AlgoSec Reviews

I am working with AlgoSec for supporting my end clients and partners. AlgoSec has different functionalities. The primary use case of this solution is firewall policy management which helps most of the enterprise's customers to manage their L3 devices and multiple firewalls in their environment at a single console and audit firewall configuration from time to time. AlgoSec provides full visibility into the risk involved in firewall change requests. The network topology table helps to understand where the traffic flows through and where it's interconnected.

The comprehensive visibility of network security allows users to understand the dependencies between different policies. In the firewall analyzer, we can easily visualize and analyze all the devices within the network. To check the connectivity between the two devices, you can use the source's IPs and destination.

We can build the whole network topology using Algosec easily and provide optimization with all networks.

The verification of policies on all integrated firewalls with a minimal time period. 

The solution helps visualize and manage the hybrid network. 

Auto Discover applications and services are great. 

It simplifies security policy management. 

The product enhances visibility and control. 

Compliance automation and network topology are great. 

You can connect applications to security policy rules. 

Everything can be micro-segmented successfully.

We can easily identify risky rules. 

End-to-end security management is simple in that we can automate every change. 

It has effortless cloud management and can detect firewall configuration changes to spot unusual activities.

AlgoSec provides very good support to their clients. There are no complaints. That said, these items can be improved:

• Support can be improved as there are time delays for resolutions
• In the current version of AngloSec analyzer, we can not delete the object from all firewalls and need to do the task manually
• We need more effective topology diagram
• There are challenges in connecting the different security vendors
• User creation and assigning roles are a little bit difficult
• While upgrading we have to upload package files which can be downloaded from the Algosec website yet the downloading takes time

The stability is excellent.

The product performs well in the environment.

We did not previously use a different solution.

Licensing is based on a subscription model and the costs associated are worth it.

We did not evaluate other options.

I mainly use AFA and FireFlow. The majority of the network is internal. We have a very limited footprint in the cloud right now. But what we do have in the cloud is private. Being a financial institution, everything is very secure. So we don't have anything in the public cloud.

We're primarily using AlgoSec for firewall management and change validation. So we use it for monitoring all the firewall changes and security ratings. Any kind of firewall change is monitored and we have our own process that we use AlgoSec for to validate that changes are implemented according to the requests and go through all of the change approval processes.

We are using it for the firewall change auditing process for our department. They are one of the leaders that we found in this area. There is a very limited group of vendors that provide this kind of functionality and we've gone through the majority of them. AlgoSec still stands out as the leader, in our opinion.

We primarily use AFA for the change management portion of it. But the security ratings also are used by our security group to ensure compliance and validate that nothing is being configured that is not in our best interest.

The overall visibility AlgoSec gives into our network security policies has been very good. We are happy with the way the application works. It is very intuitive and easy to use. I would give that a very high rating.

AlgoSec provides full visibility into the risk involved in firewall change requests as well. It definitely allows us to drill down to the level where we can see the actual policy rule that's affecting the risk ratings. If there are any changes in ratings, it'll show you exactly how to determine what's changed in the network that will affect it. It's been very clear and intuitive as far as that.

I don't know if it has reduced the time it takes to implement firewall rules in our company. We don't use it for implementing changes because our network is very in-depth and we're very particular with our security on that, that we do manually make all of our firewall changes. So we're not using the automated functionality of AlgoSec to do that for us. But I think that's more because of the restrictions that we have in our own network.

AlgoSec is very good when it comes to preparing for audits and ensuring our firewalls are in compliance. The security ratings are a major factor in that lately, as well as being able to show the configurations and how they affect the risk ratings. Whenever we do need to address any issues, it's very clear to show us exactly what the effects of the ratings are, as tied into the firewall policies.

We work with multiple security vendors. I'm not on the security team any longer. I went from network group to security and then back again. But our security group does work with AlgoSec and they use it very intimately for different functions.

Some of the auditing functionality needs improvement. Our major focus is the firewall validation process and tracking and verifying that changes are implemented correctly. We are actually doing parts of the auditing process manually. And getting any one of the vendors to bring out a good auditing process has been very difficult. AlgoSec does a good job of showing us the changes, but we're doing a manual process to actually audit it and do documentation that we can provide to our auditors that shows we're validating everything, and on top of it, that nothing gets implemented without being caught. Part of that could be improved upon.

I have been using AlgoSec since 2016, so it's been around five and a half years. 

The stability has been great. We had a minor bug with the latest version and development. I did work with support to get that ironed out. They resolved it so right now, it looks to be very stable. And we are looking to put that into production shortly.

The scalability seems very good. I haven't seen any restrictions if we were to bring in other hardware or other devices in terms of how to scale it out, either size-wise or vendor-wise.

We have our network group, which we use AlgoSec for, for investigating the risks, configuration issues and things like that. The security group uses it for risk ratings and compliance verification. Then we have a separate group, which is a different group of security that uses it for the firewall validation process. They're the ones that use it on a daily basis to investigate any firewall changes and tie those back to the original request and validate that they were implemented properly.

The support has been very good. They're very responsive, very quick to get back to you, and very helpful. They bring in developers very quickly and easily to get into the details. Our last issue we had seemed to be very unusual, and with their support, they brought in the actual developers that were working on this software and resolved it very quickly.

We used a couple of different solutions and they all have their problems. We thought we had a good solution at one point until we found out that it wasn't working properly. When you trust in an application like this and you believe in the numbers that it's giving you, you go with that as gospel until you find out that it's wrong. That vendor's support was just not on the level that we wanted. We were getting no response from them for a long time. So we finally gave up on them until we went to AlgoSec, and it was a much better solution for us.

The initial setup is very straightforward. It is very easy to integrate network devices into AlgoSec and manage them. It's even getting easier with the latest version. We integrated Palo Alto devices into AlgoSec and it is very simple to bring it in. We have a development server that we're testing out the latest version on, and that came in in minutes. It brought it all in automatically.

The earlier versions of AlgoSec, especially when they came out originally, would not integrate properly with Panorama. So at that point, we had to integrate AlgoSec to actually reach out to every firewall individually for configurations and change status. The current releases are now integrating directly into Panorama. It's just basically one connection into Panorama and it pulls in all of the configurations from there. It's much more simplified.

I don't really get involved in ROI. But I definitely think it's valuable to us and I think it is a good solution for us.

I don't get into the pricing aspect of it that much. But from my beliefs of it, I believe it is very cost-efficient compared to other vendors. Their licensing is very straightforward and they're easy to work with.

There were three main players at the time, we went through proof of concepts with each of them, and AlgoSec was definitely the strongest vendor in that group and we don't regret it at all. I think it is a good solution.

The other vendors were promising a lot more than they were actually delivering on when it came time to actually putting it onto our network and evaluating it. We were finding that things that they were telling us that they supported and were part of their packages were not actually functional at the time. So we did not go forward with them because of that. AlgoSec actually had everything working properly. It was very easy to set up and use and it did what they promised.

Their sales engineers have really been very helpful and very good at working with us. I have nothing bad to say about them. They were excellent and I have a good relationship with them. If I ever need anything, I'll reach out to either our sales executive or our SE anytime and they respond immediately to us.

I would say the biggest thing we've learned with it is how much information it does give you. It is a nice platform. It definitely drills in a lot of layers of security and efficiencies that you can do. We're not using it to its full potential for cleaning up policy rules. As most companies are now, they are short-staffed and overworked. But it definitely can be used a lot more than we are using it for. Overall, it's a great solution and I have not seen another vendor in this marketplace that does any better than this.

I would rate AlgoSec a nine out of ten. We would like to see the auditing functionality improved. But that would be the only shortcoming at this point. I do think that they are top of the marketplace for this.

We use AlgoSec Firewall Analyzer and FireFlow. 

Our primary infrastructure is all on-premise. We tend to leverage only SaaS components of the public cloud. We have over ninety sites including branch offices and Data Centers.

We have over on hundred firewalls and we are a PCI compliant organization. So, we use it for all of our change control around all of our firewall ACL deployments, as well as our risk profiling. We use Fireflow for the change management and audit control. The IT security department uses it for ACL reviews and ACL change requests.

Specifically, with FireFlow, we've managed to integrate that into our overall change advisory and request for change control process: requests flow through a ticket, through AlgoSec Fireflow, through our IT security department for approvals. We've taken advantage of all that. We generally do not have any out-of-band changes and those that happen are logged, tracked and reported on.

The Active Change component has helped reduce human error and given people more confidence the ACL changes have been applied as they requested.

AlgoSec has helped to simplify the job of our security auditors. Primarily, from an audit perspective, it's much faster than it ever was because they can review the ACLs all in one tool now, as opposed to asking for plain text CSV dumps of firewall rules. They can also respond a lot faster now to requests for ACLs as to whether or not they're valid or required because they can review the traffic simulator.

AlgoSec enables us to manage our dispersed environments in a single pane of glass for the firewalls. Seeing all of those firewalls in one view, we no longer need to use things like the Cisco ASDM for day-to-day ACL management. 

AlgoSec gives us a high level of confidence that our ACLs and our risk components are actually in line with our expectations. Because we run a lot of our firewalls as an internal change control boundary, we rely on them heavily to segregate security zones. It gives us a high level of confidence that things like third-party networks that ride on the backbone are segregated and appropriately defined.

The features I find the most valuable are the:

• Duplicate objects
• Unused rules
• Duplicate rules.

The traffic simulation has been really valuable, especially with other business units that aren't familiar with the firewalls but are looking to see whether or not traffic they're using or going to be putting on the network through projects is going to be impacted.

The overall visibility that AlgoSec gives into our network security policies is high. Our firewalls are our primary control boundary on the LAN. They give us the most amount of visibility we can get at that layer without microsegmentation.

AlgoSec provides us with full visibility into the risk involved in firewall change requests. That feature is important to us because we're a heavily risk-averse organization when it comes to IT control and changes, It allows us to verify, for the most part, that the controls that IT security is putting in place are being maintained and tracked at the security boundaries.

It has reduced the time it takes to implement firewall rules. We can sometimes do 20 to 30 ACL either adds, removes, or changes in a week. In some cases those changes are now down to minutes. Prior to AlgoSec, we would have to do all the manual verification which meant potentially logging into every related firewall, checking every ACL, and making sure that we got the placement correct.

We have a fairly complex routing environment that AlgoSec struggled with. The initial period when we were doing an installation with their support desk was fairly challenging.

I have been using AlgoSec for about a year and a half to two years.

We have not had any issues with stability.

So far, we haven't had any issues with scalability. We're at 100+ firewalls, all of them logging directly to the product without issue, and we're using it daily.

We've had a mixed experience with their support. It's swung the gamut from someone who will just reference their own publicly available knowledge base right up to someone going directly to the developers. That process has felt inconsistent. I never know which one I'm getting.

We were not previously using another solution. We chose AlgoSec because we knew that we were going to be managing ACLs globally at a rapid rate going forward and we needed a solution for that.

For our implementation strategy, we used their JumpStart process where they actually had an AlgoSec representative come to us and get us through the implementation. That resource was here for about a week. By the end of the week, it was up and running enough for us to complete the more organization specific components of the implementation.

We had three staff involved in the deployment and there's typically a team of about five of us involved in the daily maintenance and operations. We were all part of the JumpStart. 

About a dozen people now use the tool regularly and that number continues to increase.

For us, on the network team specifically, we're a small team relative to the number of devices that we manage. Having so many firewall rule changes come in on a regular basis, we were likely going to lose a body if not two, just to managing ACL adds and changes.

Initially, the licensing was a little bit unclear. We run a of our firewalls with high availability solutions and how licenses got presented and accounted for was unclear. Overall though, the licensing is pretty straightforward.

The licensing and support cost is fairly significant, likely out of reach for any small and most medium sized businesses without a significant security requirement.

We looked at Tufin and FireMon. At the time, FireMon was cloud-based and we had a policy that didn't allow us to use it.

We had met with AlgoSec a couple of times over the years at Cisco Live. We were familiar with their platform.

My advice would be to be ready to find out the things you probably didn't know. For us, there were a lot of rules that were implemented that weren't being used, a lot of objects that were duplicates.  We were unknowingly hoarding all kinds of configuration data that was no longer relevant.

Overall, I would rate AlgoSec a solid eight out of 10.

I use AlgoSec as a firewall analyzer. It helps review the changes made on the firewalls and determine who executed those changes. The tool automates predefined reports about non-used network objects, which is technically challenging for manual review.

By implementing AlgoSec, we've reduced the time and effort it takes to review firewall changes and audit logs. Before AlgoSec, we used to review each firewall manually, but now, the tool automates this process which saves us time.

The most valuable feature of AlgoSec is its ability to generate comprehensive reports. As a firewall analyzer, it's very useful for reviewing and collecting information at a single point. The tool also helps generate reports automatically, which is beneficial for us.

The graphical user interface in AlgoSec needs improvement. Sometimes it gets stuck, requiring multiple refreshes. Additionally, system integration with more products can be enhanced, like integrating the Blue Coat web filtering products.

I have been using AlgoSec since 2020.

The product is stable and reliable for our needs.

While we haven't tested it extensively, it has the capability to scale. We currently use it to manage eleven firewalls and nine routers. It has the ability to expand by adding more CPUs and memory.

Technical support is decent, although it can take time for them to handle more complex cases. The first level of support may lack the knowledge to solve advanced issues swiftly.

Positive

Before using AlgoSec, we manually reviewed and audited changes and reports.

The initial setup was easy for adding firewalls, despite some challenges when deploying the second module of AlgoSec.

The implementation was conducted by working with the vendor through remote sessions.

The return on investment is evident in the reduced time and effort for reviewing and auditing firewall changes.

I am not involved with pricing details since I mainly handle the technical aspects. However, the value from reduced time and effort justifies its cost.

I would recommend AlgoSec for enterprise environments that make frequent changes. Smaller environments with infrequent changes may not benefit as much.

Algosec is a cybersecurity tool that benefits the organization with a smooth operation of the network infrastructure and by managing the firewall. 

It is user-friendly and easy to implement and manage. It can be installed on-premises as well as on the cloud. It visualizes the complex networks and creates a dynamic network topology map. 

Using Firewall Analyzer, security and operations teams can optimize the configuration of firewalls, routers, web proxies, and related network infrastructure to ensure security and compliance.

Algosec helps with device onboarding and offboarding, managing access, and overseeing information security.

Algosec helps customers across the globe optimize their firewall policies and bring the best performance.

AlgoSec supports a wide range of devices and is constantly working to include support for many other vendor devices.

The solution checks on vulnerability scans often and reports.

Auto policy orchestration has helped our organization.

We can get all the firewall-related data with a single click. There is effective work on synchronizing with all the firewall gateways, including the management server.

The most valuable aspects of the solution include:

• Hybrid network security topology. A centralized dashboard provides a bird's eye view of the company's network infrastructure, like firewalls, routers, switches, and cloud.
• Security Policy Management. Automates the entire security policy management process.
• Compliance. Conducts complaints checks.
• Audit capabilities. Generates comprehensive reports for auditing.
• Cloud security management. Manages security policies in both on-prem and cloud environments.
• Network segmentation. You can design and implement the network segmentation that controls security breaches.

The solution needs improvements in the following areas:

• Algosec does not support vendors like Sophos, SonicWall, Forecepoint, and so on.
• Traffic simulation and fire flow need to be improved.
• The solution has insufficient documentation.
• They need to improve tech support in India.
• Deleting objects from each firewall is tedious, and it has to be done manually.
• An effective topology diagram can be provided.
• It is a challenge to combine different security vendors. 
• To upgrade, we have to upload package files which can be downloaded from the Algosec website, however, downloading takes time.

I've used the solution for two years.

We did not previously use a different solution.

We did not evaluate other options. 

We use this solution for Firewall Rule Management, to know who did what and why.

We use AlgoSec FireFlow to create Rules for the Firewalls with detailed information. It is used by end-users who supply the requirements for which this rule is needed, and then it goes to Security for approval.

We use AlgoSec Firewall Analyzer to get the audit reports on the firewall and to verify that change, which was approved by the Security and Network teams, is implemented in the right way.

It is a great tool for audit purposes.

Also it tells us if our firewall is compliance with PCI or not.

We use this for Compliance purposes also.

They are both integrated with each other.

This solution is helping us in the long term for managing the firewall configurations.

AlgoSec FireFlow Network Security solution is an end-to-end solution that ensures that firewall changes are approved, necessary, and implemented in the right way.

If some change is not implemented correctly then it warns you right away.

Also, while migrating from Cisco to AlgoSec, we can see the hit counts on the security rules and when the last time each rule was used. Depending on this information, we only use security rules that are more recently used when configuring new firewalls for migration.

For Palo Alto Firewalls, we have configured a lot of virtual routers as part of the network. This segmentation allows different network traffic to be isolated from a security point of view.

For us, it is a great management and audit tool.

This appliance has a lot of great features to offer.

You can buy the physical appliance or VM depending on your company requirements.

Features we like are:

1. Multi-approval AlgoSec Fireflow rule creation system. The end-user can only implement the rule if it is approved by all of the IT groups.
2. Very good integration with other vendor's products like Cisco or Palo Alto Firewalls.
3. This Appliance gives you the full Network MAP, which is obtainable from the Routing table.
4. It is easy to find whether a security policy is blocked, as well as where and by which device.

We love all the features of this device. It can be a bit expensive for small companies but they also have a VM model for that.

It seems that AlgoSec created a VSYS (Virtual system) for each virtual router name, even though our firewall has only a single VSYS. We are ok to work with this, but if this can be fixed in a future release then that will be great.

We have been using this solution for three years.

We have had no Hardware or Software issue so far with this Product.

This Appliance never went down and whenever we did any software upgrades it went very smooth. Also in our environment we had no issues due to any software bugs.

Their Software is pretty stable and bug free.

We love the scalability of this product.

This solution has Five Star technical support.

It is great to work with its Customer and Technical support team.

We used a different solution prior to this one and we had issues integrating with our new firewall vendor which was Palo Alto

The initial setup is straightforward, and we had no issues during the installation.

We performed the implementation in-house.

It seems we have recovered our money on this appliance, so it is money well spent.

Initial setup was not that hard. Vendor did this for us.

Licensing depends on how many firewalls your company has.

They have license options for small to big customers depending on the network.

Price is fair for Licensing and Product.

We evaluated a few other options, including Tufin, before choosing this solution.

My advice is to go with this product. It is easy to set up and use. It has great features and very good technical support to back it.

So far, we find ourselves below limitations on this appliance with the version we are currently running.

Overall, this is a Great security management product with good automation options to help your security teams function.

We utilize this solution to manage policies for our firewalls. At first, we used it to keep a record of our policies: Who changed something, when, and whether the policy is allowed or not. We now use it to map our traffic flows and to flag a policy that is not allowed by the criteria we have set for our different types of firewalls.

We used it initially to go through all of our policies on over 800 firewalls, to organize the policies and map out our policy flows to certain zones. That enabled us to know how to structure our policies.

We spent a year going through our firewall policies to clean them up because before, when we were on Cisco ASA firewalls, we had a very hard time regulating what types of firewall policies were being created, and it was even harder to review them. After we moved to Palo Alto firewalls, we decided that that was the best time to load our policies into AlgoSec and review them. That way we not only converted to a more capable next-generation firewall, we could also ensure the policies were strong.

AlgoSec has helped significantly with our firewall compliance. Before AlgoSec it was a very manual job to go through firewalls and look for risky rules. Now, we get alerts when a risky rule is created. This allows us to maintain compliance and run compliance checks monthly. As a result, we have saved many hours of work by our operations folks. They were the ones who had to manually review all of the firewall policies and create evidence of their review in a very scrappy fashion.

With AlgoSec, we can show a view of firewall compliance that is clean and easy to read and present. This also helps our business units ensure their policies are clean. With that data, we are able to show management that the firewalls connected to our network, but owned by other business units, meet our standards.

We like that we have been able to identify risky rules, based on the criteria we have set. We also like the ability to push policies from AlgoSec to the firewalls to ensure risky policies are never created in the first place. That's a feature that will help us in the future as well.

We are moving towards an automated environment so the ability to work with Ansible, ServiceNow, and Palo Alto gives us the ability to automate our firewall policy creation. And it does so in a manner where we do not have to worry about a policy being created that may put our organization at risk.

Support for Layer 7 policies, including User-ID and threat profiles with Palo Alto firewalls, has been a pain point from us. We would like to include the additional info specifically because we believe it changes the riskiness of the rule if it is only set for a specific user or a group of users. For example, if we have what looks like an "allow all" to a certain /24 network, but for only one user, we would give that a different score than if no user was identified.

AlgoSec has been very stable for us.

It scales well.

We have had our issues resolved very quickly.

We used Tufin. 

The initial setup was very simple. We just set up SNMP.

We used a vendor team and they were great.

The ROI for us is the great assurance we have in the security of our firewall policies.

Be sure to scale properly.

We evaluated Tufin.

This solution will help you significantly with compliance, the part of your job that may not be your favorite.

• We use the Firewall Analyzer extensively to manage our firewall security policies. 
• We use it to assist in processing firewall changes, clean up unused rules and objects, and perform rule re-certifications.

We could not effectively manage our security policies before using the Firewall Analyzer tool. We had never performed a firewall cleanup. We could not meet our Audit Requirement of re-certifying without the Firewall analyzer tool.

Firewall Analyzer's policy optimization reports: They provide the data needed to perform all the activities mentioned above. 

We have had challenges with technical support as mentioned earlier. However, we have a new account team and they are very responsive and addressing our concerns. 

We had a number of issues moving from 6.11 to 2107.1 but have found the latest code 2018.1 to be much more stable.

No issues with scalability in our environment. We do not have a large number of managed devices as we only manage our 21 firewalls.

We have had challenges with technical support as mentioned earlier. However, we have a new account team, and they are very responsive in attending to our concerns.

No, we evaluated AlgoSec and Tufin, and we selected AlgoSec.

The initial setup is very intuitive and not an issue for those with a good understanding of security, networks and the company's use of them.

In-house and we should have employed the vendor/professional services for an engagement to assist in the FireFlow implementation.

This is a difficult question to answer quantitatively. I'd say it is a great story when determining ROI for the Analyzer. We could not meet audit requirements, including PCI, which had the potential for large fines going forward.

The ROI for FireFlow is more of an incomplete story, and much of the issue is the way in which we implemented it.

We also purchased AlgoSec's FireFlow tool. We have had challenges getting value from it, and it is because the scope of this tool is very broad compared to Analyzer. In hindsight, we should have created a formal project and management backing to ensure success with this tool. 

The scope of a Fireflow implementation touches many organizations and we did not have an appreciation of the need for involvement of so many.

Tufin.