AlgoSec Reviews

I used AlgoSec for risk assessment and managing firewall rules, including risk assessment and firewall policy automation.

My use of AlgoSec included the FireFlow module, which is a firewall automation tool. Additionally, AlgoSec's risk analysis module was beneficial.

The user interface for AlgoSec has remained unchanged for the last ten years and could benefit from being more interactive and informative. Additionally, a cloud offering as a SaaS would relieve the burden of managing hardware, applying numerous patches, and monitoring the health state of the solution. Implementing a SaaS service would allow for immediate value realization.

I used AlgoSec from 2020 to 2025, approximately four to five years.

I rate the stability at eight out of ten, indicating a reasonably stable solution.

I rate the scalability at nine out of ten, demonstrating a robust ability to expand and cater to large enterprises.

I rate customer service at six or seven out of ten. Both response time and quality need improvements. While there is a dedicated engineer program that provides consistent support, regular support without this subscription is lacking.

At my previous company, I used AlgoSec but shifted to using Tufin in my current role.

The setup process for AlgoSec is fairly simple.

Pricing for AlgoSec is fairly competitive. Rating the pricing on a scale from one being high to ten being low, the price is considered competitive without being specified absolutely.

I currently work with Tufin and have observed that AlgoSec is slower in adopting new technologies like cloud compared to Tufin and FireMon. Tufin and FireMon are leaders in technology change adoption.

My overall rating for AlgoSec, based on my last experience in January, would be seven out of ten. AlgoSec is suitable for enterprises that manage about 300 firewalls, and the burden on the solution is more about the number of firewalls and policies managed rather than the number of users. For technical functionality, I find Palo Alto to be better since AlgoSec does not support time-based objects or specific categorization groups.

On-premises

AlgoSec's primary use case is for change auditing and change monitoring on security devices. It helps in receiving regular alerts about changes happening on devices, making it much easier to audit those changes, identify any issues, and figure out which recent changes caused them.

We experienced a critical issue when our perimeter firewall, which was a Check Point firewall, was not processing traffic. All traffic through our data center going towards the internet and requests coming from the internet to our data center were not working, creating a complete outage situation. To identify what caused it, I verified the AlgoSec logs through the auditing functionality and checked the recently made changes that might have caused the issue. This helped us determine what changes were made recently. We rolled back those changes, and the issue was fixed without spending more time on troubleshooting.

AlgoSec also helps us in auditing. We have auditing happening every year, and we track what changes we make, what the change requests were against those particular changes, and ensure that changes had required approvals in place, making overall auditing and compliance easier for us.

The standout feature of AlgoSec is real-time monitoring and alerting. We receive emails for every change that happens on any of the devices, with the ability to customize the email and integrate it with ticketing tools to review whether a change request was raised or not. AlgoSec also provides historical auditing of the devices with changes, allowing us to store logs at an external syslog.

In my day-to-day work, I rely most often on real-time monitoring and change auditing.

The impact of AlgoSec on my organization has been positive. Manual intervention has completely decreased because when the compliance or legal team comes to us asking about what changes happened in the last quarter or two quarters, it used to be a manual task. Now we can export the logs within a few minutes by selecting the target device and the time period for the changes, making it very much less time-consuming and more productive.

I would like to see automation support on AlgoSec, allowing me to run scripts and API calls to export whatever I need.

I have been using AlgoSec for more than two years, and I also used it in my earlier experience when I was part of previous companies.

AlgoSec is quite stable in my experience with no downtime or reliability issues.

AlgoSec handles growth well, demonstrating good scalability.

When we are unable to export audit logs for a specific firewall or device, we raise the case with their support team and receive timely help from them. I can give the customer support a rating of ten. Although I did not have many requests, I received timely assistance whenever I raised a case.

We did not use a different solution earlier, but we did explore various products while selecting AlgoSec. Before choosing AlgoSec, we evaluated a few options, including NetMRI as one of the solutions.

I have seen a return on investment with AlgoSec. It is a complete time-saver, reducing the workload on the individual or team and enabling them to invest that time into more productive tasks.

If you are looking for an auditing tool to check or audit the changes happening around your network devices or security devices, and you want to export auditing logs or track changes, you should definitely evaluate AlgoSec. I would rate this review a nine out of ten.

Private Cloud

Other

In our company, we primarily use AlgoSec to analyze and optimize firewall policies. This solution is invaluable for cleaning up rules and objects. It allows us to identify which rules are redundantly covered by others, detect unused objects in rules or groups, and pinpoint duplicated objects. Additionally, AlgoSec aids us in reducing overly permissive rules that have accumulated due to legacy changes.

Our environment consists of several systems with different policies, all managed under a single management console. This unified approach helps us maintain a clean and efficient object rule base across the board. 

By using AlgoSec, we can ensure our firewall settings are both streamlined and effective, significantly enhancing our security posture. Furthermore, the insights provided by AlgoSec empower us to make informed decisions about which rules are necessary and which can be consolidated or removed, ultimately optimizing our network performance and security management process.

AlgoSec has significantly improved our organization by streamlining our firewall management process. With the use of AlgoSec FireFlow and AlgoSec Firewall Analyzer (AFA), we have been able to maintain clean and efficient firewall policies. AFA has been instrumental in helping us clean up existing firewall rules, ensuring that our policies are optimized and free of redundancies. By identifying and removing obsolete or duplicate rules, we have improved our network's security and performance.

FireFlow has been particularly beneficial in automating policy change processes, allowing us to keep our firewall policies clean and up-to-date. This automation not only reduces the potential for human error but also speeds up the implementation of necessary changes.

AlgoSec has saved us considerable time and energy when it comes to various tasks, such as risk analysis and assessing the impact of potential changes. By providing clear insights into which rules are already implemented and effective, we can focus our efforts on areas that truly need attention, ensuring our resources are used efficiently. Overall, AlgoSec's solutions have optimized our security management, enhancing both our operational efficiency and our ability to protect critical assets.

One of the most valuable features we've found in AlgoSec is its ability to analyze network flows to help define new, less permissive rules. This functionality is crucial for enhancing our network's security posture by ensuring that only necessary traffic is allowed. By examining the actual traffic flows within our network, AlgoSec provides insights into where existing rules may be too permissive, allowing us to tighten them without disrupting legitimate business operations.

This feature not only assists in making our security policies more precise but also helps in minimizing the attack surface by restricting unnecessary access. As a result, we can confidently implement rules that align more closely with the principle of least privilege while still accommodating essential connectivity and services. The ability to refine our firewall rules in this informed manner enhances both our security and compliance efforts, making this feature particularly valuable to our organization.

While AlgoSec offers robust capabilities, there are areas where the product could be further enhanced. One specific area that could benefit from improvement is the rule analysis feature, particularly in terms of defining objects within a new rule. Currently, the process seems to be more focused on network-level analysis rather than on objects, which sometimes requires us to perform multiple iterations to achieve optimal results.

Enhancing the tool to provide more object-oriented analysis could streamline the process of rule creation and modification, allowing for more precise and efficient policy management. Additionally, incorporating advanced capabilities for identifying and recommending the most appropriate objects for new rules would minimize manual effort and potential errors, thereby increasing accuracy and saving time.

For future releases, we would like to see more seamless integration between AlgoSec Firewall Analyzer (AFA) and FireFlow. Enhancing the connectivity between these tools would simplify transitioning from AFA to FireFlow, making it easier to create change tickets directly. This improvement would streamline our change management processes, enabling us to implement and monitor policy changes more efficiently and with greater accuracy.

I've used the solution for six months.

On-premises

We use app flow, Firewall Analyzer, and FireFlow. We use AlgoSec to gain visibility on firewall rules and for gap-cleaning projects to clean up the firewalls. We also use the solution as a firewall assurance tool to stay clean, have an optimized set of firewalls, and then automate firewall rules deployed from start to finish.

We have on-prem data centers and 180 sites all over the world.

Additionally, we use cloud services, infrastructure as a service, platform as a service, and software as a service. The majority of it is standardized on Cisco networking with Fortinet security solutions, except for the data centers, which are Check Point.

The purpose is to gain visibility into firewall rules. We used it to go through a gap-cleaning project to clean up the firewalls. We also use the solution as a firewall assurance tool to stay clean and to have optimized firewall rules. In addition, we use the solution to automate firewall rule deployment from start to finish, so we have a complete change process in FireFlow and can automatically deploy the firewalls on appliances. For that, we also built a connection with BMC Remedy because that's the main tool used for change management.

AlgoSec has improved our organization through a safer firewall rule base and better time-to-market IT services provided to the rest of the organization. Those are the two main improvements. In general, AlgoSec has provided a better security posture.

Customizability is AlgoSec's best feature. You can customize everything and build anything you like, and that's a feature we missed in competitors' solutions.

AlgoSec is not a tool where people with little knowledge of security or IT can find their way around. AlgoSec has a less user-friendly interface compared to competitors, but it is comparatively more customizable. As such, the interface is more on the complex side.

I have been using AlgoSec for four years.

AlgoSec is a stable solution. There are bugs, but those do not affect the system's stability. We have not had any unplanned downtime since we started.

We use the solution 24x7 to record cyber rules, with about 50 changes per week.

The solution is scalable and we have approximately 50 users.

The initial deployment was complex because we were integrating with ITIL systems since we had integrated with BMC Remedy. The integration with Check Point was complex because we were on the wrong version. We had to go through various administrative processes to update Check Point. If AlgoSec was more flexible in the ways one could integrate and the versions one could integrate it with, that would help.

A team of ten people handled the deployment, including testers, and they took approximately three months. The end-to-end deployment took just over two years. We did not migrate from a previous solution.

We have seen a return on investment only with efficiency gains and improved security posture. That might transfer to a monetary value, but we haven't assessed that.

I find the price too expensive. It looks a bit like SAP, so it does have standard functionality out of the box, but you will spend a lot of money if you want to customize it. However, the price is not as extreme as SAP or Oracle, but the actual implementation does turn out to be expensive. 

We finally chose AlgoSec over Skybox for its customizability, the options for integration, and the workflows. Though Skybox was much more user-friendly, it was weaker when it came to integration options and customizability.

In our organization, we work with multiple security vendors, and integrating with leading vendors for the most part is easy, but there are some exceptions. The solution made integration with the majority of devices really easy, but it was really cumbersome with some devices.

The solution has massively reduced human error through automation by about 95%.

As far as multiple environments are concerned, we have a private cloud, which is just a data center hosted by an external party. We have a public cloud, multiple vendors, and multiple regions. We also have decentralized data centers throughout the world.

We're investigating combining the solution with Cisco ACI.

The cost versus the achieved business goals is in balance.

I recommend that new users do a proof-of-concept before choosing AlgoSec. I would rate the solution an eight out of ten.

Hybrid Cloud

Other

Our primary use case is identifying unused tools and junk rules, including objects that are created but whose exact user and traffic cannot be tracked. I've deployed AlgoSec to address this use case, as it performs its job well by allowing me to block multiple unused rules and objects while permitting only the required traffic.

AlgoSec has helped streamline our environment by interacting with risky users and managing risky traffic. It has minimized manual involvement while providing clear, readable reports based on compliance standards.

One of the most valuable features of AlgoSec is its capability for identifying unused and risky rules, which cannot be done through manual analysis. AlgoSec analyzes logs and provides insights on risky rules and wide-open access scenarios, like when access was granted to too many users. It helps in minimizing security risks by allowing reporting and adjustments accordingly.

There should be improvements in the analysis between internal zones, such as internal to DMZ or guest to DMZ. These scenarios should be considered critical and enhancements should be made, even if the risk score is set high. Improvements are also needed in the area of PCI, specifically the PCI controller.

I have been using AlgoSec for about two years.

The solution is stable, and even if there are issues or it goes down, it does not impact the environment significantly.

Scalability is favorable since the solution is actively being developed. Specifically, for firewall perspectives, scalability is satisfactory.

Customer service is good as we have a dedicated person from the technical team who supports us whenever required.

Positive

Before AlgoSec, we were using Tufin, which required significant manual effort.

The initial setup was straightforward, taking only one or two hours. Once necessary components like VMs and CPUs are ready, implementation is seamless.

Initially, we had assistance from AlgoSec's technical team to set things up, but moving forward, no additional help is required.

I have not directly observed a reduction in costs or resources, but AlgoSec provides training when required, and they visit us for new feature introductions and solutions.

The pricing is manageable. While there are less expensive options available, AlgoSec provides a middle variance solution and is cost-effective in comparison to others.

AlgoSec minimizes manual efforts in creating compliance standards reports that are clear and readable.

Overall, I would rate AlgoSec nine out of ten.

Private Cloud

Other

My primary use case to use this solution was to get visibility into my multi-vendor network environment into a single pane of glass making it easy to have compliance and audits done seamlessly. 

Also, it is letting me know if any changes are required over different network devices if I bring a certain new application in the environment (discovering its dependencies) and then push the changes from the single console. Also, it needed to verify if there are any unnecessary rules with the attribute "any" over all the firewalls that the solution was able to cover.

It helped me in managing the multi-vendor network devices with also mapping the required network level prerequisites for my application to be able to handle their network needs in an automated and seamless manner. It also removed the need for multiple approvals with Fireflow. 

It also made compliance and audits very easy for my organization. It was able to give visibility of the changes on the firewall with a who-when-what scenario. It helped me to document all the risks related to any change request that I made.

The way the solution helps in managing, reporting and seamless security policy change automation for the connectivity between the network devices and the applications is great. 

The visibility provided by the single pane of glass for managing multi-vendor firewalls is excellent and then pinpointing network connectivity issues is certainly on a very good level. 

The majority of the value comes with automating of the entire security - i.e., the policy change process from design and submission to proactive risk analysis, implementation and auditing.

They need to improve the web interface to be a little more interactive and friendly. It's still not bad, yet it could improve. 

They could improve AlgoSec academy, as there are some bugs when it comes to advancing resources. When trying to do the certification, I got stuck in one module, which prevented me from completing the certification. 

The only downside of AlgoSec is that it seems to need some updates as it relates to UX and potentially some more outlined integrations. Specifically with cloud platforms and tools.

I have been using the solution from the last six months and have been quite happy with it.

This was my first solution and I have been continuing with this solution only for future needs until it satisfies all of my use cases.

I evaluated other options as well, however, where their capability ended, i.e. firewall analyzing capability, AlgoSec provides much better capabilities.

On-premises

I use AlgoSec as a firewall analyzer. It helps review the changes made on the firewalls and determine who executed those changes. The tool automates predefined reports about non-used network objects, which is technically challenging for manual review.

By implementing AlgoSec, we've reduced the time and effort it takes to review firewall changes and audit logs. Before AlgoSec, we used to review each firewall manually, but now, the tool automates this process which saves us time.

The most valuable feature of AlgoSec is its ability to generate comprehensive reports. As a firewall analyzer, it's very useful for reviewing and collecting information at a single point. The tool also helps generate reports automatically, which is beneficial for us.

The graphical user interface in AlgoSec needs improvement. Sometimes it gets stuck, requiring multiple refreshes. Additionally, system integration with more products can be enhanced, like integrating the Blue Coat web filtering products.

I have been using AlgoSec since 2020.

The product is stable and reliable for our needs.

While we haven't tested it extensively, it has the capability to scale. We currently use it to manage eleven firewalls and nine routers. It has the ability to expand by adding more CPUs and memory.

Technical support is decent, although it can take time for them to handle more complex cases. The first level of support may lack the knowledge to solve advanced issues swiftly.

Positive

Before using AlgoSec, we manually reviewed and audited changes and reports.

The initial setup was easy for adding firewalls, despite some challenges when deploying the second module of AlgoSec.

The implementation was conducted by working with the vendor through remote sessions.

The return on investment is evident in the reduced time and effort for reviewing and auditing firewall changes.

I am not involved with pricing details since I mainly handle the technical aspects. However, the value from reduced time and effort justifies its cost.

I would recommend AlgoSec for enterprise environments that make frequent changes. Smaller environments with infrequent changes may not benefit as much.

On-premises

We resell AlgoSec, and I provide professional service for AlgoSec. Our customers get good value from it. Our clients are usually large businesses, between 25,000 to 40,000 employees.

The primary use cases are for:

• the optimization of firewalls,
• getting reports, 
• compliance for ISO 27001 and PCI DSS.

It helps us to see what changes users make on a firewall by the users. AlgoSec identifies in real-time any changes on the firewalls. It also optimizes the firewall policies, rules, and objects. 

There is a compliance that is required where we need to provide a report for the optimization of firewalls that is part of PCI DSS and ISO 27001. So now many organizations use AlgoSec to monitor and optimize their firewalls. 

In addition to compliance, they also use AlgoSec to ensure that their environment is well-secured. They can see what changes are being made to the firewalls and by who, which is part of the compliance. They use AlgoSec to achieve that and also to track real-time changes. 

One of the problems that I've used AlgoSec to solve is to identify what's blocking a particular rule, object, or network traffic with the AlgoSec network simulator. It has a traffic simulator and a query simulator, where you can input the destination, the source, and the service, and then you can do a simulation of that traffic and see what firewall, object, or rule is blocking that traffic from going through. 

AlgoSec is easy to use and very easy to implement. Within three hours after downloading AlgoSec, you can start to see value immediately. Within that same time, you can generate reports almost immediately. 

Another valuable feature is the way it produces reports. It checks to see if you pass a particular policy. It also shows you recommendations to fix it. That's a very good feature. 

I like the traffic simulation too and queries. I'm not sure other solutions provide that. You can also use it to get a network topology and network map of your environment and see what's happening. 

These are some of the good features that make AlgoSec stand out.

AlgoSec support is exceptionally good. They have very good support. I use several solutions because I'm a security engineer. I implement security solutions for my customers and AlgoSec stands out in support. You can always rely on their support.

The customization and fine-tuning of the policies could use improvement. There's a place where you can modify the network maps and network. It is not so straightforward unless you have experience with it. It would make it more flexible and everyone can use it effectively if they improve that.

I have been using AlgoSec since 2018.

They have updates at least twice a year, so, it is very stable. I'd rate the stability a nine out of ten.

I have a new client that is using it on the cloud, and it's as effective as the on-prem version. The scalability is very good. I would rate it eight out of ten.

The support is very responsive and knowledgeable. You can rely on support for speed and to have the ability to resolve a problem. 

Positive

The initial setup is very straightforward.

After downloading the software it takes around one hour or so. It is fast.

There are usually updates and fixes. Support is always available to assist whenever there's a need for it.

I think the pricing is fair because when I speak to our partner manager, we can always get reasonable discounts but it can be better. Many people do not want to spend a lot of money on security. If the price was a little lower it would make it more affordable for smaller businesses.

I would always recommend AlgoSec to other users. 

I would rate AlgoSec overall an eight out of ten. 

AlgoSec is an exceptionally good solution. I didn't give it a perfect ten because the UI of the platform could be improved and the pricing could be lower. That would make it more interesting. Also, the modification or fine-tuning of policies could be easier. 

On-premises