AlgoSec Reviews

We use this solution for managing risks, device compliance, a ticket system, and active change.

It definitely helps a lot to manage the complexity of environments with many devices and many vendors.

The most valuable features are the network map, risk analysis, and tickets for firewall changes.

Very helpful automatic implementation of requested changes.

I would like to seem improvements in performance and software stability.

Since approximately 2005, I have used AlgoSec in almost all of the companies that I have worked at. AlgoSec Firewall Analyzer (AFA) continues to be my favorite product, as well as the core of other AlgoSec products. My teams use AFA to validate firewall (FW) changes, see hidden and complex rules, identify dangerous combinations of rules across many enterprise firewall situations, and enable a risk-based approach to firewall rules and associated risk management.

AlgoSec is able to provide a consistent view into all of an organization's firewalls, regardless if the management is done by different companies, e.g., Check Point's, Cisco's, and Palo Alto's firewall policies are presented to the security team in a consistent format. This enables risk management decisions to be made without detailed understanding or experience in various underlying firewall technologies or management systems.

AFA is the best feature. It shows consistent information regardless of the underlying platform. Unused rules, hidden rules, and dangerous combinations of rules are easily found and tracked by using AlgoSec.

• I would like to see continued expansion to other firewall versions, platforms, and vendors. 
• I would also like to see continued work on the roadmap.

• Audit reports
• Firewall rule optimization

There are hundreds of firewall administrators, and each one of them creates rules. Optimizing these rules and being able to make them more logical is a key feature of AlgoSec.

The reporting features need to be improved.

I've used it for one year.

We did encounter an issue with integrating it with the firewall, but we then found that the firewall was the culprit not AlgoSec.

No issues encountered.

We need to carefully plan scaling AlgoSec.

7/10.

9/10.

This is my first implementation.

There were guides available, and the more you read, the easier it becomes.

I am am a vendor. I work at Dimension Data as a network engineer who deploys these solutions.

We also looked at Tufin.

It's a very flexible product, and you can make the most from the available features on the box.

Check Point platform with over 14 clusters. 

It is very useful for PCI DSS compliance. 

FireFlow has been a winning product, as it helped with documenting all the processes in our rule implementations.

Rule optimization is one of the features that we have used the most, as firewalls were running for a while with no prior process rules created for them and no follow up being done.

• The reporting could be a bit better. 
• FireFlow was a bit tricky to configure with its customized flows. Maybe the latest release will resolve this.

Deployment was fairly easy. There were no issues. 

Everything was done using in-house resources.

Orchestrating a big network environment with 2600 Layer 3 devices for different brands. The environment spans several hundreds locations across all continents.

It gives control and visibility to the end users. It also lowers the burden of the security department.

• Its ability to describe the business, getting firewall rules as a result. 
  
• Creates the possibility for security engineers to obtain visibility on the complete environment.

Needs better integration between modules and also a better troubleshooting methodology. There are still a few improvements to be done in the user interface.

The HA solution is not good.

The HA solution is not good.

They provide good support, but sometimes lack the knowledge on a specific use case. It has improved in the last six months

No previous solution was used.

The initial setup was extremely complex due to our large environment.

As a partner of the vendor, we do the implementation at the customer site.

Use the entire suite for its best benefits.

Tufin was also evaluated.

I mainly use AlgoSec for policy change management and to intercept dangerous changes to firewall rules.

In the past, policy changes were applied, but not always with the correct approval. Because of this, we ended up with huge holes in the rule base.

Multi-vendor feature in a multi-vendor environment is a must. Ensures changes adhere to internal and regulatory standards.

Today, we don't dare push the new policy automatically, We don't have confidence in this feature.

No.

Yes, Tufin.

• Templates
• For baselines PCI-DSS

We now have baseline and rules checking.

It would be nice if it was more variable when checking virtual domain baseline in the same way as Fortigate's firewalls do.

I've used it for one and a half years.

We had issues with the clusters.

It's slow to synchronize a database that is not synchronized.

No issues encountered.

It's good.

It's good.

No previous solution was used.

There were some issues when setting up the cluster and getting it to synchronize properly.

I did it myself.

You need to be able to script and have skills using Linux.

• Firewall analyzer
• Fireflow

It has made implementing regulatory requirements like PCI DSS and ISO easier. It makes me more security aware.

It would be nice to have it integrate with the existing change management portal.

I've used it for one year.

No issues encountered.

No issues encountered.

No issues encountered.

It's good.

It's good.

I used Cisco Security Monitoring Analysis and Response System before it was retired.

It was straightforward.

We implemented it through a vendor, TransMarket.

I think the product is too expensive.

No other options were evaluated.

It is a good product but I think it is expensive.