AlgoSec Reviews

* Network map - to see how firewalls and routers are connected.

* Traffic simulation - to emulate traffic through the rule-base and see if you need to open additional ports/services.

* FireFlow - to order new firewall openings.

* Less overhead on the network security department since the user can verify the rules themselves.

* Risk profiles helps find disallowed traffic.

* Policy cleanup feature is really good for removing unused rules, etc.

* More unified UI

Since 2013

AlgoSec AFA provides visibility and enhancement opportunities on the firewalls. You can observe risk trends, regulatory and baseline compliance, as well as live changes and change history.

AlgoSec improved our firewall visibility and related control points.

Needs continuous improvements in all areas since firewall vendors are improving their products and the IT security industry is definitely improving itself.

3 years

Deployment is easy, no issues at all.

No issues so far.

8/10

8/10

No previous solution

Initial setup and deployment was straightforward.

We got help from a partner, 8/10

We evaluated two other vendors in addition to AlgoSec.

• Audit reports
• Firewall rule optimization

There are hundreds of firewall administrators, and each one of them creates rules. Optimizing these rules and being able to make them more logical is a key feature of AlgoSec.

The reporting features need to be improved.

I've used it for one year.

We did encounter an issue with integrating it with the firewall, but we then found that the firewall was the culprit not AlgoSec.

No issues encountered.

We need to carefully plan scaling AlgoSec.

7/10.

9/10.

This is my first implementation.

There were guides available, and the more you read, the easier it becomes.

I am am a vendor. I work at Dimension Data as a network engineer who deploys these solutions.

We also looked at Tufin.

It's a very flexible product, and you can make the most from the available features on the box.

• Analyzer
• Fireflow
• Business flow

It's helped optimize our firewall configuration and eased our troubleshooting.

The reporting feature needs work.

I've used it for six months.

It's expensive to get new licenses.

It was straightforward.

We used a vendor team who were 9/10.

It is expensive, but it's worth it.

I tested Firemon which is great, the only problems were the lack of a web GUI interface and our Apple clients couldn’t connect to it.

We also looked at ManageEngine.

Go ahead if you can afford it!

As a value-added distributor, we sell the AlgoSec solution primarily to financial institutions and Telcos. This is done through our partner network. The main use case we see is process automation. Customers can manage several firewalls or network devices with a single pane of glass.

Policy optimization, visibility, and a faster change management process has reduced unnecessary times required for manually changing processes. The resources are now utilized more effectively for other areas.

• Risk Analyzing: Short time analysis and accuracy
• Policy Optimization: Removing garbage policy rules and improving the performance of network devices
• Compliance: For Audits in the short term

There is room for improvement in the rollback process.  

What we would like to see in the future is related to support. For integration with newly supported devices, we require a proper support matrix with an escalation process.

In regards to stability, there is no complexity. We have not seen many faults reported by our customers. Faults are rectified quickly. 

AlgoSec facilitates several form factors where customers can choose different options, including both hardware and software. For CloudFlow customers, we now have the SaaS model as well.

The support from the AlgoSec team is prompt and helps to rectify the issues in a timely manner.

We did not use another solution prior to this one.

The initial setup is straightforward for many of our customers. However, when we integrate with some newly supported network devices there is a challenge in getting support from the AlgoSec team.

As the distributor, all of the implementations for our customers was done by our own engineers.

Depending on the customer it takes between twelve months and eighteen months to see ROI.

The pricing is flexible with a low cost setup. 

There is no complexity in the licensing methods.

As a distributor, we took AlgoSec as a complementary product to Fortinet, which was one of our main products.

Orchestrating a big network environment with 2600 Layer 3 devices for different brands. The environment spans several hundreds locations across all continents.

It gives control and visibility to the end users. It also lowers the burden of the security department.

• Its ability to describe the business, getting firewall rules as a result. 
  
• Creates the possibility for security engineers to obtain visibility on the complete environment.

Needs better integration between modules and also a better troubleshooting methodology. There are still a few improvements to be done in the user interface.

The HA solution is not good.

The HA solution is not good.

They provide good support, but sometimes lack the knowledge on a specific use case. It has improved in the last six months

No previous solution was used.

The initial setup was extremely complex due to our large environment.

As a partner of the vendor, we do the implementation at the customer site.

Use the entire suite for its best benefits.

Tufin was also evaluated.

• Workflow: Users utilize this tool to make their change requests, then once it is approved by a security team assessment, the network team will implement the changes.
• Troubleshooting: Tracks the flow and sees where it is blocked.

Automate the change documentation in MS Word format. Therefore, we can customize it, if needed.

• Traffic simulation queries allow an engineer to simply find all firewalls involved in the path between a source and a destination on a given service. AlgoSec allows an engineer to issue their own traffic simulation query to be tested against a single device's policy, or against a group of devices. When running a traffic simulation query on a group, AFA finds the devices in the path of the traffic and queries all these devices. Querying the policy or a group of policies produces an AFA report that shows whether traffic of the given service is allowed between the source and destination. If traffic is blocked by the device, you can then find out which rules block it.
• The change history feature provides detailed information about changes to the device, over the entire history of AFA reports for the device. The information is divided into policy changes and risk profile changes.
• The optimize policy feature allows an engineer to find out which rules are redundant, unused or already covered by other, more general rules. We can find:
  
  • Unused rules
  • Covered rules
  • Redundant special case rules
  • Consolidate rules
  • Disabled rules
  • Time-inactive rules
  • Rules without logging
  • Rules with empty comments
  • Duplicate objects
  • Unused objects within rules
  • VPN cleanup
  • VPN analysis report
  • Unused rules
  • Unused objects within rules

We can optimize and produce reports for 744 firewalls from different vendors (Check Point, Juniper, FortiGate, and Cisco) with one application.

We have requested improvement to VRF functionality on Cisco IOS and Nexus L3 devices and to support Juniper routers.

We have discovered that AlgoSec doesn’t work with loopback interfaces. We use OSPF and BGP, which run over multiple Virtual Routing and Forwarding (VRF-Lite) instances and, in some cases, distributors are connected to the core via loopbacks routed by an OSPF instance and a BGP address family. AlgoSec doesn’t recognize those loopbacks as a route, so it doesn’t find a route to the destination. This behaviour makes the “traffic simulation query” feature unusable in our environment.

3 years

I have not encountered any stability issues.

I have not encountered any scalability issues at all.

7

The level of technical support is good.

I did not previously use a different solution; we have been using this solution since 2012.

I don’t know if they evaluated other options before choosing this product.

This product only supports L3 devices such as Cisco IOS and Cisco Nexus, so if your primary network is based on a different technology, AFA wouldn’t be the best choice.