AlgoSec Reviews

The solution is mainly used for auditing firewall rules and inter-zone connectivity within the client environment. 

Another use case we have at the moment is to audit all changes done on the firewalls across the environment. We are also using Fireflow which significantly reduces the administration effort and time required to analyze, plan, and implement firewall changes on a day to day basis. 

Compliance reports are a big help and ensure that the client environment is up to date in terms of their security standing.

AlgoSec has definitely helped to improve the process of auditing all firewall rules and access. 

From a security standpoint, it has significantly improved an organization's standing from identifying all risky items in a given firewall policy as well as change audits, among others. 

Using Fireflow has also significantly reduced the amount of effort and time required to analyze and plan firewall changes that normally happen on a near-daily basis. 

Change audit has also reduced the effort during audit season especially when clients are running multiple-vendor firewalls.

Risky rules and compliance profiles are very valuable. With these reports, we are able to identify gaps in the client's firewall policy and this allows us to effectively remediate such gaps. 

The time and effort saved by using these compliance reports or profiles are definitely welcome. Another feature that we would use on a near-daily basis is the Fireflow and simulation query functionality. With the simulation query, one would not need to log into a specific firewall vendor console to verify if access is allowed or not; we run it through the simulation which saves us a lot of effort.

Support could be improved. Support of the KB database is extensive but still does not cover all subjects, at least from my experience. 

Another area of concern that I think could be improved is the licensing system. With the version we are currently running, it is a bit confusing since, for some reason, AlgoSec license usage is handled differently between firewall vendors. It may be a bit challenging to properly size the purchase of a new license - especially if a client is running multiple vendor firewalls in the environment.

I've been personally been using AlgoSec for more than ten years now.

The solution is very reliable. No issues encountered during daily operations.

I haven't personally done a lot of scaling projects with this product.

The technical support is all right, however, it can be improved.

Neutral

We did not previously use a different solution. 

The setup is pretty straightforward and AlgoSec did provide support during the process.

We worked in-house, with AlgoSec, and with a vendor found that both are highly knowledgeable.

I'm not part of the business team and do not analyze this aspect.

I am not part of the team in charge of licensing. 

We also looked into FireMon and Tufin.

The primary use for AlgoSec is managing firewalls and to introduce a workflow system for requesting access through firewalls, which is fully integrated with them.

It provides faster go to market with fewer resources. In one system, users are able to request access through the firewall for business services, which can be approved by the appropriate team and can be implemented automatically by the system itself. Furthermore, users are able to track whether one particular access is blocked on any of firewalls or not, etc.

The most valuable modules are Firewall Analyzer and FireFlow. FireFlow is the workflow system, whereas Analyzer is the module responsible for tracking the configuration of firewalls, routers, switches, load balancers, etc.

There are many more useful features that cannot be listed here in a detailed manner.

I would like to be able to see what objects have the same IP, but different names in different firewalls. Since the system is able to show all of the objects for the integrated devices, it can be confusing if one particular object (eg. IP address/host) has different names in different firewalls.

I have been using AlgoSec for two years.

We have not experienced any problem with the system.

The system can be run on virtual machines, so we don't have any issue with scalability.

I would rate the technical support with five stars. :-)

We always received the necessary help quite fast, and the answers were valuable.

We didn't have a similar system before this solution.

It was not so complex and didn't take more than several days until we integrated all of the important networking devices.

It was implemented by a vendor, they had the necessary expertise.

Actually, I cannot really estimate because I am responsible for the operation of the system. I can say that we have saved some resources with the automatic implementation feature.

I propose to purchase licenses for all of the networking devices in the network, because if not all of the devices are integrated then the query of particular access cannot be discovered entirely.

We have chosen this system after evaluation (RFQ). The other competitor was Tufin.

We have deployed the first brick of AlgoSec solution suite, Algosec Firewall Analyzer (AFA).

We wanted to get a live Network Mapping and to directly be able to check if a flow is allowed or not, without needing to test and then check the logs. We also need to check for compliance, baselines, and risks over our network.

This solution provides visibility and comprehension of the network in our organization. It assists us in network security reviews and audits. In the end, a lot of time, we add context and build a security matrix matching our own standards. The optimization tools are much appreciated by the network operators.

The What-if analysis allows us to check the security rating under hypothetical rules that may be implemented on our firewalls.

Baseline compliance allows you to run and check the results of commands on the Firewalls and Routers. This solution is perfect for checking compliance against best practices, as proposed by the CIS.

The user interface is better than some competitors, but it is starting to get old. Space is not always fully used, especially for the risk and compliance part. As example today, Excel file should be used to deal with network segment definition and risk matrix, it is hard to do it directly from user interface and there is no way to organize, order a set of test.

Priority should be to improve the user interface for the risk and compliance part, making it more responsive and user-friendly.

We have had no problem with stability to this point. We have High Availability and have tested it correctly. Disaster recovery mode is also available.

Scalability seems to be one of the strongest points of this solution. Worldwide architecture with remote agents, or slave master architecture. Be careful in terms of how you will deal with the log management as to not impact your network. A distributed architecture can help.

We have one ongoing ticket to solve an issue with SSO. They are working on it seriously.

We did not use another solution prior to this one.

The initial setup is long. The more knowledge you have of your network, the faster it will be.

We implemented with the help of Orange Cyberdefense.

Their expert is very good, and honest with respect to the solution's capabilities.

Licenses are provided by firewall and routers. Do not underestimate the number of routers because the price can be significantly reduced as you buy more licenses. Same if you go for more than one product (i.e. FireFlow, BusinessFlow)

Before choosing this solution we evaluated FireMon and Tufin.

I use AlgoSec for my firewall rule optimisation, compliance baseline auditing, firewall change reviews, etc.

AlgoSec has helped tighten the rules on my firewalls, reduce the risks or exposure, and also meet regulatory compliance.

I have found the firewall optimisation feature to be very valuable because most developers don't know the ports or services their applications are running. After running the rules on any services for a short while, AlgoSec helps get the right service ports and IP addresses.

The product or service could be improved by orchestration or automation that will help in changing the rule sets on the firewalls based on the detected used services/ports and IP addresses. 

AlgoSec has been very stable compared with its pairs.

The solution's scalability is impressive.

Service/technical support are good at their job and responsive.

No, I didn't.

It is quite easy to deploy and manage.

Implemented through a vendor and their level of expertise is high.

Worth every penny, and the value realisation is great.

AlgoSec is worth every penny for the value or return of investment. 

No evaluations. AlgoSec was recommended, and we got a trial version for a period.

None.

We have been using AlgoSec mainly to review/filter duplicate firewall rules and policies.

It helped us clear out almost half the work by identifying the rules automatically with no manual work, which is very cool.

The analysis and visualization part has given us a great insight into our perimeter security architecture. Also, the top 100 policy report usage is a pretty cool feature that I like the most. It also helps us from an auditing standpoint as well to make sure we meet our compliance demands.

I think the product is great from an overall observation, sometimes speed is an issue but I think it could be improved a little bit from a parsing perspective.

• Granular visibility
• Risk rules evaluation
• Saves with manual processes and dependencies

• Saves person-hours
• Security tightening and optimization in minutes
• Loophole identification which helps with compliance
• Effective tracking and automation of change management

Automated policy push for the Fortinet product family. The Active Change/Automated Policy push feature is already there for all other leading devices such as Cisco, Check Point, Juniper, and Palo Alto, etc.

I've used it for two years.

It's not hard to deploy, and can be run on a virtual environment.

It is a robust easy to use platform.

It has highly scalable architecture.

The customer service team is reliable.

They have time-zone matched technical/SLA support and local response team available.

It is pretty straightforward and a piece of cake for the network engineers.

Initial implementation is highly recommended to be done through a vendor and/or subject matter expert so you can leverage the best of the features.

AlgoSec is a best of class solution with unique value proposition. Licensing has flexibility perpetual and subscription models, and by identifying your own real needs can achieve savings.

As a fair evaluation, other solutions are available in the security policy cleanup area. However, AlgoSec stands apart with a visionary business centric approach – not limiting itself to a mere firewall security cleanup tool. With AlgoSec, we also get an automated security change management/compliance solution. It has the unique and powerful application connectivity auto-discovery and then translates these to firewall rules. This is useful to achieve automation during datacenter migration, etc.

AlgoSec is a business-driven security management solution, a comprehensive and visionary solution which covers what needs to be covered in firewall security visibility, security change management, and application-security connectivity. AlgoSec as a platform fills the gaps between the otherwise disconnected teams - Security, Network and Applications - within an organization.

• Intelligent policy tuning helps to reduce risk and improve device performance
• Traffic simulation query on a specific device

AlgoSec reduces time and costs of firewall change management, risk mitigation, and compliance audits.

AlgoSec should support these features:

• Expired time should be one of the components of firewall rules, not only source, destination
  For example: Now, in Algosec Fireflow, when creating a change request, there are only 3 component: Source, Destination and Service. I want to have expired date of the traffic

• Detect duplicate objects in different firewalls
  Now, Algosec can only detect duplicate object within one firewall. I want to detect in different firewalls
  For example: firewall 1 has objet A with IP address 1.1.1.1, firewall 2 has object B with also IP address 1.1.1.1. I want Alogsec to detect this duplication

• Show IP address of object in a report, query result
  Now, in report, query results, Algosec only displays name of the objects. I want to display IP address of these objects

3 years.

No, we haven't encountered any issues.

No, AlgoSec is stable.

No, AlgoSec fit our size and is scalable.

Very good.

Good.

No.

The initial setup was simple.

Via a partner, they're very good.

We haven't calculated ROI yet, but AlgoSec saves us labor and a lot of time.

Tufin, we selected AlgoSec because it provide some useful features that other solution didn't have.

AlgoSec is very helpful for our organization.

• Firewall rule monitoring
• Consolidated report on unused objects and rules

We use this tool for rule monitoring and cleaning up the unused objects to improve performance. The risk team uses this tool to validate the existing traffic flow for their approval.

It is currently unable to export the report to a CSV file, and I look forward to seeing it in the next version/release.

I have used it for more than four years.

Deployment was very easy; the vendor-provided documentation was good.

Technical support is 8/10.

I was able to implement it on my own.

It's a very useful product and I highly recommend everyone having this product in place on their security infrastructure.