater view of compliance.

Optimizing the operation making it possible to focus on other improvements.

The possibility for the end-user to request their rule and ensure that policies are complied with using AlgoSec adds greater security, and it also speeds up the request process. It also makes it possible to automate the implementation of rules.

The user receives the information if his request is within the policies and can continue the request, or if it is denied, the applicant must adjust their request to stay within the policies. The time spent for this without AlgoSec is up to one week, whereas with AlgoSec, in a maximum of 15 minutes we have the request analyzed.

I would like to see support more technologies, but I know that AlgoSec is always in the process of evolution.

Perhaps a better financial option would allow customers to choose the complete solution. In an environment that is very large, with many firewalls and routers, it is sometimes impossible to buy all of the licenses. This makes the AFF solution impossible.

This product is stable. There have been a few problems, but when there is some instability the support is always available.

Scalability-wise, this product is good. You can increase capacity simply by buying more licenses.

We had a few cases where we needed support, but whenever we did, it was available, and with the information needed to solve the problems.

The initial setup is easy and simple.

Always by supplier, highly qualified work with positive results.

The solution has a high cost, but the reduction in operation pays the investment.

For the AFF solution, it is necessary to purchase a license for each network asset so that the solution is complete, depending on the size of the environment. 

Before choosing this product, we evaluated SolarWinds and FireMon.

Overall, this is a good product and it meets the needs of customers.

We use it daily to check existing rules created on all our firewalls and existing flows that are allowed, and if we can improve the performance of our firewalls by just doing the rearrangement of rules, etc.

We got more productive and agile using the product since the most time consuming job of our team is the creation of firewall rules, analyzing what is already created based on the requests of our users and internal costumers. The solution provides us an in-depth detail of what we have already in production and what we can do to resolve tickets/requests in the most effective way.

We now have more visibility into our firewall and security environment using a single pane of glass. We have a better audit of what our network and security engineers are doing on each device and are now able to see how much we are complaint with our baseline.

The product gave us more agility in the process to analyze and resolve tickets by requesting permissions to access services not enabled by default. At the same time, providing visibility of what we can improve on the scenario that we are already running on it.

The quick wins that the product can help us to achieve. With a few rule arrangements, we can improve the rule processing of the firewalls, increasing their performance and reducing possible bottlenecks, but keep us under the defined baseline of the company.

Also, the gain on the agility of checking what we already have created. The rules that can accommodate new requests instead of creating new rules have definitely helped us to resolve tickets in a faster way, achieving the expected SLA from users and internal customers of the company.

The product should support more vendors with the same in-depth analysis that it already is providing. This would give more reasons to for other companies to adopt it and make us preserve the investment in case we change the running environment.

Five months.

It is very stable without any major issues.

We don't see scalability on this product as a showstopper. We are confident that we can grow without any impact.

Very good. They helped us on everything that we needed.

We stopped using FireMon due to the price and lack of features.

No.

Through a vendor who fulfilled all our expectations.

It is fair. 

For cloud environments, it can be expensive. The model adopted to use as licensing for the cloud environment should be reviewed since it sometimes can increase the value of the service/product in an unexpected way. For example, they should instead use the amount of instances, which should just take into consideration the number of Security Groups and ACLs.

No.

The automation and orchestration of security-related change requests on our selected firewall (in our case Checkpoint) to decrease the time it takes to raise, manipulate, and execute change requests. This is all done with minimal interaction from our Firewall and IPS team, allowing them to more effectively use their time.

It has eased the process of streamlining our firewall configuration management considerably. Our firewall and IPS team now has the ability to budget their time and focus on other tasks, rather than dealing with repetitive change request functions. This has enabled the team to work much more efficiently and effectively.

The feature we found most useful is the automation of the change process within our organization for firewalls. This feature has reduced the number of mundane tasks the firewall and IPS team undertake on a regular basis. We have been able to increase the effectiveness of the team, allowing them to prioritize more complex and business-critical tasks in a faster manner.

In terms of integrations, we would like to see a greater number with the upcoming and next-generation tools (i.e. SOAR and a selection of other SIEMs). This has been a problem for us, as we are going through the process of enhancing our security and some of the products we are looking at are lacking built-in support (integration).