AlgoSec Reviews

AlgoSec enables organizations to have end-to-end visibility and control over application connectivity across complex hybrid IT environments spanning data centers, cloud, containers, and legacy systems. This allows organizations to automate analysis of how applications interconnect and depend on each other as well as the underlying infrastructure. 

When new applications are deployed, or existing ones are migrated, AlgoSec can rapidly determine the minimal policy changes required to maintain security and compliance.

While AlgoSec already provides substantial capabilities around managing security policies and compliance, there is an opportunity to further enhance its intelligence to take a more proactive security posture. Specifically, AlgoSec could look to incorporate advanced machine learning techniques to analyze network traffic, application logs, and user behavior to detect anomalies and identify emerging threats. 

Going beyond just mapping the authorized connectivity, AlgoSec could leverage unsupervised ML clustering algorithms and deep learning models to find high-risk anomalies and subtle attacks.

It allows organizations to identify risks, reduce attack surfaces, and streamline policy changes required to deploy or migrate applications safely and quickly. 

With ever-changing infrastructure and threats, keeping security policies optimized is extremely challenging. AlgoSec's continuous monitoring capabilities allow organizations to maintain proper controls and compliance coverage as the application landscape evolves. No longer are security changes made blindly. 

AlgoSec gives organizations the visibility and intelligence needed to make application connectivity changes confidently while managing risk and compliance. Having all these capabilities seamlessly integrated into one platform makes AlgoSec a powerful tool for digital transformation initiatives involving constant application change.

While AlgoSec provides comprehensive visibility and management of security policies across hybrid environments, there is an opportunity to further expand its intelligence capabilities. 

Specifically, AlgoSec could look to incorporate more machine learning to analyze network traffic patterns and application behavior to detect anomalies indicative of emerging threats and policy violations. Going beyond just mapping connections, it can automatically flag high-risk flows and unusual events for further investigation.

I've been using the solution for more than a year.

We've used Cisco Tetration in the past.

The price is not the lowest, however, it is reasonable and offers good ROI.

We also evaluated Tufin.

We hope, in the future, to have more flexible pricing plans.

Our team operates within the support division, assisting customers who primarily utilize AlgoSec through on-premises deployments. They rely on this solution to analyze and manage firewall policies, enhance their security measures, and receive recommendations for optimizing their firewalls.

Specifically, we utilize the AlgoSec Firewall Analyzer component of the solution. Recently, we conducted a proof of concept (POC) of AppViz for a customer who utilizes FireFlow. This POC was successful, and it is likely that some of our other customers may express interest in implementing AppViz within the coming year.

Implementing firewall rules within our organization has been significantly expedited thanks to AlgoSec. 

This product plays a crucial role in preparing us for audits and ensuring firewall compliance. With its assistance, we are able to assess security and firewall rating points, offering valuable advice to our customers regarding the optimization of their firewall and security rules.

One of the key benefits of AlgoSec is its ability to simplify the tasks of our security engineers. By providing essential guidance to administrators responsible for managing firewalls, streamlines their responsibilities and enhances their efficiency in carrying out their duties.

The Firewall Analyzer component of the solution offers remarkable compatibility and proves to be highly valuable and easily manageable.

Our customers have found the Intelligent Policy Tuner to be incredibly helpful, and during the proof of concept (POC), it emerged as a significant selling point for our clients. They expressed great interest in utilizing this feature.

Setting the log options to "extensive" provides us with excellent visibility into our network security policies. This extensive logging enables us to generate detailed reports and receive change notifications, thereby enhancing our overall visibility.

AlgoSec plays a crucial role in providing comprehensive visibility into the risks associated with firewall change requests. This feature proves especially important when presenting security reports to upper management.

The solution's automation capabilities significantly contribute to reducing human error and misconfigurations. If the tool detects a drop in security and firewall policy points, it promptly notifies administrators via email about potential misconfigurations. This proactive approach allows us to promptly address and rectify any issues, ensuring that the security and policy points are restored.

Introducing greater flexibility in editing alerts would be a highly appreciated improvement.

The solution currently faces visibility and compatibility challenges when it comes to Palo Alto firewalls, making it difficult to generate reports. Since the reports heavily rely on logging, the product encounters obstacles with Palo Alto's logging system. Enhancing compatibility with Palo Alto firewall reports is crucial for seamless reporting.

A notable customer demand is the implementation of a user-based policy within AlgoSec. This feature would enable the solution to provide advice on user policy rules while also ensuring compatibility with identity awareness functionalities. Meeting this customer requirement would be highly beneficial.

The most common use cases include:

• Performing audits on an annual basis with the help of information security
• Remediating risky rules by trusting them or remediating them at the firewall level
• Unused rules and disabled rules are addressed on a regular basis
• All firewall changes are monitored through AlgoSec with the help of change notifications
• Improving compliance and risk management and connections revolving around the network Layer 3
• Locating objects and addressing any issues on a much quicker basis

We were able to improve the security ratings of our firewalls. It helped us with annual audits, change notifications, rule assessments, and visibility in general.

It improved compliance and risk management and connections revolving around the network Layer 3.

We can get all the firewall-related data with a single click and effectively work on synchronizing with all the firewall gateways including the management server.

It helps us with firewall audits on an annual basis with the help of information security.

We remediate risky rules by trusting them or remediating them at the firewall level.

We address the unused rules and disabled rules on a regular basis.

All firewall changes are monitored through AlgoSec with the help of change notifications.

It improved compliance and risk management and connections revolving around the network Layer 3.

It helps locate objects and address any issues on a much quicker basis.

RFEs are kept open for too long. We had requested a couple of features, including the ability to trust implicit rules, and IPT doesn't run on IPSEC-enabled firewalls (Cisco to be specific). We had reported these issues for over four years now and still we do not see any resolution.

There is no visibility for the changes made to the NAT rule policies.

Adding objects or object groups on the firewall also do not generate a change notification.

There is no visibility for changes made to the secondary standby firewall if the firewalls are added as a cluster.

I've used the solution for more than five years.

We did not previously use a different solution.

We did not evaluate other options. 

We use AlgoSec Firewall Analyzer and AppViz. We have bought the FireFlow license, but we do not use it currently. We plan to use it, but we are not using it right now. 

Firewall Analyzer is helpful for network assurance and meeting some requirements of PCI DSS. 

We use it to manage only our on-prem environment. Our network environment is mostly on-prem. We do not use cloud networking. We have an internal cloud, which is hosted in the Netherlands, but it is like a private cloud.

It gives us a pretty good understanding of what's going on in our network in terms of network security policies. In terms of the overall visibility that it gives into our network security policies, I would rate it a nine out of 10.

For preparing for audits and ensuring that our firewalls are in compliance, Firewall Analyzer gives a great overview of what's going on with the firewalls in terms of rules, etc. It offers a great input for auditors or for reporting to auditors.

We use Firewall Analyzer in order to monitor the PCI DSS network area. It is helpful for meeting some requirements of PCI DSS.

We work with multiple security vendors. It works when it comes to integrating it with the leading vendors. We didn't have any problems integrating with the solutions of our top three vendors.

Firewall Analyzer and AppViz are the most important features because they provide a lot of information regarding network segmentation. For us, this is a valuable input in order to provide network segmentation for various applications that we have developed in-house or that we bought from vendors. Our network is not properly segmented right now, but we plan to do it using AlgoSec. This is the most important feature for us right now. We also plan to use FireFlow in order to automate the firewall change management.

The Firewall Analyzer module can be improved to implement a vulnerability management solution, or they can link Firewall Analyzer with a vulnerability management solution in order to get a better overview of what's going on in our network in terms of vulnerabilities.

We started implementing AlgoSec in April this year.

So far, so good. We didn't have any problems. It is pretty stable.

From what I've heard and what I've read on their portal, it is pretty scalable. There are no issues around this.

We have not opened any tickets on the portal. We have a dedicated support person who assists us in the deployment. They are pretty fast to react. If I ask them a question today, they will respond very quickly.

We didn't have a different solution.

It was pretty straightforward. We started implementing AlgoSec in April this year. We are not fully into production, but we have been using it since May. Technically, it took less than a month, but we still have to do some paperwork in terms of security procedures, security monitoring, etc. So, it has been all paperwork from May till today.

The patching process of this solution is also pretty straightforward. They provide monthly patches, and it doesn't take a whole bunch of people to maintain it. Just one or two people can do the job.

Even though we had a reseller involved in this process, we did it on our own but with a little help from AlgoSec.

We have not yet seen an ROI. We are currently at the beginning of implementing the solution, and there is still a lot of time before we see a return on investment.

Price is not my concern. If a tool does its job, it is not my concern to obtain a good price for it. If a tool is needed, we are going to buy it.

We evaluated other solutions such as Skybox, Tufin. We found the graphical user interface of AlgoSec to be very user-friendly. It provides the information that you need. The information that you need is very well organized as compared to other solutions.

It depends on your needs. If you want to have a better overview of your network, AlgoSec is a tool that you can rely on. You can have an overview of your network by using your own equipment, but you have to dig in deeper. AlgoSec provides better visibility with a little amount of effort.

We haven't had any breaches in the past. We have not used it to implement and manage microsegmentation initiatives. We use it for network segmentation, which is done at the network level which includes firewalls, switches routers, and so on. Network segmentation is an ongoing process. 

I would rate it a nine out of 10.

We primarily use the AlgoSec solution to monitor and interpret the risk status in our firewalls. Seeing the troublesome situations experienced in our firewalls from the same point of view sometimes does not help to solve the problem. However, thanks to AlgoSec, it is of great benefit to observe these risks from a different perspective and to see that they improve in the process. Being able to see and follow these changes makes the work of system administrators and risk analysts much easier.

It is of great benefit to observe the firewall risks from a different perspective and to see that they are improving in the process. When the effects of tightening and improvements are checked regularly, we can better monitor the current risk situation. It is a difficult process to examine the security risks in detail in each of our products and in our firewalls which may be different brands and models. AlgoSec enables us to manage this process in a central way.

AlgoSec can monitor the current status of firewalls. Other vendors mostly focus on working with daily tasks, however, AlgoSec is able to follow the live status and current issues or changes with the help of push technology. It can be easily integrated with different firewall devices (even different brands and models). In this way, it becomes very easy to monitor different risks from a single interface. Thanks to the web-based management screen, it can be easily managed through any end-user operating system.

At the integration point, a manual page could be added to the dashboard where directions about the products are explained in detail. In this way, if the system administrator wants to integrate a new product, they will be able to integrate this product by following these directions, even if they do not have deep knowledge of the product in question. Integrating different products should not require us to have to wait for coordinated work with a product specialist.

I've used the solution for almost four years.

In terms of stability, we have no complaints so far. We didn't face any problems.

This solution works well in mid-size companies. 

Customer service is very good and educated. However, the process to open a ticket sometimes could be harder than necessary since we need to collect some logs from the dashboard and upload them to the related ticket before submitting it.

Positive

I've used the Skybox Security solution as well.

The product offers an almost straightforward setup. It is easy to install and integrate.

I installed the product by myself.

We cannot calculate ROI based on vulnerability or data leak issues.

The cost and licensing are reasonable.

I did not evaluate other options.

We resell AlgoSec, and I provide professional service for AlgoSec. Our customers get good value from it. Our clients are usually large businesses, between 25,000 to 40,000 employees.

The primary use cases are for:

• the optimization of firewalls,
• getting reports, 
• compliance for ISO 27001 and PCI DSS.

It helps us to see what changes users make on a firewall by the users. AlgoSec identifies in real-time any changes on the firewalls. It also optimizes the firewall policies, rules, and objects. 

There is a compliance that is required where we need to provide a report for the optimization of firewalls that is part of PCI DSS and ISO 27001. So now many organizations use AlgoSec to monitor and optimize their firewalls. 

In addition to compliance, they also use AlgoSec to ensure that their environment is well-secured. They can see what changes are being made to the firewalls and by who, which is part of the compliance. They use AlgoSec to achieve that and also to track real-time changes. 

One of the problems that I've used AlgoSec to solve is to identify what's blocking a particular rule, object, or network traffic with the AlgoSec network simulator. It has a traffic simulator and a query simulator, where you can input the destination, the source, and the service, and then you can do a simulation of that traffic and see what firewall, object, or rule is blocking that traffic from going through. 

AlgoSec is easy to use and very easy to implement. Within three hours after downloading AlgoSec, you can start to see value immediately. Within that same time, you can generate reports almost immediately. 

Another valuable feature is the way it produces reports. It checks to see if you pass a particular policy. It also shows you recommendations to fix it. That's a very good feature. 

I like the traffic simulation too and queries. I'm not sure other solutions provide that. You can also use it to get a network topology and network map of your environment and see what's happening. 

These are some of the good features that make AlgoSec stand out.

AlgoSec support is exceptionally good. They have very good support. I use several solutions because I'm a security engineer. I implement security solutions for my customers and AlgoSec stands out in support. You can always rely on their support.

The customization and fine-tuning of the policies could use improvement. There's a place where you can modify the network maps and network. It is not so straightforward unless you have experience with it. It would make it more flexible and everyone can use it effectively if they improve that.

I have been using AlgoSec since 2018.

They have updates at least twice a year, so, it is very stable. I'd rate the stability a nine out of ten.

I have a new client that is using it on the cloud, and it's as effective as the on-prem version. The scalability is very good. I would rate it eight out of ten.

The support is very responsive and knowledgeable. You can rely on support for speed and to have the ability to resolve a problem. 

Positive

The initial setup is very straightforward.

After downloading the software it takes around one hour or so. It is fast.

There are usually updates and fixes. Support is always available to assist whenever there's a need for it.

I think the pricing is fair because when I speak to our partner manager, we can always get reasonable discounts but it can be better. Many people do not want to spend a lot of money on security. If the price was a little lower it would make it more affordable for smaller businesses.

I would always recommend AlgoSec to other users. 

I would rate AlgoSec overall an eight out of ten. 

AlgoSec is an exceptionally good solution. I didn't give it a perfect ten because the UI of the platform could be improved and the pricing could be lower. That would make it more interesting. Also, the modification or fine-tuning of policies could be easier. 

We have four firewalls and two routers in our environment. We also have a business application. At first, it was very difficult to connect to each firewall individually, see my environment as a whole, and determine where traffic was being blocked and who made changes. AlgoSec provides a solution to all of this in a single platform.

Being able to see where traffic is blocked using traffic simulation provides me with great convenience. Additionally, with FireFlow, I can handle this in a single action instead of taking actions on each firewall individually.

Thanks to Algosec, especially with the FireFlow and AppViz modules, I have managed the regulation compliance I need to adhere to through baseline compliance and checked my compliance with it. Without connecting to my firewalls one by one, I was able to handle all my changes with FireFlow in a single-handed manner according to a specific plan. I was able to clearly see the accesses to the application in my environment and the vulnerabilities of the application. The reports section was very useful in tightening up my policies.

Country-specific regulations should be added when required. Doing this on my own with baseline compliance is quite difficult.

Additionally, I would like AlgoSec to provide suggestions such as "this object includes that object" for my objects on the Check Point firewall. For my Fortigate manager, the support of the active change feature is important to me. 

Lastly, the FireFlow interface could be simplified a bit more. I agree that it is user-friendly, but on the other hand, it can be difficult to organize and find certain things.

I have been using AlgoSec for one year. 

We haven't encountered any interruptions while the product is running. It operates very stably.

We can add devices very quickly whenever we need to, with additional licenses.

I received sufficient and useful responses within a maximum of one day.

Positive

Straightforward. We imported the ova file and that's all, then just clicked add devices.

It has been a very useful and suitable investment for us.

The setup is very easy, and while I can't say anything definitive about the pricing in terms of competition, licensing is also quite straightforward.

We have tried Tuffin.

Our primary use of AlgoSec is to ensure the smooth operation of our network infrastructure. 

We are responsible for device onboarding and offboarding, managing access, and overseeing information security. While AlgoSec offers robust security features, we primarily utilize it for network and firewall management. 

It integrates seamlessly with major vendors like Palo Alto, Check Point, and Cisco, although there may be some limitations with other brands. We employ AlgoSec Firewall Analyzer, FireFlow, and AppViz, all of which are deployed on-premises. On average, we have around 15 daily users, including requesters and direct users from various teams.

AlgoSec has significantly enhanced our troubleshooting capabilities. We can quickly pinpoint the causes of routing issues and conduct traffic simulations to identify potential problems. This has streamlined our analysis processes, which is a major advantage.

Moreover, AlgoSec simplifies the work of our security engineers in two key ways. First, it streamlines the approval process for flow requests, with the security team assessing risk and granting approvals. Second, it facilitates audits by providing effortless access to firewall configurations and permitted traffic data, making compliance checks much smoother.

FireFlow, a component of AlgoSec, has been particularly valuable for us. It serves as a centralized platform for managing firewall rule requests, making it easy to understand and implement these requests efficiently. Additionally, Firewall Analyzer helps us identify missing routing information and check firewall status without the need to access individual devices.

AlgoSec has significantly reduced human errors and misconfigurations, especially during firewall implementation. It provides comprehensive information, minimizing the chances of oversight or omission. While it's not flawless, it typically alerts us when something cannot be implemented, ensuring transparency.

The standout features of AlgoSec include FireFlow, which simplifies firewall rule management, and Firewall Analyzer, which enhances visibility by identifying missing routing and firewall data. AlgoSec's flexibility in defining custom risk metrics and generating reports based on them has been highly beneficial.

AlgoSec's scalability has been excellent for our needs. We've made architectural changes, including incorporating remote agents, and scaling up has been straightforward. The integration with Cisco ACI has been somewhat seamless, although it hasn't added significant functionality to AlgoSec's security features.

We've also found AlgoSec invaluable during cloud migrations. It aids in extracting information from old servers to guide migration technicians on what needs to be opened for new servers.

While AlgoSec offers many advantages, there are some areas for improvement. Certain features, like comments in FireFlow, could be made more customizable. Additionally, some features require a learning curve and may necessitate support from AlgoSec, which can be challenging at times.

While AlgoSec offers many advantages, there are some areas for improvement. Certain features, like comments in FireFlow, could be made more customizable. Additionally, some features require a learning curve and may necessitate support from AlgoSec, which can be challenging at times.

I've used the solution for one year.

We didn't use a different solution.

We did not evaluate other options.