AlgoSec Reviews

Our primary use case is to clean up firewall rules of migration from Cisco ASA to another firewall vendor. We try to get rid of old rules and get these converted into new rules which apply better to our environment.

It tremendously improved the security of our organization with much better and efficient firewall rules. We saved a lot of time using this tool to get the rules clean. Also, the overview of the network topology map is a very good thing to get a clear view of every single region in your network.

The best feature is, in my opinion, the firewall analyzer. Just let the tool analyze the traffic for a few days or weeks, and you will get perfect ideas on how to improve your rules and which rules are just unnecessary or too spacious. So getting a better security level by better firewall rules is just what you want to have if you're using a firewall. Otherwise, it would not make sense to have a firewall, right?

A nice feature as well is that it gives a compliance report on each of your security devices. This helps a lot to get an overview of every single security device in your network and its status.

The versioning is a bit weird. We used to use version 2017 which is quite current, but it looks like it is a 2017 version. As far as I know, they want to have this changed soon. Nevertheless, this is something which definitely needs to be improved.

• ABF application centric
• Risk and compliance
• Zone matrix
• Conditional workflow
• IPT
• Active change 

It improved a lot in our flow database. In the past, application owners did not know their application connectivity. AlgoSec helps with this and our users are able to documents their rules.

ABF: It is application-centric. which helps to track changes in the application from day one.

Compliance: It helps to have a zone matrix and capture risks.

ABF needs to be more integration with AFF/AFA. We needs object level permissions and application level recertifications.

No stability issues.

No scalability issues.

We used a different network security policy management tool, but we felt it would not be able to fulfill our requirements and address our previous gap. We were looking for a place where we could keep our rules and also track ownership of each rule in the application.

The initial setup was straightforward.

We implemented through a vendor team, whose expertise level was high.

We are satisfied with our ROI.

We evaluated all of AlgoSec's competitors and chose AlgoSec as it was the best.

We help deploy solutions to customers around Africa and Nigeria. We deploy it, then we also provide local support to our customers. We do PoCs, deploy solutions, and provide support whenever we have the opportunity to provide solutions which solve problems of one or two customers.

Most of our clients just want to stick with AFA. Most times, we just work around AFA and do a lot of things with it. We are quite conversant with AFA's portfolio.

AlgoSec provides our customers with full visibility into the risk involved in firewall change requests. Most of our customers are in the financial industry. AlgoSec can analyze existing policies that you have set up on your devices, gauging the risk. For example, with PCI requirements, there needs to be a description for each firewall rule change as to why it was made. Therefore, if a change was made by one of our clients, who was unable to put a description or comment against that rule, then automatically I would need to flag that.

ActiveChange integrates with your change workflow and ticketing system. For example, a change request is made to open port 8080. Then, if the guy who was supposed to implement that change mistakenly opened port 80, then ActiveChange will say, "What was approved was 8080, but what you actually opened was 80." That actually helps to fix human errors. It helps to check everything that is being done. You can go through the analysis and see changes that were made, and AlgoSec is able to alert you immediately. Whenever there is a change, notifications are sent to the administrators because it gives you that real-time alerting and change. 

The most valuable features are:

• Compliance reporting
• Their immediate support team
• Maps: You can trace the traffic and what firewall is blocking what connections, services, and websites.
  

You don't need to be tech-oriented to work with AlgoSec.

One of the beautiful things about AlgoSec is that it gives you templates. There are quite a number of compliance templates, depending on the industry that you are in. For example:

• The ISO number system
• The information security - ISMS management system
• PCI DSS
• FISMA Compliance. 

For our clients, they especially have to maintain ISMS and PCI DSS, as these are the two compliance regulations that they have to maintain. You can run analysis or reporting based on the templates. Within minutes, you get into the report, can see your compliance status, and what exactly you need to fix. You can clearly see what parts of the requirements you are not meeting and where you are falling short within standards. It is very clear and visible. We can customize all of this with the reporting, however the client wants it. This is one of the critical parts for most of our clients.

In late December or early January, we were trying to add another solution, but it wasn't working because there was no support for the version that we were running at that point. After they released the hotfix, that took care of this issue. That particular device was then supported. So, it has been very stable and working fine since then.

I have been using it for about three years now.

The stability is excellent.

There have been some recent updates and hotfixes that have been released. These have taken care of a number of things, which include support for some particular firewalls.

The scalability is good. We have had to scale for some of our clients who have about 10 firewalls or 10 network devices, and they wanted to have more. All we had to do was acquire more licenses, then we just scaled. It is quite seamless.

I have worked with AlgoSec for about three years. Before COVID-19 struck, the technical support used to be 10 of 10. You would make a support call, someone would join you on a session, and you would get help almost instantly. Since COVID-19, a number of the technical support team members have been working from home or remotely. So, we haven't gotten to support people right when we need them. Sometimes, it takes a couple of hours or even days for us to get that instant support that we used to get. I think they are working on it. The last time that I had a support session with them, which was about two months back, I saw some relative improvements.

We have been using the OVA file on a virtual box. Once we slam it on the VM, it is quite straightforward. Once you are done with that, then you define the IPs.

We have had quite a number of our prospective clients have come to us, and say, "Hey guys, we want AlgoSec," but one of their turn-offs has been the pricing. I would like it if AlgoSec would review their pricing and come down on it. The solution is quite amazing and versatile, so we would really appreciate it if the pricing could be reviewed for Nigeria because we definitely would get more sales if that happened. 

In Nigeria, quite a number of industries have been hit hard by COVID-19 and we are not a high income generating country, so a lot of people want to cut costs. When it comes to the security, companies would rather settle for less and take a step back because of the cost. They might even put infrastructures off. However, if the pricing is reasonable and affordable for people in this part of the world, then our company will definitely see more sales.

AlgoSec is 10 out of 10 compared to FireMon. Compared to any other solution that does firewall analysis and policy management, AlgoSec deserves 10 out 10 because of:

• Its simplicity: Virtually everything about AlgoSec is straightforward.
• Versatility, as far as the reporting and alerting.
• Support, which is quite amazing.

If you are looking for a tool that will provide you clear visibility into all the changes in your network and help people prepare well with compliance, then AlgoSec is the tool for you. Don't think twice - AlgoSec is the tool for any company that wants clear analysis into their network and policy management.

Anybody can use AlgoSec once they take all the training.

Compared with other tools on the market, the solution is 10 out of 10.

We use this solution for device changes auditing, device compliance, network mapping, active change, clean-up of the rule base, and a ticket system.

The device changes audit is a quick identification when changing the configuration on devices. Device compliance gives us the ability to generate device compliance reports. The network map is the method for locating the devices that are related to the communication of origin and destination.

Active change is used to centralize the creation of rules in AlgoSec without the need to access other devices. Cleaning up the rule base means that AlgoSec reports and helps remove unused rules and even unused objects within a rule.

In terms of the ticket system, FireFlow helps to record user requests.

AlgoSec products help to manage complex environments with many devices, so we can deliver requests more quickly.

Environments with many devices are difficult to identify problems, especially when there are new analysts on the team. AlgoSec helps in troubleshooting and streamlines the analysis.

AlgoSec helps in the agility of the analysis, speed in the delivery of compliance reports, automation in the request to create rules in firewalls, removal of unused rules, and optimization of the rule base.

In my opinion, the most valuable features are the network map, unused rules reports (IPT), and active change. They are features that help with automation and reduce the analyst's time spent troubleshooting.

The unused rules reports (IPT) help remove unused rules and even unused objects within a rule.

I would like an analysis to be created for user group rules (Check Point - identity awareness). 

Current versions of AlgoSec do not perform analysis of Identity awareness (Check Point). It would be important for the user to be able to request a rule by an access role group and then AlgoSec would create this rule automatically in the firewall.

An improvement in tool performance would be important. Environments with many devices need a lot of hardware resources to avoid slowdowns. Memory consumption of the server is very high.

I have been working with AlgoSec for five years.

The tool is very stable and does not present many problems.

Currently, the tool works well with large environments.

It may be necessary to create a distributed solution of the product on different servers (WEB / DB).

We did use another solution prior to AlgoSec and the change was due to the reports having more information and easy customization.

The initial setup is simple.

After that, it is possible to make customizations to adapt the tool as desired.

The cost of the tool can be recovered with AlgoSec automations.

We evaluated Tufin and FireMon before choosing AlgoSec.

AlgoSec is the best tool on the market.

Increase the visibility of CyberSec and the area of compliance (audit) of the environment, with the AFA increasing the visibility of vulnerabilities in the environment caused by extensive configurations, and with the AFF optimizing the operation, allowing to focus on improvements.

We implemented in an environment with more than 280 Firewalls from different manufacturers and the AlgoSec solution enabled a more detailed analysis of the environment, ensuring greater security.

It made it possible to reduce the performance of the operating team in the reactive combat of threats, making the operation more active and focused on quality.

Reducing operational costs and decreasing the cat's time with rework and unproductive audits.

We find that the traffic simulation query, active change, policy optimization, FireFlow, and map features are especially useful. All other features of the app are also valuable.

The time spent on auditing before AlgoSec was very heavy, at least one analyst dedicated for a week for small audits, and for most, we lost an analyst for weeks.

After implementing AlgoSec, we reduced the audit time to three days.

The environment is much safer with more active configurations.

Analysis of the environment to optimize the use of the solution (firewall) and obtain a greater view of compliance.

Optimizing the operation making it possible to focus on other improvements.

The possibility for the end-user to request their rule and ensure that policies are complied with using AlgoSec adds greater security, and it also speeds up the request process. It also makes it possible to automate the implementation of rules.

The user receives the information if his request is within the policies and can continue the request, or if it is denied, the applicant must adjust their request to stay within the policies. The time spent for this without AlgoSec is up to one week, whereas with AlgoSec, in a maximum of 15 minutes we have the request analyzed.

I would like to see support more technologies, but I know that AlgoSec is always in the process of evolution.

Perhaps a better financial option would allow customers to choose the complete solution. In an environment that is very large, with many firewalls and routers, it is sometimes impossible to buy all of the licenses. This makes the AFF solution impossible.

This product is stable. There have been a few problems, but when there is some instability the support is always available.

Scalability-wise, this product is good. You can increase capacity simply by buying more licenses.

We had a few cases where we needed support, but whenever we did, it was available, and with the information needed to solve the problems.

The initial setup is easy and simple.

Always by supplier, highly qualified work with positive results.

The solution has a high cost, but the reduction in operation pays the investment.

For the AFF solution, it is necessary to purchase a license for each network asset so that the solution is complete, depending on the size of the environment. 

Before choosing this product, we evaluated SolarWinds and FireMon.

Overall, this is a good product and it meets the needs of customers.

We use it daily to check existing rules created on all our firewalls and existing flows that are allowed, and if we can improve the performance of our firewalls by just doing the rearrangement of rules, etc.

We got more productive and agile using the product since the most time consuming job of our team is the creation of firewall rules, analyzing what is already created based on the requests of our users and internal costumers. The solution provides us an in-depth detail of what we have already in production and what we can do to resolve tickets/requests in the most effective way.

We now have more visibility into our firewall and security environment using a single pane of glass. We have a better audit of what our network and security engineers are doing on each device and are now able to see how much we are complaint with our baseline.

The product gave us more agility in the process to analyze and resolve tickets by requesting permissions to access services not enabled by default. At the same time, providing visibility of what we can improve on the scenario that we are already running on it.

The quick wins that the product can help us to achieve. With a few rule arrangements, we can improve the rule processing of the firewalls, increasing their performance and reducing possible bottlenecks, but keep us under the defined baseline of the company.

Also, the gain on the agility of checking what we already have created. The rules that can accommodate new requests instead of creating new rules have definitely helped us to resolve tickets in a faster way, achieving the expected SLA from users and internal customers of the company.

The product should support more vendors with the same in-depth analysis that it already is providing. This would give more reasons to for other companies to adopt it and make us preserve the investment in case we change the running environment.

Five months.

It is very stable without any major issues.

We don't see scalability on this product as a showstopper. We are confident that we can grow without any impact.

Very good. They helped us on everything that we needed.

We stopped using FireMon due to the price and lack of features.

No.

Through a vendor who fulfilled all our expectations.

It is fair. 

For cloud environments, it can be expensive. The model adopted to use as licensing for the cloud environment should be reviewed since it sometimes can increase the value of the service/product in an unexpected way. For example, they should instead use the amount of instances, which should just take into consideration the number of Security Groups and ACLs.

No.

The automation and orchestration of security-related change requests on our selected firewall (in our case Checkpoint) to decrease the time it takes to raise, manipulate, and execute change requests. This is all done with minimal interaction from our Firewall and IPS team, allowing them to more effectively use their time.

It has eased the process of streamlining our firewall configuration management considerably. Our firewall and IPS team now has the ability to budget their time and focus on other tasks, rather than dealing with repetitive change request functions. This has enabled the team to work much more efficiently and effectively.

The feature we found most useful is the automation of the change process within our organization for firewalls. This feature has reduced the number of mundane tasks the firewall and IPS team undertake on a regular basis. We have been able to increase the effectiveness of the team, allowing them to prioritize more complex and business-critical tasks in a faster manner.

In terms of integrations, we would like to see a greater number with the upcoming and next-generation tools (i.e. SOAR and a selection of other SIEMs). This has been a problem for us, as we are going through the process of enhancing our security and some of the products we are looking at are lacking built-in support (integration).