* Network map - to see how firewalls and routers are connected.
* Traffic simulation - to emulate traffic through the rule-base and see if you need to open additional ports/services.
* FireFlow - to order new firewall openings.
* Network map - to see how firewalls and routers are connected.
* Traffic simulation - to emulate traffic through the rule-base and see if you need to open additional ports/services.
* FireFlow - to order new firewall openings.
* Less overhead on the network security department since the user can verify the rules themselves.
* Risk profiles helps find disallowed traffic.
* Policy cleanup feature is really good for removing unused rules, etc.
* More unified UI
Since 2013
AlgoSec AFA provides visibility and enhancement opportunities on the firewalls. You can observe risk trends, regulatory and baseline compliance, as well as live changes and change history.
AlgoSec improved our firewall visibility and related control points.
Needs continuous improvements in all areas since firewall vendors are improving their products and the IT security industry is definitely improving itself.
3 years
Deployment is easy, no issues at all.
No issues so far.
8/10
Technical Support:8/10
No previous solution
Initial setup and deployment was straightforward.
We got help from a partner, 8/10
We evaluated two other vendors in addition to AlgoSec.
There are hundreds of firewall administrators, and each one of them creates rules. Optimizing these rules and being able to make them more logical is a key feature of AlgoSec.
The reporting features need to be improved.
I've used it for one year.
We did encounter an issue with integrating it with the firewall, but we then found that the firewall was the culprit not AlgoSec.
No issues encountered.
We need to carefully plan scaling AlgoSec.
7/10.
Technical Support:9/10.
This is my first implementation.
There were guides available, and the more you read, the easier it becomes.
I am am a vendor. I work at Dimension Data as a network engineer who deploys these solutions.
We also looked at Tufin.
It's a very flexible product, and you can make the most from the available features on the box.
It's helped optimize our firewall configuration and eased our troubleshooting.
The reporting feature needs work.
I've used it for six months.
It's expensive to get new licenses.
It was straightforward.
We used a vendor team who were 9/10.
It is expensive, but it's worth it.
I tested Firemon which is great, the only problems were the lack of a web GUI interface and our Apple clients couldn’t connect to it.
We also looked at ManageEngine.
Go ahead if you can afford it!
As a value-added distributor, we sell the AlgoSec solution primarily to financial institutions and Telcos. This is done through our partner network. The main use case we see is process automation. Customers can manage several firewalls or network devices with a single pane of glass.
Policy optimization, visibility, and a faster change management process has reduced unnecessary times required for manually changing processes. The resources are now utilized more effectively for other areas.
There is room for improvement in the rollback process.
What we would like to see in the future is related to support. For integration with newly supported devices, we require a proper support matrix with an escalation process.
In regards to stability, there is no complexity. We have not seen many faults reported by our customers. Faults are rectified quickly.
AlgoSec facilitates several form factors where customers can choose different options, including both hardware and software. For CloudFlow customers, we now have the SaaS model as well.
The support from the AlgoSec team is prompt and helps to rectify the issues in a timely manner.
We did not use another solution prior to this one.
The initial setup is straightforward for many of our customers. However, when we integrate with some newly supported network devices there is a challenge in getting support from the AlgoSec team.
As the distributor, all of the implementations for our customers was done by our own engineers.
Depending on the customer it takes between twelve months and eighteen months to see ROI.
The pricing is flexible with a low cost setup.
There is no complexity in the licensing methods.
As a distributor, we took AlgoSec as a complementary product to Fortinet, which was one of our main products.
Orchestrating a big network environment with 2600 Layer 3 devices for different brands. The environment spans several hundreds locations across all continents.
It gives control and visibility to the end users. It also lowers the burden of the security department.
Needs better integration between modules and also a better troubleshooting methodology. There are still a few improvements to be done in the user interface.
The HA solution is not good.
The HA solution is not good.
They provide good support, but sometimes lack the knowledge on a specific use case. It has improved in the last six months
No previous solution was used.
The initial setup was extremely complex due to our large environment.
As a partner of the vendor, we do the implementation at the customer site.
Use the entire suite for its best benefits.
Tufin was also evaluated.
Automate the change documentation in MS Word format. Therefore, we can customize it, if needed.
We can optimize and produce reports for 744 firewalls from different vendors (Check Point, Juniper, FortiGate, and Cisco) with one application.
We have requested improvement to VRF functionality on Cisco IOS and Nexus L3 devices and to support Juniper routers.
We have discovered that AlgoSec doesn’t work with loopback interfaces. We use OSPF and BGP, which run over multiple Virtual Routing and Forwarding (VRF-Lite) instances and, in some cases, distributors are connected to the core via loopbacks routed by an OSPF instance and a BGP address family. AlgoSec doesn’t recognize those loopbacks as a route, so it doesn’t find a route to the destination. This behaviour makes the “traffic simulation query” feature unusable in our environment.
3 years
I have not encountered any stability issues.
I have not encountered any scalability issues at all.
7
Technical Support:The level of technical support is good.
I did not previously use a different solution; we have been using this solution since 2012.
I don’t know if they evaluated other options before choosing this product.
This product only supports L3 devices such as Cisco IOS and Cisco Nexus, so if your primary network is based on a different technology, AFA wouldn’t be the best choice.