AlgoSec Reviews

AlgoSec was used as a firewall setting, but we had issues with change management, approvals, and the workflow to deploy firewall rules. The tool covers the technology and intelligence, but we had a lot of manual work to convince sponsors and correlated areas that used AlgoSec or needed to open a firewall rule.

AlgoSec has a feature that provides intelligence on which rules are correct. It was crucial in helping us understand which rules were important and which ones could be turned off or removed, simplifying the structure. It helps prioritize actions and performance needs. The performance boost we had was huge. We were considering buying new firewall structures, but with AlgoSec, we just organized the rules and avoided spending more money on the environment. 

We faced internal challenges with our services and the process. If we had a closer approach from AlgoSec with instructions on how to build or change the management process, how to improve our environment, it would have been better. The big problem was more about the approval and request roles, and bureaucratic side of things.

I left the company a couple of years ago. I bought AlgoSec in 2022, and after a few months, I left the company and joined a different one that already had AlgoSec infrastructure in place.

The technical support was really technical and had a more technological view of the problem. Here in Brazil, we have a lot of discussions, conversations, and meetings, so the technology didn't resolve the problem we had like that. 

Positive

I wouldn't recommend AlgoSec for environments with fewer than 500 rules or without multiple offices, as the solution is quite complex to deploy and engage teams. It's more suitable for larger enterprises with complex environments. If you have a complex environment, AlgoSec is a good choice, but for smaller or medium-sized companies with fewer firewalls, it's easier to manage with the console provided by the vendor. If your site has complexities and you deal with multiple firewall vendors, AlgoSec simplifies management. However, if you only have one vendor, it's better to avoid adding more consoles. For environments with multiple vendors and many rules, AlgoSec or any firewall management tool would help.

Overall, I would rate AlgoSec ten out of ten, considering the complexities of the companies I've worked with. The tool needs to be managed by expert teams who understand both the technology and the change process.

I am working with AlgoSec for supporting my end clients and partners. AlgoSec has different functionalities. The primary use case of this solution is firewall policy management which helps most of the enterprise's customers to manage their L3 devices and multiple firewalls in their environment at a single console and audit firewall configuration from time to time. AlgoSec provides full visibility into the risk involved in firewall change requests. The network topology table helps to understand where the traffic flows through and where it's interconnected.

The comprehensive visibility of network security allows users to understand the dependencies between different policies. In the firewall analyzer, we can easily visualize and analyze all the devices within the network. To check the connectivity between the two devices, you can use the source's IPs and destination.

We can build the whole network topology using Algosec easily and provide optimization with all networks.

The verification of policies on all integrated firewalls with a minimal time period. 

The solution helps visualize and manage the hybrid network. 

Auto Discover applications and services are great. 

It simplifies security policy management. 

The product enhances visibility and control. 

Compliance automation and network topology are great. 

You can connect applications to security policy rules. 

Everything can be micro-segmented successfully.

We can easily identify risky rules. 

End-to-end security management is simple in that we can automate every change. 

It has effortless cloud management and can detect firewall configuration changes to spot unusual activities.

AlgoSec provides very good support to their clients. There are no complaints. That said, these items can be improved:

• Support can be improved as there are time delays for resolutions
• In the current version of AngloSec analyzer, we can not delete the object from all firewalls and need to do the task manually
• We need more effective topology diagram
• There are challenges in connecting the different security vendors
• User creation and assigning roles are a little bit difficult
• While upgrading we have to upload package files which can be downloaded from the Algosec website yet the downloading takes time

The stability is excellent.

The product performs well in the environment.

We did not previously use a different solution.

Licensing is based on a subscription model and the costs associated are worth it.

We did not evaluate other options.

The company has a lot of sites that are involved in food production and has locations with on-premises firewalls and a data center. There is a cloud in Asia as well.

Right now, AlgoSec is being used to optimize the firewall and the firewall policies, and to clean up any unused rules or those that are too open.

We have 10 to 15 users.

I like that the firewall will analyze the tools within the risk profiles and the policy optimizations within the AFA. This can also be used to create reports for the customer with the risk profiles to optimize the firewall rules.

I think it's a powerful tool that gives good visibility. One of AlgoSec's nice features is the map of your entire environment. When you need to change something, you can see the whole path for the traffic, that is, where you need to implement the change, where the traffic is blocked, and where it's allowed.

AlgoSec provides full visibility into the risks involved in firewall change requests. This is important because when your environment grows to a certain scale, it becomes harder and harder to get the full overview of all your firewalls and rule sets.

AlgoSec can reduce the time it takes to implement firewall rules. I tried the FireFlow module in a course with AlgoSec. With active implementation, it smooths out the process so much more. If you have two or three firewalls that you need to implement, AlgoSec does everything for you. It reduces the time in terms of both looking through your environment to see where you would need the firewall rules and implementing them as well.

If you're just looking at your firewalls, you might not notice all the security risks and open rules. AlgoSec's automation helped to reduce human error and misconfigurations. It helps with cleanup and keeps your firewall as tight as possible. It helped to simplify the job of our security engineers.

Our organization works in multiple environments, and the firewalls are located across the globe. This solution enables us to manage these multiple or dispersed environments in a single pane of glass.

I'm responsible for the maintenance of the server, that is, patching and upgrading, and it's straightforward. It cleans itself up with the retention and everything you configure on it. 

All our firewalls were renamed, and AlgoSec saw these devices as new devices. As a result, all the reports from the same device but with the old hostname were no longer connected. AlgoSec did not clean up the old reports as well. After a few days, it depleted its own storage, and then, the server became inaccessible. 

There's no fail-safe for AlgoSec to not stop creating reports if its own storage is at 98% or 99% capacity because the server becomes inaccessible when it reaches 100%.

I've also been fighting an issue with the Chisel service running on the server regarding AlgoCare for some time now. I have been in contact with AlgoSec's technical support regarding this, and they've been helpful and responsive.

I've been using AlgoSec for six months, but the organization has been using it for some time.

When it doesn't fill its own storage and kills itself, the stability is fine. It has only happened one time; the ms-metro service went down, so the web GUI became inaccessible. All in all, though, the stability is good.

AlgoSec's technical support is swift, knowledgeable, and professional. We had some issues when we upgraded from A32.10 to A32.20, and they helped us to get it up and running again. All the contact I've had with them has been very positive, and I'd give them a ten out of ten.

Positive

Consider whether your infrastructure needs this solution. The organization should be a specific size before this product will come in handy for you. If you are a large enterprise with a lot of sites and a large infrastructure, then you should certainly consider using AlgoSec. I've loved working with it and would rate it a ten on a scale from one to ten.

We primarily use the AlgoSec solution to monitor and interpret the risk status in our firewalls. Seeing the troublesome situations experienced in our firewalls from the same point of view sometimes does not help to solve the problem. However, thanks to AlgoSec, it is of great benefit to observe these risks from a different perspective and to see that they improve in the process. Being able to see and follow these changes makes the work of system administrators and risk analysts much easier.

It is of great benefit to observe the firewall risks from a different perspective and to see that they are improving in the process. When the effects of tightening and improvements are checked regularly, we can better monitor the current risk situation. It is a difficult process to examine the security risks in detail in each of our products and in our firewalls which may be different brands and models. AlgoSec enables us to manage this process in a central way.

AlgoSec can monitor the current status of firewalls. Other vendors mostly focus on working with daily tasks, however, AlgoSec is able to follow the live status and current issues or changes with the help of push technology. It can be easily integrated with different firewall devices (even different brands and models). In this way, it becomes very easy to monitor different risks from a single interface. Thanks to the web-based management screen, it can be easily managed through any end-user operating system.

At the integration point, a manual page could be added to the dashboard where directions about the products are explained in detail. In this way, if the system administrator wants to integrate a new product, they will be able to integrate this product by following these directions, even if they do not have deep knowledge of the product in question. Integrating different products should not require us to have to wait for coordinated work with a product specialist.

I've used the solution for almost four years.

In terms of stability, we have no complaints so far. We didn't face any problems.

This solution works well in mid-size companies. 

Customer service is very good and educated. However, the process to open a ticket sometimes could be harder than necessary since we need to collect some logs from the dashboard and upload them to the related ticket before submitting it.

Positive

I've used the Skybox Security solution as well.

The product offers an almost straightforward setup. It is easy to install and integrate.

I installed the product by myself.

We cannot calculate ROI based on vulnerability or data leak issues.

The cost and licensing are reasonable.

I did not evaluate other options.

The most common use cases include:

• Performing audits on an annual basis with the help of information security
• Remediating risky rules by trusting them or remediating them at the firewall level
• Unused rules and disabled rules are addressed on a regular basis
• All firewall changes are monitored through AlgoSec with the help of change notifications
• Improving compliance and risk management and connections revolving around the network Layer 3
• Locating objects and addressing any issues on a much quicker basis

We were able to improve the security ratings of our firewalls. It helped us with annual audits, change notifications, rule assessments, and visibility in general.

It improved compliance and risk management and connections revolving around the network Layer 3.

We can get all the firewall-related data with a single click and effectively work on synchronizing with all the firewall gateways including the management server.

It helps us with firewall audits on an annual basis with the help of information security.

We remediate risky rules by trusting them or remediating them at the firewall level.

We address the unused rules and disabled rules on a regular basis.

All firewall changes are monitored through AlgoSec with the help of change notifications.

It improved compliance and risk management and connections revolving around the network Layer 3.

It helps locate objects and address any issues on a much quicker basis.

RFEs are kept open for too long. We had requested a couple of features, including the ability to trust implicit rules, and IPT doesn't run on IPSEC-enabled firewalls (Cisco to be specific). We had reported these issues for over four years now and still we do not see any resolution.

There is no visibility for the changes made to the NAT rule policies.

Adding objects or object groups on the firewall also do not generate a change notification.

There is no visibility for changes made to the secondary standby firewall if the firewalls are added as a cluster.

I've used the solution for more than five years.

We did not previously use a different solution.

We did not evaluate other options. 

We use it for planning firewall changes and traffic simulation queries.

We use AFA (AlgoSec Firewall Analyzer) and FireFlow. Our network environment is mostly on-premises.

It has improved the way our organization functions in that, for our change process, we now require all changes to be planned using AlgoSec so that the security team has visibility into the changes and we're aware of any risks. We also are using the covered rules and risky-rule detection to improve our security posture.

We haven't fully implemented the processes, so we haven't measured any reduction in human error as a result of using the solution, but subjectively, it has reduced human error.

It has also helped to simplify the jobs of our security engineers.

The most valuable features for us are the functionality it provides for our two main use cases: planning firewall changes and traffic simulation queries.

We haven't used it yet to prepare for audits and ensure our firewalls are in compliance, but I think it will be very helpful for that. That's one of the main reasons we bought it.

We are using it with a couple of Cisco technologies and we're also sending events out to our Microsoft Sentinel workspace. We have a couple of other security technologies in there as well. AlgoSec integrates well with the Cisco ACI environment and with our Firepowers, our FTDs. There are still some bugs but it generally works well.

The overall visibility it gives us into our network security policies is pretty good but it has some bugs and shortcomings. It doesn't support all features on our firewalls. For instance, planning changes, which include net rules, doesn't work. It didn't integrate so well with the ACI network. It doesn't work with all firewall rules or with net rules on our firewalls.

For about 70 percent of firewall changes it does show us the risks, while for 30 percent of the changes, we can't plan because of these bugs and shortcomings.

I have been using AlgoSec for about a year.

The stability is good.

We've had no problems in terms of scalability.

I'm sure we will continue to add firewalls to it and we want to do more with the FireFlow.

Their technical support is good but it can be slow.

Neutral

The initial setup was straightforward.

We have about 10 engineers using it, and just one person who looks after it, maintenance-wise.

We used their personal services to help us set it up. We had an onboarding package. It wasn't me doing the configuration but it seemed straightforward with their support.

Our experience with them was good overall. We had some frustrations and surprises in the early days with the product not being completely compatible with our environment. But over the last year, they've been fixing the bugs which is making it much more usable. When we started, it had a lot of problems with our environment. We were only able to plan something like 40 percent of the changes, and the traffic simulations weren't working with our network environment. But now, we're up to close to 70 percent.

It took about nine months before it was properly integrated and enough of the bugs had been fixed for it to be helpful.

We are not measuring the effort saved or the errors avoided, but we think it's a good investment.

Initially, it was more expensive, but we managed to negotiate the price. It's about average now.

In addition to the standard fees, we bought the Jumpstart package to help us configure it.

We looked into Tufin. We chose AlgoSec because of its support for Cisco ACI. Tufin was just releasing that and we felt that AlgoSec was a more mature product.

At the moment, it hasn't reduced the time it takes to implement firewall rules in our organization. It's being used to improve the quality of the changes we make and improve visibility. But we haven't fully implemented the FireFlow features. That's our problem, rather than the tool. We just haven't finished implementing it.

We're only using AlgoSec for on-premises, but we do have environments in the cloud and we plan to use it for those in the future. It would help us manage these multiple environments in a single pane of glass, but for the moment we aren't using it in that way. However, we do have a number of firewalls that we have onboarded from acquisitions, so we are not just using it for our data centers. We're using it for smaller acquisitions' firewalls as well to understand the security posture of companies that we are purchasing.

My advice would be to make sure that the solution is completely compatible with whatever infrastructure you have. We should have spent more time evaluating its support for our infrastructure to avoid some of the problems or surprises we had when we implemented it.

We use the solution for firewall management (with AFA - AlgoSec Firewall Analyzer) and application network visibility (with AppViz).  

We are running multiple firewalls and hundreds of users who request firewall connectivity.  

When it comes to a large organization with many vendors/partners, our firewalls are more easily managed using the AlgoSec AFA component.  The ease of use, visibility, compliance, and efficiency is unmatched in the industry. 

We have used AlgoSec AFA to have more visibility into the network and know what firewalls to activate. 

AlgoSec AFA has great search tools and firewall cleanup functionality. 

The Algsec AppViz is a newer Algosec element that we will use to improve application security and visibility in our complex network.

The firewall management tool and AppViz for application visibility and security in the network are great. 

The user-friendliness, visibility, compliance and efficiency are unparalleled in the industry. We have more visibility into the network and now we know what firewalls to activate. 

AlgoSec AFA has great search tools.

The firewall cleanup functionality is helpful. 

We also enjoyed the use of AlgoCare which speeds up the ticket troubleshooting process with AlgoSec Support.

I would say that the cases opened with AlgoSec could be solved faster or escalated sooner to the senior engineers/2nd or 3rd tier. AlgoSec Support is very good at responding very fast (faster than the required SLA) and very timely. Their engineers are based either in India or Israel. Each region has its sales person and technical engineer person.  

Another pet peeve is that there are hotfixes for new issues or bugs at least once a month, if not more frequently.  Overall, AlgoSec is trying to improve its case-resolution support team and process, and we are optimistic that our issues or bugs will be fixed much timelier.

We've used the solution for over three years.

It is a very stable product.

The solution is very scalable.

Customer service and support are very prompt, always complying with SLAs. However, the time to resolution can be improved.

Neutral

We did not use a different solution previously.

The initial setup is very straightforward, and the online documentation and AlgoSec engineer support are more than adequate.

We set up the solution in-house.

I am not privy to the financial benefits or ROI for this product.

I am not privy to the cost of the product, as I am a Network Specialist.

The AlgoSec solution was selected before I joined the organization.

Our primary use of AlgoSec is to ensure the smooth operation of our network infrastructure. 

We are responsible for device onboarding and offboarding, managing access, and overseeing information security. While AlgoSec offers robust security features, we primarily utilize it for network and firewall management. 

It integrates seamlessly with major vendors like Palo Alto, Check Point, and Cisco, although there may be some limitations with other brands. We employ AlgoSec Firewall Analyzer, FireFlow, and AppViz, all of which are deployed on-premises. On average, we have around 15 daily users, including requesters and direct users from various teams.

AlgoSec has significantly enhanced our troubleshooting capabilities. We can quickly pinpoint the causes of routing issues and conduct traffic simulations to identify potential problems. This has streamlined our analysis processes, which is a major advantage.

Moreover, AlgoSec simplifies the work of our security engineers in two key ways. First, it streamlines the approval process for flow requests, with the security team assessing risk and granting approvals. Second, it facilitates audits by providing effortless access to firewall configurations and permitted traffic data, making compliance checks much smoother.

FireFlow, a component of AlgoSec, has been particularly valuable for us. It serves as a centralized platform for managing firewall rule requests, making it easy to understand and implement these requests efficiently. Additionally, Firewall Analyzer helps us identify missing routing information and check firewall status without the need to access individual devices.

AlgoSec has significantly reduced human errors and misconfigurations, especially during firewall implementation. It provides comprehensive information, minimizing the chances of oversight or omission. While it's not flawless, it typically alerts us when something cannot be implemented, ensuring transparency.

The standout features of AlgoSec include FireFlow, which simplifies firewall rule management, and Firewall Analyzer, which enhances visibility by identifying missing routing and firewall data. AlgoSec's flexibility in defining custom risk metrics and generating reports based on them has been highly beneficial.

AlgoSec's scalability has been excellent for our needs. We've made architectural changes, including incorporating remote agents, and scaling up has been straightforward. The integration with Cisco ACI has been somewhat seamless, although it hasn't added significant functionality to AlgoSec's security features.

We've also found AlgoSec invaluable during cloud migrations. It aids in extracting information from old servers to guide migration technicians on what needs to be opened for new servers.

While AlgoSec offers many advantages, there are some areas for improvement. Certain features, like comments in FireFlow, could be made more customizable. Additionally, some features require a learning curve and may necessitate support from AlgoSec, which can be challenging at times.

While AlgoSec offers many advantages, there are some areas for improvement. Certain features, like comments in FireFlow, could be made more customizable. Additionally, some features require a learning curve and may necessitate support from AlgoSec, which can be challenging at times.

I've used the solution for one year.

We didn't use a different solution.

We did not evaluate other options.