AlgoSec Reviews

ABF and compliance modules.

AlgoSec contributes more in the security space for our company, especially in automatically finding the high risk and medium risk rules instead of manually reviewing over a few thousand rules. 

Also, ABF is a wonderful module where you can keep the footprint for your firewall rules up-to-date, like CMDB.

ABF is a key module for us, which we are using like an application center where we can keep our firewall rules for each application up-to-date. 

The compliance module is one of the best features which can help anyone to perform security review with predefined security matrix configurations. The compliance module can save a lot of time for security reviews and provide full visibility of the risk required in firewall change requests.

ABF is not very mature compare to AFA and AFF, but the module and concepts are quite good. I would suggest more concentration on ABF, especially on object and application permissions. 

We used a different Network Security Policy Management Solutions (NSPM) tool, but we felt that it would not be able to fulfill our requirements and address the gap which we had before.

We were looking for a place where we could keep our rules and also track ownership of each rule in the application.

I personally feel that the cost is quite expensive. AlgoSec is charging for each function, e.g., Active change, Application ABF license, etc. 

It is worth spending the cost for visibility on security. Of course, security is not cheap.

We evaluated three marketing leaders in the NSMP industry. However, we are not interested in highlighting anyone here.

AlgoSec is a very helpful product in carrying out security operations effectively.

It has a user-friendly interface, and we don't encounter any problems during or after installing updates.

We can get quick support from the manufacturer in case of problems.

The ability to automate policy analysis, optimize configurations, and visualize security risks allows organizations to mitigate threats and reduce the risk of security breaches proactively. 

By providing visibility into security risks, compliance gaps, and application connectivity requirements, AlgoSec helps organizations strengthen their security posture.

This product has had many benefits in improving my security posture by fixing many vulnerabilities.

Lack of sufficient resources or expertise to leverage AlgoSec's capabilities to their full potential might hinder the expected improvements.

The ability to automate policy analysis, optimize configurations, and visualize security risks allows organizations to mitigate threats and reduce the risk of security breaches proactively. AlgoSec's reporting and compliance features help organizations meet regulatory requirements more effectively.

AlgoSec offers a centralized platform for managing complex network security policies across heterogeneous environments. This feature enables users to visualize, analyze, and manage policies from a single interface, enhancing efficiency and reducing errors associated with manual policy management. 

AlgoSec's ability to integrate with various security and networking solutions enhances its overall value. Integration with firewalls, cloud platforms, SIEM tools, and other security devices ensures a cohesive security ecosystem and enables better threat response and mitigation.

Enhancements that allow for more automated policy management, change workflows, and orchestration can significantly streamline network security operations. 

Advanced analytics and reporting capabilities that provide deeper insights into network traffic, security policy effectiveness, compliance, and risk management can be beneficial. 

Features that allow security policies to be defined and managed based on specific applications' needs would be ideal.

I've been using the solution for two years. 

We have around 200 firewalls that we manage through AlgoSec. We use it for automation purposes in certain cases. We have 10 to 12 team members who use AlgoSec.

We have around 100 plus on-premises devices. However, we are moving over to the cloud. At present, we mainly have Microsoft Azure, and we are going to deploy AWS and Google Cloud soon.

We use AlgoSec FireFlow as well. 

The amount of time spent on doing simple tasks, such as adding a particular rule or giving access to a particular person, or doing the same repetitive task has been reduced. We don't have to manually look into duplicate rules or look into traffic that is not getting hits. It will be automatically taken into consideration by AlgoSec, and the information will be given to us so that we can take action on that part. It saved us a lot of time.

When the staff is doing the same repetitive task all the time, there will be errors. AlgoSec helped to reduce human error and misconfigurations to a great extent.

One of the features that I like about AlgoSec is the topology table. It helps us understand where the traffic flows through, where it gets interconnected, and how the traffic flows from our device to the other device.

The other good feature that I have come across is that it suggests best practices. For example, we had a case where there was a legacy rule that was a wide-open rule. AlgoSec identified what IP traffic got hit and based on that suggested allowing those particular IPs instead of maintaining a wide-open rule.

In terms of the overall visibility that AlgoSec gives into our network security policies, I like the best practice assessment in terms of compliance. It helps us deal with wide-open rules and duplicates, and provides suggestions on how the rules can be written, restructured, and reordered.

AlgoSec reduced the time it takes to implement firewall rules. Also when it is upgraded, which we are in the process of doing, when a user tries to raise a ticket, that ticket will be associated with AlgoSec FireFlow. Then, the user will be able to access it themselves.

We work with multiple security vendors, but not all vendors integrate with AlgoSec. As a result, our team has both AlgoSec and Tufin. In terms of integrations, it's going well so far.

AlgoSec helped to simplify the job of our security engineers. For example, a new user who tries to gain access will have to raise a case, and automation will take that into consideration. It helped us to disable rules that are not being utilized, merge any duplicate rules, and reorder rules based on traffic hits to have a good flow. Any rule works from top to bottom, and AlgoSec will place the major items at the top. These helped to reduce latency as well.

Certain firewalls don't integrate with AlgoSec, and it would be great if this bug could be fixed.

AlgoSec looks into compliance and is helpful. However, it would be nice to have validations that can run before the changes are posted and implemented. Now, if something goes wrong the user would need to reach out to us, and then we would have to troubleshoot. Instead of that, if there are validations for simple tasks, it would be great.

I've also heard from our AlgoSec vendor about a feature that is coming up in the future. With the topology table, we can see the interconnected devices to understand the traffic flow. I was told that with this new feature, if we find a blockage, maybe on a firewall, that we would be able to go to that firewall and allow traffic through a specific rule. This would be done just by right-clicking on that particular device and getting the change implemented through automation. This would be a helpful feature.

I've been using AlgoSec for about a year.

The stability has been okay so far. There are a few bugs, but no device is perfect.

We previously used FireMon and switched to AlgoSec because we were not satisfied with it. FireMon was good but was not user-friendly.

I recommend AlgoSec because it has good features and is more user-friendly than FireMon. AlgoSec has fewer options in terms of tabs, so you'll be able to navigate and explore everything. From a technical point of view, AlgoSec is good for a newcomer. Therefore, I would give AlgoSec an overall rating of eight on a scale from one to ten.

We work on the support side, and our customers use AlgoSec, primarily via on-prem deployments. They use the solution to analyze and engage firewall policies, increase their security, and receive advice for firewall optimization. 

The solution component we use is AlgoSec Firewall Analyzer. We have a customer who uses FireFlow, and we carried out a POC of AppViz, which some of our customers may want to implement in the next year.  

AlgoSec reduced the time it takes to implement firewall rules for our organization. 

The product helps us prepare for audits and ensure firewalls are in compliance; we can check the security and firewall rating points and advise our customers on optimizing their firewall and security rules. 

AlgoSec helped simplify the job of our security engineers, primarily through the advice it provides to admins managing the firewalls, which is essential. It also made them more efficient at their jobs.   

The Firewall Analyzer component has excellent compatibility with the solution, and it's highly useful and easy to manage.

Our customers find the Intelligent Policy Tuner very helpful, and it was useful for us during the POC because it was a significant selling point for our clients; they liked it and wanted to use it.

The solution provides excellent visibility into our network security policies, especially when we set the log options to ''extensive''; this gives us a lot of visibility for reports and change notifications. 

AlgoSec provides complete visibility into the risk involved in firewall change requests, which is especially important when presenting security reports to upper management.  

The solution's automation helped to reduce human error and misconfigurations; if the tool detects a drop in security and firewall policy points, it notifies admins via email of a potential misconfiguration, allowing us to fix the issue and raise the points again.  

More scope for editing alerts would be a welcome change. 

The solution has visibility and compatibility issues with Palo Alto firewalls, which makes it challenging to provide reports. The reports rely on logging, and the product has problems with Palo Alto's logging. Better compatibility with Palo Alto firewall reports is a must.

Some of our customers want to see AlgoSec with a user-based policy that can advise on user policy rules and be compatible with identity awareness.

I've been using the solution for over eight years across two companies.

The stability is good; there's no problem with it. 

The customer service is responsive and reliable enough, and most of our cases are solved within a day or two.

Positive

The setup is very straightforward; we use VMs, so our customers don't need appliances. We can set up a VM and install AlgoSec in 15-30 minutes, then further configuration such as DNS, names, IP addresses, and adding the firewalls takes two to three hours.

The upgrade process is also straightforward; when the upgrade package is released, we download it, import it to a machine, and implement it with one SSH command. The solution doesn't require any further maintenance. 

I'm not involved in the financial aspect, but I understand the platform to be expensive, though I need to find out how it compares to competitors like Tufin, for example.

I rate the solution a nine out of ten. 

Some of our customers work with different security vendors, including FortiGate, Palo Alto, and Check Point, and integration with their firewalls is straightforward when using AlgoSec.  

We are also a supporter of Tufin in Turkey, and there are some advantages to using AlgoSec, as it's more useful in specific ways. With the latter, it's quick and easy to get reports, and AlgoSec has lower spec requirements for new installs. It requires a maximum of 16-32 GB of memory and 500 GB to one TB of storage, but Tufin requires 60 GB of memory and one to two TB of storage. AlgoSec is more straightforward and user-friendly; the options are named clearly, so it's easy to add identities or active directories.

The product is suitable for small, medium, and large businesses; they could all find a use for it. 

I recommend the solution; I've been using it for eight years, and it's more user-friendly and useful than other products.

We use this solution for rulebase analysis. AlgoSec provides great unified visibility into all policy packages in one place. Also, the compliance feature is quite useful. 

It is great for checking rules/objects across numerous policies/domains, as well as generating advanced reports about risks, trends in recent changes, covered and unused rules, and if you want to go really deep in rule base optimisation - unused objects. This helps our team to keep network access up to date and secure. 

Growing big requires an increased level of automation and less manual tasks, and this is where AlgoSec comes into the picture.

It has being used for CheckPoint environment with numerous domains, hundreds of Firewalls and numerous policy packages, and Algosec able to provide single point of review. Security risks reports and rules analysis are very handy to optimise company's security posture and operational excellence. 

The most valuable feature is the rule base optimization, which provides extremely valuable information about inactive rules, and rules that can be optimized or unified.

In addition it is about tracking insecure changes and getting better visibility into network security environment - either on-prem, cloud or mixed.

We are also going to implement full change management via Algosec as it allows to eliminate human error, ease on security governance and improve general ROI.

In my opinion, the user should be granted more flexibility to choose exactly which devices per CMA should be analyzed.

The process to replace a decommissioned device with a new device is not straightforward.

With the upgrade to CheckPoint R80.xx we have started to see some issues, although this version was already some time on the market, hence I was surprised that there was no full compatibility achieved. Nevertheless, working with support and professional services solved our problems.

I have been using this solution for one to three years.

This solution is stable. There has been zero technical support interaction during last two years.

Support is build in tier model so the case can be always escalated to more advanced level if needed

We did not use another solution prior to this one. However, it was picked up after careful review and comparison with similar products.

The setup was long in the past but recent upgrades were flawless and support engineers knowledgeable 

Our company have close relationship with Algosec team and they are always showing great level of expertise along with the will to develop custom solutions in case of need

The pricing for this solution seems to be reasonable for the functionality.

We have evaluated number of solutions which are available on the Market. In my opinion several of them were concentrating to much on security operations and SOAR while not having that much functionality related to managing rulebases. Solid firewall change management is something must to have as it is provide strong basis for security governance, improves company's posture and allow to reduce risks in rapidly growing companies associated with multiple changes which might be not properly assessed or implemented as a security exception.

As my company uses basic package, I quite happy with the functionality.

First and mostly, as a large company, we had some issues regarding the main rating companies as they found some issues compromising our assets. There are different management systems and models with human interaction and sometimes with a different validation. This was impacting our business, so we put a lot of effort into solving problems, case by case, with manual operations. AlgoSec came into action in order to avoid this and streamline our process.

AlgoSec is one security management tool with the main target to find any rule that is not in compliance with our internal standards. New rules cannot be configured in any firewall unless it has been validated from security.

We were able to identify every rule configured on each firewall in our facilities with AlgoSec. This included every risky rule, shadow rule, and non-compliant rule. After this, we were working with a fully cleaned-up process.

Now, any rule is pushed automatically with AlgoSec. In fact, every user in the company is raising tickets through it to request a new open flow across firewalls. If AlgoSec detects that this flow has no risk, it is automatically pushed onto the firewall. If not, it goes to a dedicated approval process.

Among all of the different AlgoSec modules, I think that FireFlow is the most valuable and we have integrated it into our internal processes. This is something that increases business efficiency and helps avoid bottlenecks in our NOC team. Moreover, we have eliminated any human mistakes that we have dealt with in the past and now we want to avoid as we are moving toward a completely automated network.

There are a few things that we have already raised to AlgoSec in order to improve the tool. First, as the highest volume in our network is SaaS traffic, we need to secure this connection. To secure SaaS traffic there are a few vendors such as Palo Alto and Zscaler, but AlgoSec is not yet able to push rules onto these clouds. It’s in the roadmap but this is something that blocks our whole design.

The network map design is not very useful for the administrator as the information displayed is not user-friendly.

It's been almost two and a half years since when we were looking for a fully integrated Security Management tool and we decided to run this solution in our multi-vendor network.

Stability is good, but we are still debugging tiny things because we have to accommodate the solution to our large IT infrastructure.

It will be good as long as they can move this solution to hybrid or fully cloud deployments. 

All issues raised so far have had a good response SLA.

We didn't use any security managament tool prior to this one.

This initial setup was tough because of the network map configuration. There is no visibility on the provider (ISP) because they cannot grant access to us. So, the configuration was mostly set up manually.

AlgoSec was deployed with the support of professional services coming from the vendor. This made the implementation smooth for us. The expertise was good, as they had experience with this solution.

We were doing some workshops with both AlgoSec and Tufin. 

• We use the Firewall Analyzer extensively to manage our firewall security policies. 
• We use it to assist in processing firewall changes, clean up unused rules and objects, and perform rule re-certifications.

We could not effectively manage our security policies before using the Firewall Analyzer tool. We had never performed a firewall cleanup. We could not meet our Audit Requirement of re-certifying without the Firewall analyzer tool.

Firewall Analyzer's policy optimization reports: They provide the data needed to perform all the activities mentioned above. 

We have had challenges with technical support as mentioned earlier. However, we have a new account team and they are very responsive and addressing our concerns. 

We had a number of issues moving from 6.11 to 2107.1 but have found the latest code 2018.1 to be much more stable.

No issues with scalability in our environment. We do not have a large number of managed devices as we only manage our 21 firewalls.

We have had challenges with technical support as mentioned earlier. However, we have a new account team, and they are very responsive in attending to our concerns.

No, we evaluated AlgoSec and Tufin, and we selected AlgoSec.

The initial setup is very intuitive and not an issue for those with a good understanding of security, networks and the company's use of them.

In-house and we should have employed the vendor/professional services for an engagement to assist in the FireFlow implementation.

This is a difficult question to answer quantitatively. I'd say it is a great story when determining ROI for the Analyzer. We could not meet audit requirements, including PCI, which had the potential for large fines going forward.

The ROI for FireFlow is more of an incomplete story, and much of the issue is the way in which we implemented it.

We also purchased AlgoSec's FireFlow tool. We have had challenges getting value from it, and it is because the scope of this tool is very broad compared to Analyzer. In hindsight, we should have created a formal project and management backing to ensure success with this tool. 

The scope of a Fireflow implementation touches many organizations and we did not have an appreciation of the need for involvement of so many.

Tufin.

App Flow, Firewall Analyzer, and FireFlow are utilized. For gap-cleaning efforts to improve the firewalls and to gain visibility into firewall rules, we use AlgoSec. In order to maintain a clean environment, have a set of firewalls that are optimized, and then automate the deployment of firewall rules, we also employ the solution as a firewall assurance tool.

Our goal is to increase our understanding of firewall regulations. We utilized this tool to conduct a gap-cleaning project and tidy up our firewalls. Furthermore, we rely on this solution as a firewall assurance tool to ensure our rules are optimized and up to date. Additionally, we use this tool to automate the entire process of deploying firewall rules, ensuring a smooth change process in FireFlow, and allowing us to automatically deploy the firewalls on our appliances.

Security policy management entails far more than simply inspecting a device and applying certain rules. It is all about improving and automating time-consuming security processes so that staff can concentrate on more strategic responsibilities. AlgoSec FireFlow, for example, enables enterprises to process security policy changes in minutes or hours rather than days or weeks. It automates the entire security policy change process, from design and submission to proactive risk analysis, implementation, validation, and auditing, using intelligent, highly customizable processes.

The most valuable aspects of the solution include:

Dealing with misconfigurations. Automating manual processes reduces misconfigurations and prevents nearly all firewall breaches caused by misconfigurations, rather than flaws.

Automation as a strategy. Network policy automation is not an end unto itself. Rather, it supports the business strategy of maintaining security, ensuring SLAs, increasing cooperation, and reducing friction between departments. It improves competitive differentiation through better customer engagement, e.g., by moving applications to the cloud. Network policy automation aids regulatory compliance, and frees IT time from housekeeping so it can be applied to digital transformation and supporting strategic initiatives.

Understanding visibility requirements. With the help of advanced NSPM tools, network administrators and security managers can gain a deeper understanding of their network devices and business applications. By analyzing traffic flows across various vendor devices and hybrid infrastructures, they can identify security vulnerabilities, simplify troubleshooting, and uncover new applications and services.

To provide comprehensive instructions on product integration, a manual page can be added to the dashboard at the integration point. This will make it simple for the system administrator to incorporate new goods, even if they are unfamiliar with them thoroughly. Every time we integrate a new product, we shouldn't have to wait for coordinated work with a product specialist.

Due to the fact that AlgoSec's user interface is less friendly than that of other programs, it might not be appropriate for persons with little experience in security or IT. It does, however, allow for more customization. As a result, the interface can be regarded as more sophisticated.

I've been using this solution for the last two years.

For cybersecurity, AlgoSec automates application connectivity flows reliably.

The scalability is available via:

High-Availability. AlgoSec appliances can be clustered for fault tolerance, ensuring availability if system components fail.

Disaster Recovery. AlgoSec appliances can automatically synchronize data with offsite appliances to provide redundancy and ensure data preservation in the event of a failure at the primary site.

Geographically Distributed Architecture. AlgoSec appliances can be deployed across distributed sites for the local collection of logs and rulesets.
This data is then efficiently transmitted to a central appliance for processing.

Load Sharing. AlgoSec appliances can be clustered to share data workloads across multiple appliances for faster data analysis and reporting.

It was a wonderful experience dealing with customer service and support.

Positive

The initial setup is straightforward.

We implemented the solution in-house.

We've noted ROI in the following ways:

Automation. By analyzing the firewall rulesets, the network topology, and your corporate security policy, FireFlow can save more than 50% of the time required to process a firewall change. From automatically pinpointing the exact devices that need to be changed, to proactively assessing the risk and designing the change in the most optimal way. With AlgoSec’s ActiveChange technology, administrators can also automatically execute the change on the firewall and save even more time.

Accuracy. As much as 30% of requested firewall changes are not required, and many others are implemented incorrectly. FireFlow can automatically identify and close “already works” requests, and also ensure changes are performed exactly as requested.

Auditing. In order to meet regulatory and internal security requirements, IT find themselves spending a lot of time ensuring each change is properly documented to address any questions an auditor may have. FireFlow maintains a detailed history of every step of every change request and saves precious time. It even identifies changes that were performed without a formal request.

AlgoSec is a useful firewall management tool for organizations that require management of multiple firewall levels.