Try our new research platform with insights from 80,000+ expert users
Security Analyst at a tech services company with 1,001-5,000 employees
Real User
Good reporting and improves the security and compliance of our environment
Pros and Cons
  • "It is helpful in improving the security and compliance of our environment. We can optimize our environment by improving the rules that are not used or are duplicated. FireFlow is useful in creating and implementing new rules. It allows us to automate rules implementation and have more control over the rules."
  • "In our environment, we add rules in the files based on user logins, but currently, we can't do that with AlgoSec. AlgoSec can't create rules based on user logins. For example, generally, when we create a rule, we put IP Address, Destination IP Address, and Service Port. However, in our environment, we put IP Address, User Login, Destination IP Address, and Service Port, but AlgoSec doesn't support a rule in this format. We opened a ticket regarding this with their support two months ago, and they said that they will be able to add it in the future, but they don't know the timeframe."

What is our primary use case?

We started deploying the application in January of this year. Currently, in our contract, we have a license for AlgoSec FireAnalyzer and FireFlow. So, at this moment, we are only working with AlgoSec FireAnalyzer. 

We are using AlgoSec to have a good view of our environment in terms of the risks and compliance and to implement rules. Our environment at this moment is only on-premises. We have servers, routers, firewalls, etc.

How has it helped my organization?

The visibility that AlgoSec provides about our environment is very important. Without it, we won't have visibility into various risks to our environment. AlgoSec can show us these risks and allows us to improve and close some rules. It improves the security of the network, and we can protect the data of our customers more efficiently.

What is most valuable?

It is helpful in improving the security and compliance of our environment. We can optimize our environment by improving the rules that are not used or are duplicated. FireFlow is useful in creating and implementing new rules. It allows us to automate rules implementation and have more control over rules.

Its reports are very important for compliance and understanding and mitigating risks. They show us the rules that are open or that can create risks for our environment. This information is very important for us for optimizing our environment and correcting the policies.

What needs improvement?

In our environment, we add rules in the firewall based on user logins, but currently, we can't do that with AlgoSec. AlgoSec can't create rules based on user logins. For example, generally, when we create a rule, we put IP Address, Destination IP Address, and Service Port. However, in our environment, we put IP Address, User Login, Destination IP Address, and Service Port, but AlgoSec doesn't support a rule in this format. We opened a ticket regarding this with their support two months ago, and they said that they will be able to add it in the future, but they don't know the timeframe. We are currently in the process of making changes in our environment for such rules, and after two months, we won't be using the rules that are based on user logins. We will make them consistent with the market, and we will use only the IP Address, Destination IP Address, and Service Port for rules. So, it won't be a problem for us, but this can be an improvement for other clients.

Buyer's Guide
AlgoSec
November 2024
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.

For how long have I used the solution?

It is quite new for us. We starting working with it just a few months ago.

What do I think about the stability of the solution?

Its stability is good. We never had a problem where we couldn't access the platform. It is always available, and we don't have any problems related to the downtime of this platform.

What do I think about the scalability of the solution?

At the moment, it gives us what we need. Next month, we will add new technologies to AlgoSec.

How are customer service and support?

AlgoSec has a great team. They are professional and have good knowledge of AlgoSec. We have a good relationship with them, and we got good support from them.

Which solution did I use previously and why did I switch?

We never had a solution like this. It is the first one in our environment.

How was the initial setup?

We started its implementation in January with the help of a partner company. It was very easy to implement, and we didn't have to contact AlgoSec.

We completed the deployment in February. We put it in our environment and started the server. After that, we did the configuration and started to add our devices to AlgoSec.

What about the implementation team?

We implemented it with the help of a partner company in Brazil called Logicalis. When we have any problem, we talk to them, and they are able to help us.

What other advice do I have?

I would recommend this solution because AlgoSec provides a lot of reports and views of your environment. You won't be able to get this view through a firewall manager. For example, the CheckPoint firewall manager won't provide what AlgoSec provides, especially related to the compliance of your environment.

We have implemented Cisco ACI in our environment, and AlgoSec will help us to work with this new technology implemented in our environment. We will integrate AlgoSec and ACI next week.

I would rate AlgoSec a 10 out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
PeerSpot user
Technical Manager at Global Technologies for Trading and Contracting
Real User
Automated rule re-ordering helps improve performance, but it needs an intelligent tuner
Pros and Cons
  • "I found that for policy optimization it does a great job."
  • "I would like an intelligent tuner where it could help update rules with the application ID."

What is our primary use case?

The primary use for this solution is to clean-up and fine-tune firewall rules.

How has it helped my organization?

I found that for policy optimization it does a great job. It handles covered rules, duplicate rules, and consolidated rules.

What is most valuable?

The most valuable feature is the ability to reorder rules because of the enhancement of firewall CPU performance when they are applied.

What needs improvement?

I would like an intelligent tuner where it could help update rules with the application ID.

For how long have I used the solution?

I have been using this solution for one month.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
AlgoSec
November 2024
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
Technical Director at Keystone Solutions, Inc.
Real User
The product, directly implementing the policies to be enforced by the gateways, makes life easier for IT

What is our primary use case?

  • A systems integrator to implement for clients
  • To help them manage their firewalls that were bought from us as well.

How has it helped my organization?

It provides the organization by giving us visibility in the process of our clients and automates policy implementations and checks. It gives value to our managed services that we provide.

What is most valuable?

  • Algosec Firewall Analyzer and Algosec FireFlow: They basically give us a full picture of how traffic flows and how we can secure it.
  • The product, directly implementing the policies to be enforced by the gateways, makes life easier to the IT.

What needs improvement?

Based on the conference I just attended, it is improving by Algosec opening their API more. This allows us as a systems integrator to give more value to our clients. We will be able to integrate more things that do not come out of the box.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

Stability is fine as it's been in the market for a long time.

What do I think about the scalability of the solution?

Scalability is fine especially as they just released their CloudFlow as well.

Which solution did I use previously and why did I switch?

No.

How was the initial setup?

AlgoSec helps us be ramped up on our technical expertise on the product.

What was our ROI?

N/A.

What's my experience with pricing, setup cost, and licensing?

Licensing is simple, and the setup is straightforward.

Which other solutions did I evaluate?

Yes, Tufin.

Disclosure: My company has a business relationship with this vendor other than being a customer: Systems Integrator
PeerSpot user
PeerSpot user
Technical Consultant at a tech services company with 10,001+ employees
Consultant
By leveraging BusinessFlow/FireFlow/ActiveChange we have been able to reduce the time from initial requirements gathering to implementation of complex firewall designs.

What is most valuable?

We were immediately able to leverage the workflow tools in FireFlow with ActiveChange to speed up our deployment of firewall policies.

How has it helped my organization?

By leveraging BusinessFlow/FireFlow/ActiveChange we have been able to reduce the time from initial requirements gathering to implementation of complex firewall designs by approximately 80% without compromising our security posture. 

What needs improvement?

Additional understanding of complex routing in multiple systems.

For how long have I used the solution?

We have had this working in our production environment for about 6 months.

What was my experience with deployment of the solution?

The initial deployment was unsuccessful as the product had not initially support our use of virtual routing instances on Juniper SRX devices however AlgoSec engineering was quick to deploy fixes to allow us to reach our desired outcome. 

What do I think about the stability of the solution?

None.

What do I think about the scalability of the solution?

None.

How is customer service and technical support?

Top notch.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user494187 - PeerSpot reviewer
Security and Network Architect at a tech services company with 10,001+ employees
Consultant
For FireFlow, workflow customization and active change are the best features. Interaction with a lot of vendors results in a lot of options and bugs.

What is most valuable?

With a network like ours - more than 100 routing points with around 6 VRF on each - traffic simulation query is one of the most valuable feature on AFA.

For FireFlow, workflow customization and active change are the best features.

In BusinessFlow, the ability to simulate documented flow against configuration by AFA is the best feature to limit differences between documentation and production.

How has it helped my organization?

This product allowed us to identify unused rules more easily and doing this simplifies policies in our firewall. We now have documentation of our application with objects sync with real configuration. Our approval in change management has been improve through FireFlow and errors have been reduced through change advised and active change. We also save time by identifying earlier than usual routing issues associated to a change request.

What needs improvement?

A lot of areas have room for improvement!! This product is still young and in constant development. Interaction with a lot of vendors generates a lot of firewall options (specifically, a timer on services, application control, and so on...). This interaction also generates a lot of bugs in the product. Every new version contains about 10 to 20 bugs for our environment. This is partially explained by the fact it has to understand all of the architecture and specificity associated with all of the supported vendors.

A few of the bugs are:

  • Services composed with something else other than TCP or UDP are not well-handled and not working in simulation queries. (For example, AH or ESP or EthernetOverIP.)
  • Traffic with same objects in source and destination are not working.
  • When NAS is used to store reports, we have had a lot of bugs associated with wrong URL encoding.
  • Role assignment with multiple LDAP issues.
  • Some file cleanup not working as expected.
  • Active change is available for only a few vendors.
  • BusinessFlow doesn't offer auditing regarding object management and with a lot of application and managers, it quickly becomes an issue with duplicated objects and so on.
  • There are also gaps in access right management.

For how long have I used the solution?

I have been using it nearly two years.

What do I think about the stability of the solution?

Every version came with its bug bundle... In two years, we opened 50 cases and about 40 of them escalated to development for resolution. This situation is also explained by complexity of our architecture.

What do I think about the scalability of the solution?

I have not encountered any scalability issues. Each version usually improves performance and the amount of required disk space.

How are customer service and technical support?

Technical support is 7/10; quick to give a new version solving the issue but long to identify the issue, even when it seems to be identified from the beginning.

For example, more than a month ago, we identified a wrong link associated to NAS configuration. We can clearly see that the wrong link was being generated, pointing from the NAS directly to the NAS repository, instead of a symlink. It took more than a month for support to accept this and to escalate the case to dev. After dev escalation, we are expecting a fix on Monday. So, it took four weeks to acknowledge the issue and two weeks to be fixed by development.

Which solution did I use previously and why did I switch?

We did not previously use a different solution.

How was the initial setup?

Initial setup is straightforward; some custom options can be tricky to set up, but will not be used by most customers.

What's my experience with pricing, setup cost, and licensing?

Be careful with VRFs. One router with two VRFs consumes two licenses. So a new VRF configured on all routers will double the number of licenses required on routing elements.

Which other solutions did I evaluate?

We benchmarked Tufin before choosing AlgoSec. We chose AlgoSec over Tufin for its capacity to be more customized and its support for MPLS and VRF.

What other advice do I have?

Offer me a job. ;) I will help you set it up.

More seriously, test it with caution through a POC to be sure that all your architecture specifics are addressed. If not all of them are addressed, ask for a commitment regarding support of missing features and ask for those commitments to be written down before ordering.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1436436 - PeerSpot reviewer
Presales Engineer at a tech services company with 11-50 employees
Reseller
Automated firewall rule analysis saves time, and automated rule modification eliminates human error
Pros and Cons
  • "AlgoSec Firewall Analyzer can detect misconfigurations and unused or permissive rules, as well as rules without logging. Through a single dashboard, I can see all the problematic rules from all the firewalls. It's very simple, with AlgoSec, to get an analysis of all the rules, and that helps with visibility."
  • "AlgoSec integrates with most of the leading firewall vendors, but one issue is that AlgoSec doesn't support Sophos and Forcepoint. AlgoSec competitors, like FireMon, support Forcepoint."

What is our primary use case?

One of the use cases for the solution is when you have many firewalls from different vendors and would like to handle all the configurations from a single pane of glass.

We are an AlgoSec distributor, and another use case that is very important to our customers, especially in the financial sector, is generating compliance reports. AlgoSec has very comprehensive compliance reporting. Most of our customers who use AlgoSec care a lot about compliance reports, whether ISO or PCI or other types of compliance.

How has it helped my organization?

AlgoSec saves time by providing an analysis of all the firewall rules. For example, I might find 10 unused rules, or rules without objects or without a subnet. To get that information manually can take time. I might have to go through a firewall and check the rules and it would take at least 10 minutes for 10 rules. And a manual process can result in errors. AlgoSec saves time because it can detect all unused rules and I can just remove them via the AlgoSec platform through FireFlow. Removing those 10 rules manually can take about 20 minutes, but through AlgoSec it takes one or two minutes.

The solution can find all the misconfigurations in firewall rules and it can delete or modify them automatically, with no human action needed. As a result, there will no longer be errors in the firewalls. FireFlow handles the workflow of adding and removing policies. Sometimes, an engineer may not have solid experience when it comes to firewall rules. If he goes to the firewall portal itself and tries to add or remove a policy, this policy may cause errors or potential risk. AlgoSec handles this process instead. It helps eliminate human error.

Also, if you have a network engineer with less experience, he can still go through AlgoSec and submit rules. AlgoSec supports another tier of engineers who approve the policies. This is all done using FireFlow.

What is most valuable?

We use the AFA (AlgoSec Firewall Analyzer) and FireFlow. AFA is the most popular feature in our region and FireFlow is good for managing workflow.

AlgoSec Firewall Analyzer can detect misconfigurations and unused or permissive rules, as well as rules without logging. Through a single dashboard, I can see all the problematic rules from all the firewalls. It's very simple, with AlgoSec, to get an analysis of all the rules, and that helps with visibility. AlgoSec can do a risk assessment for each policy or rule in the firewall and detect the severity of each rule, whether low, medium, high, or critical. I can get a quick overview of the risk policies that a customer needs to change because, perhaps, there is a rule where the risk is high.

The AlgoSec dashboard is very simple. I can find all the information without any effort. All the tabs are clear and straightforward.

I can apply changes to rules through FireFlow. For example, when I detect many unused rules, I can remove them and, using FireFlow's process, it is very simple to do so.

It is very easy to generate a compliance report for ISO or PCI. It can be done with one click. Some organizations may have a baseline for compliance. The beauty of AlgoSec is that it can adjust compliance according to the corporate needs or environment, when standards vary from one region to another.

When it comes to visibility, the solution can make a network map for all the devices in the network, whether routers or firewalls. I can run queries to detect network policies. For example, if a customer cannot access the corporate stack or the application site, using AlgoSec I can detect which firewall, and which policy inside the firewall, may be fully or partially blocking access. This is a very important feature and most of our customers use network mapping to create visibility into the network.

What needs improvement?

AlgoSec integrates with most of the leading firewall vendors, but one issue is that AlgoSec doesn't support Sophos and Forcepoint. AlgoSec competitors, like FireMon, support Forcepoint. I have told AlgoSec a number of times that we have many customers that use Forcepoint. I have asked why they don't support integration with Forcepoint. They have said they don't care about Sophos, Forcepoint, and SonicWall. They don't consider those vendors to be leaders in the firewall market and they don't have plans to support them.

For how long have I used the solution?

I have been using this solution for about two years.

What do I think about the stability of the solution?

Sometimes a customer's platform is down, but overall AlgoSec is stable.

How are customer service and support?

Support from AlgoSec is good. When I create tickets, they support us and solve all the tickets. There is no delay in support.

One of the things I don't like about AlgoSec is that when a customer has an issue with the platform, it takes time to resolve. Issues often need more than tier-one or tier-two; they're often not easy for the customer to resolve. It requires the AlgoSec team to solve issues with configurations or performance.

For example, AlgoSec upgraded the platform six months ago and it was mandatory for all customers. On my side, it was not easy to perform the upgrade and I had to request support from AlgoSec.

How would you rate customer service and support?

Positive

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
User
We can easily make our firewall flow change requests using the web interface
Pros and Cons
  • "We can easily make our firewall flow change requests using the web interface."
  • "It would be great if the product could be more simplified when defining the rules."

How has it helped my organization?

  • Centrally manage firewall flow requests
  • Approval/implementation and validation
  • We can easily make our firewall flow change requests using the web interface.

What needs improvement?

It would be great if the product could be more simplified when defining the rules.

Documentation could be added to the tools, then generate documentation and send it to the relevant people.

For how long have I used the solution?

More than five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1288842 - PeerSpot reviewer
Security Operations Engineer at a security firm with 201-500 employees
Real User
Enables us to create new rules and have a more secure flow
Pros and Cons
  • "We have critical security policies. With AlgoSec, we can create a security policy to manage critical applications. I have worked in the bank and they have critical applications. We created some security policies for those applications. Controlling the flow is critical for our customers."
  • "It can be optimized. There is a lot of RPA and we have scripts in AlgoSec that need recertification. With AlgoSec Firewall Analyzer, we can see lots of objects and lots of rules that tell us we need to clean the equipment. It will give us a solution but it doesn't always work. The solution that it gives us is not always accurate from the scripts."

What is our primary use case?

We use:

  • FireFlow 
  • AFA, AlgoSec Firewall Analyzer
  • BusinessFlow

I use AlgoSec to optimize the firewall rules and to analyze the logs of a lot of firewalls, like Palo Alto, Check Point, and Fortinet. 

When a user creates a ticket in AlgoSec, I validate the ticket or don't. It's opened flow in the firewalls also. 

I also use it to implement and push the rules in the equipment. 

I have used it for compliance and analytics. I audit Cisco ASA equipment. I do a compliance report for every piece of equipment. I do some reports and also weigh any risk on each piece of equipment. Some rules use, for example, a critical port. If it shows to be a risk, we'll take action. For example, we can optimize a permissive rule and create new rules to have a more secure flow.

I use FireFlow to help users when they create a ticket in AlgoSec. I help them with information like the IP source, IP destination, and endpoint. 

AlgoSec also helps users choose the right equipment. There are a lot of stages and at every stage, I can choose the equipment. We have a lot of equipment and a lot of firewalls so that we can identify equipment. I also use the map to see the flow from the source IP to the destination IP so we can discover the network. It's essential to have a picture of the flow in terms of the equipment, services, and protocol.

We have critical security policies. With AlgoSec, we can create a security policy to manage critical applications. I have worked in the bank and they have critical applications. We created some security policies for those applications. Controlling the flow is critical for our customers. 

How has it helped my organization?

In the beginning, we compared tools like AlgoSec, Tufin, and Skybox. We did some research. There was budget to purchase the resource. We did comparisons and found AlgoSec to be the best solution.  

What is most valuable?

It's easy to use. It's not very complex. You can do a lot of things with AlgoSec.

What needs improvement?

AlgoSec should be optimized. There is a lot of RPA and we have scripts in AlgoSec that need recertification. With AlgoSec Firewall Analyzer, we can see lots of objects and lots of rules that tell us we need to clean the equipment. It will give us a solution but it doesn't always work. The solution that it gives us is not always accurate from the scripts.

For example, because we have a workflow, when the user creates his ticket, the ticket was automatically dispatched to different teams. We have a security team and another team to implement and push the rules. The ticket automatically will get sent to the wrong team and then we need to send it back to the user for them to update. 

For how long have I used the solution?

I have used AlgoSec for two years. I use AlgoSec in French.

What do I think about the stability of the solution?

I find AlgoSec to be stable. Sometimes there are days that it doesn't work. We connect to AlgoSec via the web. Some days we don't have access to it and we get in touch with the support team to help us. This happens around once a month. 

What do I think about the scalability of the solution?

It is scalable. 

How are customer service and technical support?

I reach out to support when I have questions. I send emails with my questions. 

How was the initial setup?

The initial setup was not complex. It was easy.

What's my experience with pricing, setup cost, and licensing?

In terms of pricing, it is more expensive than other solutions. It's expensive because we also have the AFA module. 

Which other solutions did I evaluate?

AlgoSec is better than Skybox and Tufin. We have a lot of AlgoSec licenses. It offers the ability to do optimization and varied tasks.

AlgoSec offers diagrams about different pieces of equipment but Tufin and Skybox don't offer these features. I can also control external IPs. We can see the configuration. All equipment has configuration and AlgoSec enables us to log that traffic. We have control over the flow.

What other advice do I have?

I would rate it an eight out of ten. It's practical and easy to use. Many enterprises use it in France. Anytime we have questions, the support team is responsive.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
Download our free AlgoSec Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free AlgoSec Report and get advice and tips from experienced pros sharing their opinions.