I use AlgoSec for compliance reports and security purposes. I also use it for monitoring. Monitoring is the best part of using AlgoSec, as I can monitor and connect again in security mode.
Associate Consultant at a security firm with 11-50 employees
Very easy to deploy, scalable, and enables us to monitor
Pros and Cons
- "AlgoSec has improved the functionality and the comfort of my organization. Whenever I have any issue, there is a chat box from the AlgoSec team that can help me whenever I need it. It's very easy to use, and I have done integration with it."
- "I would like for there to be more AI functionalities."
What is our primary use case?
How has it helped my organization?
AlgoSec has improved the functionality and the comfort of my organization. Whenever I have any issue, there is a chat box from the AlgoSec team that can help me whenever I need it. It's very easy to use, and I have done integration with it.
What is most valuable?
AlgoSec allows me to monitor who is making a change on my Check Point device. It is very easy to monitor.
What needs improvement?
I cannot think of anything that could be improved. Everything is good.
I would like for there to be more AI functionalities.
Buyer's Guide
AlgoSec
November 2024
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
For how long have I used the solution?
I have been using AlgoSec for about two years now.
What do I think about the stability of the solution?
There are zero stability issues. It's stable.
What do I think about the scalability of the solution?
It is scalable.
How are customer service and support?
The customer service and support are satisfactory. I am satisfied with it.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup was straightforward and took about forty-five minutes. I didn't have any issues when implementing it.
What about the implementation team?
There are two of us in our team, myself and one colleague.
What's my experience with pricing, setup cost, and licensing?
The pricing is moderate. It's not that cheap and it's not expensive.
What other advice do I have?
I would recommend Algosec to all. It is very easy to deploy, scalable, and enables us to monitor.
I would rate AlgoSec a ten out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
Last updated: Oct 14, 2024
Flag as inappropriateRegional Sales Manager - South India at Exclusive Networks
Great compliance and audit capabilities with useful network segmentation
Pros and Cons
- "AlgoSec supports a wide range of devices and is constantly working to include support for many other vendor devices."
- "Algosec does not support vendors like Sophos, SonicWall, Forecepoint, and so on."
What is our primary use case?
Algosec is a cybersecurity tool that benefits the organization with a smooth operation of the network infrastructure and by managing the firewall.
It is user-friendly and easy to implement and manage. It can be installed on-premises as well as on the cloud. It visualizes the complex networks and creates a dynamic network topology map.
Using Firewall Analyzer, security and operations teams can optimize the configuration of firewalls, routers, web proxies, and related network infrastructure to ensure security and compliance.
How has it helped my organization?
Algosec helps with device onboarding and offboarding, managing access, and overseeing information security.
Algosec helps customers across the globe optimize their firewall policies and bring the best performance.
AlgoSec supports a wide range of devices and is constantly working to include support for many other vendor devices.
The solution checks on vulnerability scans often and reports.
Auto policy orchestration has helped our organization.
We can get all the firewall-related data with a single click. There is effective work on synchronizing with all the firewall gateways, including the management server.
What is most valuable?
The most valuable aspects of the solution include:
- Hybrid network security topology. A centralized dashboard provides a bird's eye view of the company's network infrastructure, like firewalls, routers, switches, and cloud.
- Security Policy Management. Automates the entire security policy management process.
- Compliance. Conducts complaints checks.
- Audit capabilities. Generates comprehensive reports for auditing.
- Cloud security management. Manages security policies in both on-prem and cloud environments.
- Network segmentation. You can design and implement the network segmentation that controls security breaches.
What needs improvement?
The solution needs improvements in the following areas:
- Algosec does not support vendors like Sophos, SonicWall, Forecepoint, and so on.
- Traffic simulation and fire flow need to be improved.
- The solution has insufficient documentation.
- They need to improve tech support in India.
- Deleting objects from each firewall is tedious, and it has to be done manually.
- An effective topology diagram can be provided.
- It is a challenge to combine different security vendors.
- To upgrade, we have to upload package files which can be downloaded from the Algosec website, however, downloading takes time.
For how long have I used the solution?
I've used the solution for two years.
Which solution did I use previously and why did I switch?
We did not previously use a different solution.
Which other solutions did I evaluate?
We did not evaluate other options.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company has a business relationship with this vendor other than being a customer: Distribution
Buyer's Guide
AlgoSec
November 2024
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
Security Engineer at a tech consulting company with 1,001-5,000 employees
Helps with cleanup and keeps firewalls as tight as possible
Pros and Cons
- "I like that the firewall will analyze the tools within the risk profiles and the policy optimizations within the AFA. This can also be used to create reports for the customer with the risk profiles to optimize the firewall rules."
- "All our firewalls were renamed, and AlgoSec saw these devices as new devices. As a result, all the reports from the same device but with the old hostname were no longer connected. AlgoSec did not clean up the old reports as well. After a few days, it depleted its own storage, and then, the server became inaccessible."
What is our primary use case?
The company has a lot of sites that are involved in food production and has locations with on-premises firewalls and a data center. There is a cloud in Asia as well.
Right now, AlgoSec is being used to optimize the firewall and the firewall policies, and to clean up any unused rules or those that are too open.
We have 10 to 15 users.
What is most valuable?
I like that the firewall will analyze the tools within the risk profiles and the policy optimizations within the AFA. This can also be used to create reports for the customer with the risk profiles to optimize the firewall rules.
I think it's a powerful tool that gives good visibility. One of AlgoSec's nice features is the map of your entire environment. When you need to change something, you can see the whole path for the traffic, that is, where you need to implement the change, where the traffic is blocked, and where it's allowed.
AlgoSec provides full visibility into the risks involved in firewall change requests. This is important because when your environment grows to a certain scale, it becomes harder and harder to get the full overview of all your firewalls and rule sets.
AlgoSec can reduce the time it takes to implement firewall rules. I tried the FireFlow module in a course with AlgoSec. With active implementation, it smooths out the process so much more. If you have two or three firewalls that you need to implement, AlgoSec does everything for you. It reduces the time in terms of both looking through your environment to see where you would need the firewall rules and implementing them as well.
If you're just looking at your firewalls, you might not notice all the security risks and open rules. AlgoSec's automation helped to reduce human error and misconfigurations. It helps with cleanup and keeps your firewall as tight as possible. It helped to simplify the job of our security engineers.
Our organization works in multiple environments, and the firewalls are located across the globe. This solution enables us to manage these multiple or dispersed environments in a single pane of glass.
I'm responsible for the maintenance of the server, that is, patching and upgrading, and it's straightforward. It cleans itself up with the retention and everything you configure on it.
What needs improvement?
All our firewalls were renamed, and AlgoSec saw these devices as new devices. As a result, all the reports from the same device but with the old hostname were no longer connected. AlgoSec did not clean up the old reports as well. After a few days, it depleted its own storage, and then, the server became inaccessible.
There's no fail-safe for AlgoSec to not stop creating reports if its own storage is at 98% or 99% capacity because the server becomes inaccessible when it reaches 100%.
I've also been fighting an issue with the Chisel service running on the server regarding AlgoCare for some time now. I have been in contact with AlgoSec's technical support regarding this, and they've been helpful and responsive.
For how long have I used the solution?
I've been using AlgoSec for six months, but the organization has been using it for some time.
What do I think about the stability of the solution?
When it doesn't fill its own storage and kills itself, the stability is fine. It has only happened one time; the ms-metro service went down, so the web GUI became inaccessible. All in all, though, the stability is good.
How are customer service and support?
AlgoSec's technical support is swift, knowledgeable, and professional. We had some issues when we upgraded from A32.10 to A32.20, and they helped us to get it up and running again. All the contact I've had with them has been very positive, and I'd give them a ten out of ten.
How would you rate customer service and support?
Positive
What other advice do I have?
Consider whether your infrastructure needs this solution. The organization should be a specific size before this product will come in handy for you. If you are a large enterprise with a lot of sites and a large infrastructure, then you should certainly consider using AlgoSec. I've loved working with it and would rate it a ten on a scale from one to ten.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Reseller/partner
Network Security Officer at a energy/utilities company with 1,001-5,000 employees
Accurate results, very helpful for security audits, and good support
Pros and Cons
- "Being able to analyze the environment and audit firewall configuration is most valuable. We are working here in the oil sector, and it's a critical environment. Every six months we have auditors coming from the main office and doing auditing for security. We are using AlgoSec Analyzer to help us to do the audit before the auditors come to our office and do the auditing of our security devices. So, it's helping us to do good work and analyze all security devices, including firewalls."
- "My only concern is related to how they count the number of licenses. We have active and standby devices. If someone adds the standby device by mistake and does an analysis, it consumes two licenses. They need to improve the way they are counting the number of licenses because someone can do analysis on a standby device by mistake. We need a way to fix or solve this issue."
What is our primary use case?
We use Firewall Analyzer from AlgoSec. We are mainly using AlgoSec Firewall Analyzer for auditing and analyzing firewall configurations. We have added different vendors inside AlgoSec for analysis. We have added Palo Alto firewalls, Fortinet firewalls, and Cisco firewalls. We are using all of these in our network.
There's an option to collect logs and send them to AlgoSec, but we are not using this option. We have other solutions for this purpose. We have Darktrace, IBM QRadar, etc.
In terms of our network environment, for the on-prem network, we have different security zones. For the data center, we have different DMZs for internal applications. We have different networks in different locations connected to our corporate network. About 90% of our applications are on-prem, and we only have the websites on the cloud.
How has it helped my organization?
It's helpful for auditing firewall configuration. If there is any mistake on the configuration side, it helps us to fix it. If there is a complication or there are unused security policies, it suggests removing or double-checking them. It's a good product. It's stable and gives us accurate results.
We have a network with more than 10,000 users. We have a lot of security devices for finance, remote sites, and corporate. AlgoSec is helping us to review and do auditing of the security device configuration. It's helping us to audit and review the configuration for any mistakes for firewalls, web application firewalls, proxies, etc.
When we add a security device, such as a firewall, it analyzes the configuration files for the firewall and gives us a brief of everything, such as security policies, routings, and objects. It lets us know if there is any mistake in the configuration, which is helpful for us. It gives us good visibility of what we have inside our security devices. For example, one of the firewalls that we have has more than 500 security policies. With manual auditing, we cannot analyze or review such a huge configuration. So, we are using AlgoSec Firewall Analyzer for this purpose, and it has saved more than 70% of our time.
It reduces human errors and misconfigurations. It lets us know if there haven't been any traffic hits for a policy for a long time. We can then review the configuration to see why there are no new hits for this. We are reviewing all of this every six months. It makes our work easier. It simplifies the job of security engineers.
What is most valuable?
Being able to analyze the environment and audit firewall configuration is most valuable. We are working here in the oil sector, and it's a critical environment. Every six months we have auditors coming from the main office and doing auditing for security. We are using AlgoSec Analyzer to help us to do the audit before the auditors come to our office and do the auditing of our security devices. So, it's helping us to do good work and analyze all security devices, including firewalls.
What needs improvement?
My only concern is related to how they count the number of licenses. We have active and standby devices. If someone adds the standby device by mistake and does an analysis, it consumes two licenses. They need to improve the way they are counting the number of licenses because someone can do analysis on a standby device by mistake. We need a way to fix or solve this issue.
I noticed that some of the oil companies in Kuwait have started to use AlgoSec Analyzer. I see AlgoSec solutions in Kuwait. AlgoSec needs to have sales engineers here. They should have presales or sales consultants so that they can offer solutions to companies in Kuwait.
For how long have I used the solution?
We have been using AlgoSec for more than four years.
What do I think about the stability of the solution?
It's a stable solution.
What do I think about the scalability of the solution?
It's scalable. We have 10,000 users accessing services and the internet. We only have two users who are accessing and working with AlgoSec. They are security engineers.
How are customer service and support?
They are cooperative. If we face any issues, we just send an email or open a case through the portal. We can contact them directly. We don't face any issues with their support. I would rate them a 10 out of 10.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have not used other tools. We know AlgoSec is a leader in this industry. We haven't faced any issues in the last four years while using the AlgoSec solution. We haven't done any research on other solutions because we haven't faced any issues with AlgoSec.
How was the initial setup?
It's very easy to do the initial setup. It's not a big issue. In about two days, you can configure your device, activate the license, and add security devices. If you have an admin account, you can allow AlgoSec Analyzer to access security devices.
Its management is not a big issue. Only one person can maintain it.
What was our ROI?
We have seen an ROI. That's why we got this solution. We knew how we would use it and what would be its benefits. We have seen about 60% or 70% ROI.
What's my experience with pricing, setup cost, and licensing?
We purchase licenses based on the number of security devices in our network.
When I have active and standby firewalls, if I do an analysis of the active firewall and by mistake, I also do an analysis of the secondary or standby firewall, it'll consume two licenses from the total number of licenses I have. So, I need to change the license and make the active firewall secondary. They need to improve how they are counting the number of licenses. We have discussed this with the consultation team of AlgoSec.
What other advice do I have?
I would rate it a 9 out of 10. It's a good product. It's working fine without any issues. We don't face any issues. Our only concern is how they are counting the total number of licenses.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Project Engineer at a tech vendor with 51-200 employees
Great risk reduction and policy optimization capabilities with the ability to streamline communications
Pros and Cons
- "Proactively assess the impact of network changes to ensure security and continuous compliance."
- "The FireFlow's out-of-the-box workflow configuration/customization wizard could be improved to be more user-friendly and have a shorter learning curve."
What is our primary use case?
My main use case is as a firewall analyzer module where it can be further broken down as follow:
1) Network topology visualization: visualizes a network traffic path during troubleshooting
2) Policy optimization: uses optimization and clean-up recommendations to perform annual housekeeping of the firewall
3) PCI DSS compliance: follow the out-of-the-box checklist to prepare for a PCI DSS audit
4) Risk reduction: uses the recommendation of the risky rules to address all the critical and high-risk rules
5) Monitor changes: monitor for firewall-config changes in real-time via email alerts
How has it helped my organization?
The solution has improved our organization in multiple ways. We can:
- Easily understand and provision application connectivity to accelerate application delivery and minimize outages
- Process firewall changes 4x faster, and eliminate misconfigurations and rework
- Proactively assess the impact of network changes to ensure security and continuous compliance
- Simplify and automate internal and regulatory firewall audits, and reduce time and costs
- Streamline communication across the application, network and security teams
- Deliver a tighter security policy that provides better protection against cyber-attacks
What is most valuable?
The product is great for:
1) Network topology visualization: reduces network troubleshooting effort which contributes to quickly restoring network or application outage.
2) Policy optimization: reduce/consolidate the number of rules created prior to the existence of AlgoSec Firewall Analyzer in order to free up hundreds of rule capacity before reaching the max rule limit of the firewall.
3) PCI DSS compliance: helps to highlight the area which firewall admin need to take note and address in a streamlined and structured manner.
4) Risk reduction: helps to quickly identify the risk that exists in existing rules and provide useful recommendations that help the firewall admin to remediate with ease.
5) Monitor changes: helps firewall admin to comply with security requirements of providing real-time security alert whenever a change is made, with detailed info on what was the value before and after.
What needs improvement?
The FireFlow's out-of-the-box workflow configuration/customization wizard could be improved to be more user-friendly and have a shorter learning curve. The current configuration wizard is quite complex and complicated, which will result in the need to engage with an AlgoSec professional services team to perform even the simplest workflow adjustment.
I had tried AlgoSec's direct competitor's workflow configuration wizard and found it to suit most organization requirements even though the customization capability may not be as advanced as AlgoSec.
For how long have I used the solution?
I've used the solution for six years.
How was the initial setup?
The setup is fairly straightforward.
Which other solutions did I evaluate?
We did also consider Tufin.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Value-added reseller
Lead Infrastructure Engineer at a financial services firm with 5,001-10,000 employees
Enables us to drill down to the level where we can see the actual policy rule that's affecting the risk ratings
Pros and Cons
- "AlgoSec provides full visibility into the risk involved in firewall change requests as well. It definitely allows us to drill down to the level where we can see the actual policy rule that's affecting the risk ratings. If there are any changes in ratings, it'll show you exactly how to determine what's changed in the network that will affect it. It's been very clear and intuitive as far as that."
- "Some of the auditing functionality needs improvement. Our major focus is the firewall validation process and tracking and verifying that changes are implemented correctly. We are actually doing parts of the auditing process manually. And getting any one of the vendors to bring out a good auditing process has been very difficult."
What is our primary use case?
I mainly use AFA and FireFlow. The majority of the network is internal. We have a very limited footprint in the cloud right now. But what we do have in the cloud is private. Being a financial institution, everything is very secure. So we don't have anything in the public cloud.
We're primarily using AlgoSec for firewall management and change validation. So we use it for monitoring all the firewall changes and security ratings. Any kind of firewall change is monitored and we have our own process that we use AlgoSec for to validate that changes are implemented according to the requests and go through all of the change approval processes.
How has it helped my organization?
We are using it for the firewall change auditing process for our department. They are one of the leaders that we found in this area. There is a very limited group of vendors that provide this kind of functionality and we've gone through the majority of them. AlgoSec still stands out as the leader, in our opinion.
What is most valuable?
We primarily use AFA for the change management portion of it. But the security ratings also are used by our security group to ensure compliance and validate that nothing is being configured that is not in our best interest.
The overall visibility AlgoSec gives into our network security policies has been very good. We are happy with the way the application works. It is very intuitive and easy to use. I would give that a very high rating.
AlgoSec provides full visibility into the risk involved in firewall change requests as well. It definitely allows us to drill down to the level where we can see the actual policy rule that's affecting the risk ratings. If there are any changes in ratings, it'll show you exactly how to determine what's changed in the network that will affect it. It's been very clear and intuitive as far as that.
I don't know if it has reduced the time it takes to implement firewall rules in our company. We don't use it for implementing changes because our network is very in-depth and we're very particular with our security on that, that we do manually make all of our firewall changes. So we're not using the automated functionality of AlgoSec to do that for us. But I think that's more because of the restrictions that we have in our own network.
AlgoSec is very good when it comes to preparing for audits and ensuring our firewalls are in compliance. The security ratings are a major factor in that lately, as well as being able to show the configurations and how they affect the risk ratings. Whenever we do need to address any issues, it's very clear to show us exactly what the effects of the ratings are, as tied into the firewall policies.
We work with multiple security vendors. I'm not on the security team any longer. I went from network group to security and then back again. But our security group does work with AlgoSec and they use it very intimately for different functions.
What needs improvement?
Some of the auditing functionality needs improvement. Our major focus is the firewall validation process and tracking and verifying that changes are implemented correctly. We are actually doing parts of the auditing process manually. And getting any one of the vendors to bring out a good auditing process has been very difficult. AlgoSec does a good job of showing us the changes, but we're doing a manual process to actually audit it and do documentation that we can provide to our auditors that shows we're validating everything, and on top of it, that nothing gets implemented without being caught. Part of that could be improved upon.
For how long have I used the solution?
I have been using AlgoSec since 2016, so it's been around five and a half years.
What do I think about the stability of the solution?
The stability has been great. We had a minor bug with the latest version and development. I did work with support to get that ironed out. They resolved it so right now, it looks to be very stable. And we are looking to put that into production shortly.
What do I think about the scalability of the solution?
The scalability seems very good. I haven't seen any restrictions if we were to bring in other hardware or other devices in terms of how to scale it out, either size-wise or vendor-wise.
We have our network group, which we use AlgoSec for, for investigating the risks, configuration issues and things like that. The security group uses it for risk ratings and compliance verification. Then we have a separate group, which is a different group of security that uses it for the firewall validation process. They're the ones that use it on a daily basis to investigate any firewall changes and tie those back to the original request and validate that they were implemented properly.
How are customer service and technical support?
The support has been very good. They're very responsive, very quick to get back to you, and very helpful. They bring in developers very quickly and easily to get into the details. Our last issue we had seemed to be very unusual, and with their support, they brought in the actual developers that were working on this software and resolved it very quickly.
Which solution did I use previously and why did I switch?
We used a couple of different solutions and they all have their problems. We thought we had a good solution at one point until we found out that it wasn't working properly. When you trust in an application like this and you believe in the numbers that it's giving you, you go with that as gospel until you find out that it's wrong. That vendor's support was just not on the level that we wanted. We were getting no response from them for a long time. So we finally gave up on them until we went to AlgoSec, and it was a much better solution for us.
How was the initial setup?
The initial setup is very straightforward. It is very easy to integrate network devices into AlgoSec and manage them. It's even getting easier with the latest version. We integrated Palo Alto devices into AlgoSec and it is very simple to bring it in. We have a development server that we're testing out the latest version on, and that came in in minutes. It brought it all in automatically.
The earlier versions of AlgoSec, especially when they came out originally, would not integrate properly with Panorama. So at that point, we had to integrate AlgoSec to actually reach out to every firewall individually for configurations and change status. The current releases are now integrating directly into Panorama. It's just basically one connection into Panorama and it pulls in all of the configurations from there. It's much more simplified.
What was our ROI?
I don't really get involved in ROI. But I definitely think it's valuable to us and I think it is a good solution for us.
What's my experience with pricing, setup cost, and licensing?
I don't get into the pricing aspect of it that much. But from my beliefs of it, I believe it is very cost-efficient compared to other vendors. Their licensing is very straightforward and they're easy to work with.
Which other solutions did I evaluate?
There were three main players at the time, we went through proof of concepts with each of them, and AlgoSec was definitely the strongest vendor in that group and we don't regret it at all. I think it is a good solution.
The other vendors were promising a lot more than they were actually delivering on when it came time to actually putting it onto our network and evaluating it. We were finding that things that they were telling us that they supported and were part of their packages were not actually functional at the time. So we did not go forward with them because of that. AlgoSec actually had everything working properly. It was very easy to set up and use and it did what they promised.
What other advice do I have?
Their sales engineers have really been very helpful and very good at working with us. I have nothing bad to say about them. They were excellent and I have a good relationship with them. If I ever need anything, I'll reach out to either our sales executive or our SE anytime and they respond immediately to us.
I would say the biggest thing we've learned with it is how much information it does give you. It is a nice platform. It definitely drills in a lot of layers of security and efficiencies that you can do. We're not using it to its full potential for cleaning up policy rules. As most companies are now, they are short-staffed and overworked. But it definitely can be used a lot more than we are using it for. Overall, it's a great solution and I have not seen another vendor in this marketplace that does any better than this.
I would rate AlgoSec a nine out of ten. We would like to see the auditing functionality improved. But that would be the only shortcoming at this point. I do think that they are top of the marketplace for this.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Works at a energy/utilities company with 10,001+ employees
Alerts when a risky rule is created help us to maintain compliance
Pros and Cons
- "We are moving towards an automated environment so the ability to work with Ansible, ServiceNow, and Palo Alto gives us the ability to automate our firewall policy creation. And it does so in a manner where we do not have to worry about a policy being created that may put our organization at risk."
- "Support for Layer 7 policies, including User-ID and threat profiles with Palo Alto firewalls, has been a pain point from us. We would like to include the additional info specifically because we believe it changes the riskiness of the rule if it is only set for a specific user or a group of users."
What is our primary use case?
We utilize this solution to manage policies for our firewalls. At first, we used it to keep a record of our policies: Who changed something, when, and whether the policy is allowed or not. We now use it to map our traffic flows and to flag a policy that is not allowed by the criteria we have set for our different types of firewalls.
We used it initially to go through all of our policies on over 800 firewalls, to organize the policies and map out our policy flows to certain zones. That enabled us to know how to structure our policies.
We spent a year going through our firewall policies to clean them up because before, when we were on Cisco ASA firewalls, we had a very hard time regulating what types of firewall policies were being created, and it was even harder to review them. After we moved to Palo Alto firewalls, we decided that that was the best time to load our policies into AlgoSec and review them. That way we not only converted to a more capable next-generation firewall, we could also ensure the policies were strong.
How has it helped my organization?
AlgoSec has helped significantly with our firewall compliance. Before AlgoSec it was a very manual job to go through firewalls and look for risky rules. Now, we get alerts when a risky rule is created. This allows us to maintain compliance and run compliance checks monthly. As a result, we have saved many hours of work by our operations folks. They were the ones who had to manually review all of the firewall policies and create evidence of their review in a very scrappy fashion.
With AlgoSec, we can show a view of firewall compliance that is clean and easy to read and present. This also helps our business units ensure their policies are clean. With that data, we are able to show management that the firewalls connected to our network, but owned by other business units, meet our standards.
What is most valuable?
We like that we have been able to identify risky rules, based on the criteria we have set. We also like the ability to push policies from AlgoSec to the firewalls to ensure risky policies are never created in the first place. That's a feature that will help us in the future as well.
We are moving towards an automated environment so the ability to work with Ansible, ServiceNow, and Palo Alto gives us the ability to automate our firewall policy creation. And it does so in a manner where we do not have to worry about a policy being created that may put our organization at risk.
What needs improvement?
Support for Layer 7 policies, including User-ID and threat profiles with Palo Alto firewalls, has been a pain point from us. We would like to include the additional info specifically because we believe it changes the riskiness of the rule if it is only set for a specific user or a group of users. For example, if we have what looks like an "allow all" to a certain /24 network, but for only one user, we would give that a different score than if no user was identified.
For how long have I used the solution?
We have used this solution for six years.
What do I think about the stability of the solution?
AlgoSec has been very stable for us.
What do I think about the scalability of the solution?
It scales well.
How are customer service and technical support?
We have had our issues resolved very quickly.
Which solution did I use previously and why did I switch?
We used Tufin.
How was the initial setup?
The initial setup was very simple. We just set up SNMP.
What about the implementation team?
We used a vendor team and they were great.
What was our ROI?
The ROI for us is the great assurance we have in the security of our firewall policies.
What's my experience with pricing, setup cost, and licensing?
Be sure to scale properly.
Which other solutions did I evaluate?
We evaluated Tufin.
What other advice do I have?
This solution will help you significantly with compliance, the part of your job that may not be your favorite.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Security Engineer III at Paychex, Inc.
By letting developers access this solution, we cut down the questions and time we had to spend explaining what ports are open and where.
Pros and Cons
- "I think finding the firewall's rules with the highest risk is valuable."
- "I would like to see more object-based reports on groups and object usage."
What is our primary use case?
We use it to find unused objects and rule cleanup. However, we also found a use case by letting developers read access so they can see rules and open ports so they can request firewall changes as needed. This opened up time for our firewall engineers because they did not have to answer questions anymore to developers.
How has it helped my organization?
By letting developers access AlgoSec, we cut down the questions and time we had to spend explaining what ports are open and where. They can now see in one panel. Since there are multiple firewall vendors, they can see what rules apply where using one tool.
What is most valuable?
I think finding the firewall's rules with the highest risk is valuable. In the old days, we had to run reports and look through rule bases trying to find risky rules and that can also lead to human error. Now we see it via AlgoSec. It also helps because we see those risks across multiple vendors.
What needs improvement?
I would like to see more object-based reports on groups and object usage. When cleaning up old rules, it is easy to disable the rule and then delete after a while. Trying to find unused groups or used objects in groups gets a little harder and I would like to see an easier view into those objects.
For how long have I used the solution?
3 Years
What do I think about the stability of the solution?
We have never had an issue with its stability.
What do I think about the scalability of the solution?
This product does scale very well and we never had a problem with performance.
How are customer service and technical support?
Whenever we did have a question on setup or changes, the tech support was very willing to work with us even on basic questions.
Which solution did I use previously and why did I switch?
We have used Tufin which does a good job looking at groups and objects but AlgoSec adds more of a risk approach to it.
How was the initial setup?
It was very easy to setup and easy to get firewalls working with the manager.
What about the implementation team?
We were able to set it up in-house without any help. That is how easy it was.
What was our ROI?
Our ROI was seen very quickly since we gave developers the option to look at rules. IT opened up so much time where our firewall engineers had to deal with questions and explanations.
What's my experience with pricing, setup cost, and licensing?
I would start with only a few firewalls and then grow. You can get your feet wet and add more firewalls in next year's budget.
Which other solutions did I evaluate?
We evaluated Tufin.
What other advice do I have?
The solution is pretty solid and intuitive.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free AlgoSec Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Firewall Security ManagementPopular Comparisons
Tufin Orchestration Suite
Fortinet FortiGate Cloud
FireMon Security Manager
Skybox Security Suite
Palo Alto Networks Panorama
AWS Firewall Manager
Azure Firewall Manager
ManageEngine Firewall Analyzer
Fortinet FortiPortal
Cisco Defense Orchestrator
Opinnate
Buyer's Guide
Download our free AlgoSec Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- From your experience, what are the technical differences between AlgoSec and FireMon?
- What Is The Biggest Difference Between AlgoSec and FireMon?
- What is the biggest difference between AlgoSec and Tufin?
- What is your opinion on Fortinet FortiManager vs AlgoSec? Are they complementary?
- What are the differences between Palo Alto Networks Panorama and AlgoSec?
- Comparing network security vendors and devices
- When should companies use SSL Inspection?
- When evaluating Firewall Security Management, what aspect do you think is the most important to look for?
- What are the most important features you would be looking for in a firewall?
- How do I estimate the required firewall throughput for my organization?