Try our new research platform with insights from 80,000+ expert users
reviewer1109571 - PeerSpot reviewer
Works at a retailer with 10,001+ employees
Real User
Network security optimization saves us time while boosting both security and performance
Pros and Cons
  • "AlgoSec has reduced the need for additional manpower and we can now use the time to tackle other security-related issues."
  • "We would like to see them utilize the cloud to help with performance improvement, and with various processes needed on a daily basis."

What is our primary use case?

We use AlgoSec to provide compliance and for the ease of automating everyday security tasks. We have more than five hundred firewalls and automation is a must. This was the best product in terms of the flexibility and visibility that we needed to manage them across different regions. We can modify policy according to our maintenance schedule and time zones.

How has it helped my organization?

AlgoSec has reduced the need for additional manpower and we can now use the time to tackle other security-related issues. For incident response, you can automatically isolate compromised servers from the network.

It helps remove rules with limited impact on other applications. By maintaining a clean security policy, it reduces the risk from the most common attacks and also improves performance.

AlgoSec has also helped increase collaboration between departments. It helps our network department to reduce third-party involvement in policy creation and management.

What is most valuable?

So far, we are using AlgoSec Analyzer and FireFlow. The Analyzer is more for compliance, risk, and auditing. FireFlow is more for automating rule changes and installation.

Right now I am loving FireFlow for its easy to use interface. You can also get as complex as you are comfortable with. You can add email, scripts, and hooks to certain aspects of the rule creation process.

What needs improvement?

AlgoSec now has cloud products that they are rolling out. This is the next space for which everyone is dedicating more resources. We would like to see them utilize the cloud to help with performance improvement, and with various processes needed on a daily basis. We have two remote agents that help with daily processing and would like to integrate more power from the cloud to be as flexible as possible.

Buyer's Guide
AlgoSec
March 2025
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,651 professionals have used our research since 2012.

For how long have I used the solution?

Five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1449057 - PeerSpot reviewer
Cloud and Digital Transformation Architect at a tech services company with 10,001+ employees
Real User
Risky-rule detection helps improve our security, but solution doesn't doesn't support all features on our firewalls
Pros and Cons
  • "The most valuable features for us are the functionality it provides for our two main use cases: planning firewall changes and traffic simulation queries."
  • "It doesn't support all features on our firewalls. For instance, planning changes, which include net rules, doesn't work. It didn't integrate so well with the ACI network."

What is our primary use case?

We use it for planning firewall changes and traffic simulation queries.

We use AFA (AlgoSec Firewall Analyzer) and FireFlow. Our network environment is mostly on-premises.

How has it helped my organization?

It has improved the way our organization functions in that, for our change process, we now require all changes to be planned using AlgoSec so that the security team has visibility into the changes and we're aware of any risks. We also are using the covered rules and risky-rule detection to improve our security posture.

We haven't fully implemented the processes, so we haven't measured any reduction in human error as a result of using the solution, but subjectively, it has reduced human error.

It has also helped to simplify the jobs of our security engineers.

What is most valuable?

The most valuable features for us are the functionality it provides for our two main use cases: planning firewall changes and traffic simulation queries.

We haven't used it yet to prepare for audits and ensure our firewalls are in compliance, but I think it will be very helpful for that. That's one of the main reasons we bought it.

We are using it with a couple of Cisco technologies and we're also sending events out to our Microsoft Sentinel workspace. We have a couple of other security technologies in there as well. AlgoSec integrates well with the Cisco ACI environment and with our Firepowers, our FTDs. There are still some bugs but it generally works well.

What needs improvement?

The overall visibility it gives us into our network security policies is pretty good but it has some bugs and shortcomings. It doesn't support all features on our firewalls. For instance, planning changes, which include net rules, doesn't work. It didn't integrate so well with the ACI network. It doesn't work with all firewall rules or with net rules on our firewalls.

For about 70 percent of firewall changes it does show us the risks, while for 30 percent of the changes, we can't plan because of these bugs and shortcomings.

For how long have I used the solution?

I have been using AlgoSec for about a year.

What do I think about the stability of the solution?

The stability is good.

What do I think about the scalability of the solution?

We've had no problems in terms of scalability.

I'm sure we will continue to add firewalls to it and we want to do more with the FireFlow.

How are customer service and support?

Their technical support is good but it can be slow.

How would you rate customer service and support?

Neutral

How was the initial setup?

The initial setup was straightforward.

We have about 10 engineers using it, and just one person who looks after it, maintenance-wise.

What about the implementation team?

We used their personal services to help us set it up. We had an onboarding package. It wasn't me doing the configuration but it seemed straightforward with their support.

Our experience with them was good overall. We had some frustrations and surprises in the early days with the product not being completely compatible with our environment. But over the last year, they've been fixing the bugs which is making it much more usable. When we started, it had a lot of problems with our environment. We were only able to plan something like 40 percent of the changes, and the traffic simulations weren't working with our network environment. But now, we're up to close to 70 percent.

It took about nine months before it was properly integrated and enough of the bugs had been fixed for it to be helpful.

What was our ROI?

We are not measuring the effort saved or the errors avoided, but we think it's a good investment.

What's my experience with pricing, setup cost, and licensing?

Initially, it was more expensive, but we managed to negotiate the price. It's about average now.

In addition to the standard fees, we bought the Jumpstart package to help us configure it.

Which other solutions did I evaluate?

We looked into Tufin. We chose AlgoSec because of its support for Cisco ACI. Tufin was just releasing that and we felt that AlgoSec was a more mature product.

What other advice do I have?

At the moment, it hasn't reduced the time it takes to implement firewall rules in our organization. It's being used to improve the quality of the changes we make and improve visibility. But we haven't fully implemented the FireFlow features. That's our problem, rather than the tool. We just haven't finished implementing it.

We're only using AlgoSec for on-premises, but we do have environments in the cloud and we plan to use it for those in the future. It would help us manage these multiple environments in a single pane of glass, but for the moment we aren't using it in that way. However, we do have a number of firewalls that we have onboarded from acquisitions, so we are not just using it for our data centers. We're using it for smaller acquisitions' firewalls as well to understand the security posture of companies that we are purchasing.

My advice would be to make sure that the solution is completely compatible with whatever infrastructure you have. We should have spent more time evaluating its support for our infrastructure to avoid some of the problems or surprises we had when we implemented it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
AlgoSec
March 2025
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,651 professionals have used our research since 2012.
Project Engineer at a tech vendor with 51-200 employees
User
Great risk reduction and policy optimization capabilities with the ability to streamline communications
Pros and Cons
  • "Proactively assess the impact of network changes to ensure security and continuous compliance."
  • "The FireFlow's out-of-the-box workflow configuration/customization wizard could be improved to be more user-friendly and have a shorter learning curve."

What is our primary use case?

My main use case is as a firewall analyzer module where it can be further broken down as follow: 

1) Network topology visualization: visualizes a network traffic path during troubleshooting

2) Policy optimization: uses optimization and clean-up recommendations to perform annual housekeeping of the firewall

3) PCI DSS compliance: follow the out-of-the-box checklist to prepare for a PCI DSS audit

4) Risk reduction: uses the recommendation of the risky rules to address all the critical and high-risk rules

5) Monitor changes:  monitor for firewall-config changes in real-time via email alerts

How has it helped my organization?

The solution has improved our organization in multiple ways. We can:

  • Easily understand and provision application connectivity to accelerate application delivery and minimize outages
  • Process firewall changes 4x faster, and eliminate misconfigurations and rework
  • Proactively assess the impact of network changes to ensure security and continuous compliance
  • Simplify and automate internal and regulatory firewall audits, and reduce time and costs
  • Streamline communication across the application, network and security teams
  • Deliver a tighter security policy that provides better protection against cyber-attacks

What is most valuable?

The product is great for:

1) Network topology visualization: reduces network troubleshooting effort which contributes to quickly restoring network or application outage.

2) Policy optimization: reduce/consolidate the number of rules created prior to the existence of AlgoSec Firewall Analyzer in order to free up hundreds of rule capacity before reaching the max rule limit of the firewall.

3) PCI DSS compliance: helps to highlight the area which firewall admin need to take note and address in a streamlined and structured manner.

4) Risk reduction: helps to quickly identify the risk that exists in existing rules and provide useful recommendations that help the firewall admin to remediate with ease.

5) Monitor changes: helps firewall admin to comply with security requirements of providing real-time security alert whenever a change is made, with detailed info on what was the value before and after.

What needs improvement?

The FireFlow's out-of-the-box workflow configuration/customization wizard could be improved to be more user-friendly and have a shorter learning curve. The current configuration wizard is quite complex and complicated, which will result in the need to engage with an AlgoSec professional services team to perform even the simplest workflow adjustment.

I had tried AlgoSec's direct competitor's workflow configuration wizard and found it to suit most organization requirements even though the customization capability may not be as advanced as AlgoSec.

For how long have I used the solution?

I've used the solution for six years. 

How was the initial setup?

The setup is fairly straightforward.

Which other solutions did I evaluate?

We did also consider Tufin.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Value-added reseller
PeerSpot user
PeerSpot user
Digital Security Specialist at Derivco
Real User
Improves firewall performance, saves engineers time in optimization, and the technical support is responsive
Pros and Cons
  • "The most valuable feature is the Firewall Analyser, which has a number of fantastic features."
  • "I would like to see enhanced dashboards or build meaningful reports for executive consumption."

What is our primary use case?

The purpose of using the product was to attack and Analyse rule bases from a holistic perspective. The Firewall Analyzer has a rule base consolidator as well as a feature to make the rule base more permissive. It also helps to reduce rule base clutter, as well as legacy rules.

Traffic query helps us to quickly find rules that allow outbound access.

FireFlow is a useful ticketing system that integrates with many products.

We would like to use FireFlow's API to automate certain tickets that come through to leverage automation in our environment. 

How has it helped my organization?

An example is that we have a policy with 900 rules, which we were able to reduce to 500 rules. That's close to a 50 percent savings on the rule base.

We used the Unused rules function in Firewall Analyser to examine our rule base. This has drastic performance increases in our production firewalls.

Objects not used within rules can save even more when it comes to cleaning up rule bases. Where this is a very manual process without AlgoSec, engineers can have a level of automation by building useful reports to assist with clean up.

What is most valuable?

The most valuable feature is the Firewall Analyser, which has a number of fantastic features.

From a risk perspective, you can apply compliance Frameworks like ISO 27001 and PCI DSS against firewall rule bases to see if your rule base is compliant. If you are not then AlgoSec provides descriptive ways on how to adjust rules to make your rule base more compliant. 

Definitely, the policy-cleanup features are the main draw. Shadowed rules, rule duplication, rule consolidation, rules permitting too much access, and rule usage are very useful and help to clean up rule bases.

What needs improvement?

There are areas where auditing rule changes are not accurate. It is important to be accurate when using rule changes, as users need to be accountable for their changes; however, I cannot trust AlgoSec when rule changes come through on reports as they reflect incorrectly. I have taken this up with support and have never really had a resolution for this. 

I would like to see enhanced dashboards or build meaningful reports for executive consumption. 

AlgoSec is a fantastic product, and I would like to see more "granular" breakdowns of traffic on IPT traffic analysis for source and destination, as the way it does it currently does not allow me to self problems for rules with ANY in the destination.

For how long have I used the solution?

We have been using AlgoSec for one and a half years.

What do I think about the stability of the solution?

The stability is good.

What do I think about the scalability of the solution?

Scalability-wise, this product is good.

How are customer service and technical support?

The technical support is always responsive and always willing to understand the issues. 

Which solution did I use previously and why did I switch?

Our previous solution was not useful and did not have an intuitive interface. Support was also terrible.

How was the initial setup?

The initial setup is straightforward. If you understand your infrastructure, it will be easy to deploy in a central location.

What about the implementation team?

Our deployment was done through a vendor team and it took one week.

What was our ROI?

We haven't saved any money yet but we have improved the performance of certain devices.

What's my experience with pricing, setup cost, and licensing?

I would suggest that you start with a VM, get a PoC with a temp license, and try it out. You will love it.

Which other solutions did I evaluate?

I would not like to disclose which other products, but I have used two other products that didn't even come close to AlgoSec's power.

What other advice do I have?

Its a good production and good support, definitely worth it.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Network Security Engineer at Türkiye İş Bankası
Real User
Optimizes firewall policies and facilitates compliance auditing
Pros and Cons
  • "The most valuable feature is the reporting, including the policy report and regulatory compliance reports."
  • "Cisco Firepower device support is limited in our AlgoSec system and I think AlgoSec can improve in that area."

What is our primary use case?

We primarily use the AlgoSec Firewall Analyzer.

We have more than ten cluster firewalls and we have deployed the AlgoSec solution suite. We want to check compliance status of our devices. We also need to reduce the number of rules in each of the policies.

In our new data center, we want to automate the firewall policies.

How has it helped my organization?

Now, we can easily track the changes in policies. With every change, AlgoSec automatically sends an email to the IT audit team. It increases our visibility of changes in every policy. 

Every month, I use the optimizer to reduce firewall rules. In the summary tab, I can easily track the number of changes in the firewall policies.

What is most valuable?

The most valuable feature is the reporting, including the policy report and regulatory compliance reports.

In the Intelligent Policy Tuner, the tighten permissive rules tab allows us to reduce the number of rules in each policy. I can easily control, report, and reduce the rules for policies. Also in the Rules Cleanup tab, I am removing unused rules as I feel confident in deleting these types of rules.

Our Information team read Regulatory Compliance Reports that can easily track the compliance status of each device.

What needs improvement?

Cisco Firepower device support is limited in our AlgoSec system and I think AlgoSec can improve in that area. For example, in FireFlow we can easily track using the ticketing system to integrated Check Point devices. However, with Cisco Firepower devices, we couldn't integrate with them.

For how long have I used the solution?

We have been using AlgoSec for almost six years.

Which solution did I use previously and why did I switch?

We did not use another solution prior to this one.

What's my experience with pricing, setup cost, and licensing?

The pricing of AlgoSec is fair.

Which other solutions did I evaluate?

Before purchasing AlgoSec, we implemented a PoC with each of AlgoSec, Tufin, and FireMon.

What other advice do I have?

We have more than ten clusters behind our firewall. It is essential that we track the changes in policies and the compliance status of devices. AlgoSec can easily do that.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1120656 - PeerSpot reviewer
Information Security Specialist at a maritime company with 10,001+ employees
Real User
Improves efficiency within our firewall setup and enables us to react faster to incoming requests
Pros and Cons
  • "AlgoSec has improved our organization in terms of improving efficiency within our firewall setup. It has added automation to working process that has helped us achieve our initial goal of reacting faster to incoming requests, which as a result of allows the relevant teams time to focus on other areas of importance."
  • "have also heard a few qualms about the technical support and that it could be improved. However, this doesn't detract from the value the tool brings to our business."

What is our primary use case?

Our company has a very large technical estate, with over 90,000 staff and 80,000 computing devices, it was imperative that we found a firewall security management tool that allowed us to speed up the process of change requests when it comes to our firewall IPS team, as they were becoming overwhelmed with the volume of requests.

How has it helped my organization?

AlgoSec has improved our organization in terms of improving efficiency within our firewall setup. It has added automation to working process that has helped us achieve our initial goal of reacting faster to incoming requests, which as a result of allows the relevant teams time to focus on other areas of importance.

What is most valuable?

The best feature for us is the ability to automate the change requests that come through our service desk, which is done via the tool's intelligence to analyze the conditional rules. As previously mentioned, this used to be a big time sink for the guys which is now less of an issue. This means that the company can claim back valuable man-hours for other means (also showing a labour cost saving to the board).

What needs improvement?

For the most part, this AlgoSec tool does meet our needs. If I was to think of any improvements I think the main one that stands out to me is confidence in future proofing. A good example is that we are looking at various SOAR which we'd like it to be fully compatible with (but not entirely convinced it is yet). Lastly, I have also heard a few qualms about the technical support and that it could be improved. However, this doesn't detract from the value the tool brings to our business.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Security Engineer at Genuine Parts Company
Real User
The feature I find most valuable is Change Detection email notifications. We are able to track real-time changes made.

What is our primary use case?

The primary use of this appliance is for Firewall maintenance and monitoring. Firewalls are a critical component in all organizations. As engineers, we are tasked with more responsibilities. You want to efficiently manage your time and devices, AlgoSec helps tremendously with that.

How has it helped my organization?

AlgoSec has improved our organization by providing us with an appliance to assist with our daily Firewall duties. AFA & AFF assist with change detection and logging of user modifications. Also, it's a great tool when preparing for audits and ensuring your firewalls are in compliance.  

What is most valuable?

The feature I find most valuable is Change Detection email notifications. We are able to track real-time changes made.

What needs improvement?

Currently, the product is doing everything we have asked for. Its a huge component for our Firewall maintenance. One key component is the integration with ServiceNow for Firewall rule requests. This helps expedite the process and track every step from user to configuration. 

Some area's where the product can improve is with the knowledgebase. Sometimes you have to do additional reading for your particular error.

Some additional features I'd like to see are for the reports. As opposed to showing me the entire objects/rules on the change detection email for that particular firewall, I'd like to see just the changes. I think this would be beneficial to none technical personal that may get overwhelmed with all of the data.

Also, having a Linux or programming background makes troubleshooting easier. That is one challenge I'm working on now to improve fixing our issues quicker.  

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

So far for what the solution does, it's stable. 

What do I think about the scalability of the solution?

The solution is very scalable so far. 

How are customer service and technical support?

Support thus far is sufficient for our needs. Their system is very timely and engineers engage you via email first, then migrate to phone and screen share if needed. 

Which solution did I use previously and why did I switch?

No previous solution.

How was the initial setup?

I wasn't part of the implementation. 

What about the implementation team?

I wasn't part of the implementation. 

What was our ROI?

I think we have a great ROI due to the improved visibility and management that the solution now provides us. 

What's my experience with pricing, setup cost, and licensing?

I wasn't part of the setup cost. Pricing and licensing seem fair. Licensing depends on how big your organization is. We haven't had any issues with purchasing more licenses for our growth. 

Which other solutions did I evaluate?

This solution was in place prior to me transitioning to this role. 

What other advice do I have?

No additional comments. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Global Network Security Engineer at General Motors
Real User
It easily scaled up to support our hundreds of firewalls.

What is our primary use case?

Provides visibility to firewall policies. 

Single tool to engineer changes and track approvals for audit compliance.

How has it helped my organization?

A Central tool to track firewall requests. 

Using AlgoSec API calls to integrate with other apps (ex: central IT request portal)

What is most valuable?

Standard view of firewall policies, regardless of vendor (ex: Checkpoint and Cisco). 

Built-in reports to aid in policy cleanup (ex: unused rules or objects, covered rules).

What needs improvement?

Faster HA/DR failover - with very large databases, it takes a long time to failover / failback.

Provide even more REST API calls (ex: rule removal API)

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

Product and appliances have been very stable.

What do I think about the scalability of the solution?

It easily scaled up to support our hundreds of firewalls.

How are customer service and technical support?

Both are excellent. 

Customer service is clearly important to AlgoSec. I never get the feeling they're just trying to sell me something, they sincerely try to assist with the best solution for us.

Tech support is extremely knowledgeable and responsive. If I could score them 11, I would. 

Which solution did I use previously and why did I switch?

Did not use another solution previously.

How was the initial setup?

Initial deployment was straightforward. The FireFlow workflow can be configured to match the existing flow - customizing this to match any workflow permutations takes the most time. 

What about the implementation team?

Through a vendor team. They were top-notch - extremely knowledgeable and great to work with.

What was our ROI?

Unknown.

What's my experience with pricing, setup cost, and licensing?

Explore the possibility of running on a VM instead of dedicated hardware.

Which other solutions did I evaluate?

I was not part of the evaluation.

What other advice do I have?

The tool is very flexible. Be sure to allocate sufficient resources to deploy & customize it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free AlgoSec Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2025
Buyer's Guide
Download our free AlgoSec Report and get advice and tips from experienced pros sharing their opinions.