AlgoSec Reviews

We need less time to identify any risks in our firewalls, as we can detect changes in real-time.

We have obtained in easy way to do compliance reports for audit purposes. With this optimization reports, we can clean up unused rules, consolidate covered or redundant rules. We can also define trusted rules that apply.

Risky rules reports help to reduce manual work and identify the main risky configurations to remove. This give us some recommendations on how remediate and their importance.

• Identifying and removing risky rules
• Firewall rules cleanup (unused rules)
• Security compliance reports
• Security baseline settings

A vulnerability management module might be interesting, though not integrated with a third-party vendor. It should be an AlgoSec VM module.

I would like some server integration for vulnerability management.  

Some PDF reports are not so good. E.g., the graphics and reports are not so good. Sometimes, we need to create graphics and reports to compare security ratings across months and groups. 

I have been using AlgoSec for two years. 

Awesome.

Great.

Excellent and very kind technical support.

No.

Licensing is very easy to set up. The pricing is relative to how you want to expand and harden your network security. 

I did not evaluate another solution.

It is a great tool that makes work easier each day. I can't imagine working without AlgoSec and using it for my daily activities. 

We primarily use the AlgoSec Firewall Analyzer.

We have more than ten cluster firewalls and we have deployed the AlgoSec solution suite. We want to check compliance status of our devices. We also need to reduce the number of rules in each of the policies.

In our new data center, we want to automate the firewall policies.

Now, we can easily track the changes in policies. With every change, AlgoSec automatically sends an email to the IT audit team. It increases our visibility of changes in every policy. 

Every month, I use the optimizer to reduce firewall rules. In the summary tab, I can easily track the number of changes in the firewall policies.

The most valuable feature is the reporting, including the policy report and regulatory compliance reports.

In the Intelligent Policy Tuner, the tighten permissive rules tab allows us to reduce the number of rules in each policy. I can easily control, report, and reduce the rules for policies. Also in the Rules Cleanup tab, I am removing unused rules as I feel confident in deleting these types of rules.

Our Information team read Regulatory Compliance Reports that can easily track the compliance status of each device.

Cisco Firepower device support is limited in our AlgoSec system and I think AlgoSec can improve in that area. For example, in FireFlow we can easily track using the ticketing system to integrated Check Point devices. However, with Cisco Firepower devices, we couldn't integrate with them.

We have been using AlgoSec for almost six years.

We did not use another solution prior to this one.

The pricing of AlgoSec is fair.

Before purchasing AlgoSec, we implemented a PoC with each of AlgoSec, Tufin, and FireMon.

We have more than ten clusters behind our firewall. It is essential that we track the changes in policies and the compliance status of devices. AlgoSec can easily do that.

We are using AlogSec mainly for firewall compliance reporting as well analyzing and evaluating firewall policy. That, in turn, means we can actively work on firewall policy optimization and elimination of unused and risky rules. We also using it for compliance reporting. 

The solution has helped us a lot in improving our firewall security optimization as well in evaluating security policy to eliminate the risky rules or secure them. 

Its reporting modules solve all our monthly and quarterly compliance-related reporting requirements. 

Currently, we are using almost all the features of the product to take as much advantage as we can of what it offers. But our primary use is compliance reporting and the Firewall Analyzer helps us achieve our various IT compliance requirements, like ISO-27001.

There is huge scope for improvement in the level of support, especially around the issue of resolution time. That is the only negative point I find in the solution. I hope you guys will work on it and improve your resolution time which will help customers to keep their AlgoSec device healthy.

In the six years we have been using it, we have never seen an outage or failure of AlgoSec or any other software-related failure. 

The product is very scalable. We have never faced any issues related to the scalability of the product. 

As an individual, my experience has been good, but in terms of technical-issue resolution, I am not 100 percent satisfied because of time the AlgoSec team takes to fix issues, some of the time.

Previously, we were using Tufin but we found that solution more complicated when compared with AlgoSec. 

The initial setup was straightforward because of the well-defined GUI platform.

We implemented it in-house.

Given that we have been using this product for the last six years, there is no question about ROI. If we were not seeing ROI, per our expectations, we would not continue with the product. 

AlgoSec is not much more expensive compared to other products available in the market.

We evaluated FireMon but it was more complicated than AlgoSec and did not fulfill our basic requirements. 

Overall, AlgoSec is doing a good job.

We use the AFA to accurately determine rule use and where we can make improvements across our checkpoint estate. We have around 17 clusters of firewalls that are in constant use and frequently change rules.

AlgoSec has given us the confidence to remove unused rules, consolidate where appropriate, and prove reachability prior to searching a rule base to check access for an application or user. Breaking down a rule to specify used objects within groups and protocols used has proved invaluable for us to narrow exposure to potential threats.

A number of features are used more than others. We use the policy optimiser to search out unused objects in rules and determine when the rule was last hit accurately.

The risk and compliance area is key to ensuring we conform to company regulation. Having a number of compliance options to baseline ensures that we get the basics right before looking at advanced risks and remediation.

Finally, the traffic simulator can be used to check if a request from a user or project is already a function enabled or we have a full access change to implement.

• The maps are a little clunky and could be made easier with some automatic layout technology which assists in spacing out the devices for easier viewing.

It runs well with little intervention.

Good, it has the ability to add more devices anytime.

We use Bytes to escalate, and this has proved effective.

No. 

Straightforward, it needs to run for a period to ensure accuracy.

We used Bytes Security to assist in setup and initial optimization. 

Not really applicable.

Setup is easy; we use a VM to run it. Having knowledge in Linux is not a requirement but helps when required to update the software. Also, ensure the reseller has the ability to escalate any issues in case they can't fix it for you. Your licensing should cover the support of the product.

Yes, we looked at Tufin and FireMon.

Put it in, let it collect for up to 12 months and ensure you run regular reports. Only then can you be sure that you don't use rules. Remember, DR testing and failovers sometimes happen on a 6 or 12-month basis, and removing rules covering this will cause issues when you least expect it.

AlgoSec's Firewall Analyzer tool for rule usage and recertification. Our firewall governance group uses the AFA tool to gather object and rule usage on a recurring basis for recertification as well as research and design of new firewall rule changes.

Object and rule usage statistics enable object-level recertification of all rules. AFA usage statistics have enabled our company to establish regularly scheduled recertifications of all firewall rules across all policies.

Traffic simulation queries, policy tuner analysis and rule usage. Traffic simulation queries assist with new firewall change design and reduce manual work effort. Policy tuner analysis and rule usage enable recertification and provide additional validation for new changes.

Support/upgrade processes and documentation. The platform would benefit from additional support articles and guides on the Algopedia knowledge base.

This solution scales well from tens of devices to thousands.

Support interactions have been hit or miss. It is my understanding the AlgoSec is putting a renewed focus on support and documentation to improve this aspect going forward.

No.

Tufin

I would recommend investing the time in a full project to implement the AlgoSec suite if you will be using more than just the Analyzer piece. Fireflow and Business flow would benefit from dedicated standup time and effort to achieve the best results.

We use Firewall Analyzer from AlgoSec. We are mainly using AlgoSec Firewall Analyzer for auditing and analyzing firewall configurations. We have added different vendors inside AlgoSec for analysis. We have added Palo Alto firewalls, Fortinet firewalls, and Cisco firewalls. We are using all of these in our network.

There's an option to collect logs and send them to AlgoSec, but we are not using this option. We have other solutions for this purpose. We have Darktrace, IBM QRadar, etc.

In terms of our network environment, for the on-prem network, we have different security zones. For the data center, we have different DMZs for internal applications. We have different networks in different locations connected to our corporate network. About 90% of our applications are on-prem, and we only have the websites on the cloud.

It's helpful for auditing firewall configuration. If there is any mistake on the configuration side, it helps us to fix it. If there is a complication or there are unused security policies, it suggests removing or double-checking them. It's a good product. It's stable and gives us accurate results.

We have a network with more than 10,000 users. We have a lot of security devices for finance, remote sites, and corporate. AlgoSec is helping us to review and do auditing of the security device configuration. It's helping us to audit and review the configuration for any mistakes for firewalls, web application firewalls, proxies, etc.

When we add a security device, such as a firewall, it analyzes the configuration files for the firewall and gives us a brief of everything, such as security policies, routings, and objects. It lets us know if there is any mistake in the configuration, which is helpful for us. It gives us good visibility of what we have inside our security devices. For example, one of the firewalls that we have has more than 500 security policies. With manual auditing, we cannot analyze or review such a huge configuration. So, we are using AlgoSec Firewall Analyzer for this purpose, and it has saved more than 70% of our time.

It reduces human errors and misconfigurations. It lets us know if there haven't been any traffic hits for a policy for a long time. We can then review the configuration to see why there are no new hits for this. We are reviewing all of this every six months. It makes our work easier. It simplifies the job of security engineers.

Being able to analyze the environment and audit firewall configuration is most valuable. We are working here in the oil sector, and it's a critical environment. Every six months we have auditors coming from the main office and doing auditing for security. We are using AlgoSec Analyzer to help us to do the audit before the auditors come to our office and do the auditing of our security devices. So, it's helping us to do good work and analyze all security devices, including firewalls.

My only concern is related to how they count the number of licenses. We have active and standby devices. If someone adds the standby device by mistake and does an analysis, it consumes two licenses. They need to improve the way they are counting the number of licenses because someone can do analysis on a standby device by mistake. We need a way to fix or solve this issue.

I noticed that some of the oil companies in Kuwait have started to use AlgoSec Analyzer. I see AlgoSec solutions in Kuwait. AlgoSec needs to have sales engineers here. They should have presales or sales consultants so that they can offer solutions to companies in Kuwait.

We have been using AlgoSec for more than four years.

It's a stable solution.

It's scalable. We have 10,000 users accessing services and the internet. We only have two users who are accessing and working with AlgoSec. They are security engineers.

They are cooperative. If we face any issues, we just send an email or open a case through the portal. We can contact them directly. We don't face any issues with their support. I would rate them a 10 out of 10.

Positive

I have not used other tools. We know AlgoSec is a leader in this industry. We haven't faced any issues in the last four years while using the AlgoSec solution. We haven't done any research on other solutions because we haven't faced any issues with AlgoSec.

It's very easy to do the initial setup. It's not a big issue. In about two days, you can configure your device, activate the license, and add security devices. If you have an admin account, you can allow AlgoSec Analyzer to access security devices. 

Its management is not a big issue. Only one person can maintain it.

We have seen an ROI. That's why we got this solution. We knew how we would use it and what would be its benefits. We have seen about 60% or 70% ROI.

We purchase licenses based on the number of security devices in our network.

When I have active and standby firewalls, if I do an analysis of the active firewall and by mistake, I also do an analysis of the secondary or standby firewall, it'll consume two licenses from the total number of licenses I have. So, I need to change the license and make the active firewall secondary. They need to improve how they are counting the number of licenses. We have discussed this with the consultation team of AlgoSec.

I would rate it a 9 out of 10. It's a good product. It's working fine without any issues. We don't face any issues. Our only concern is how they are counting the total number of licenses.

We are using Firewall Analyzer (AFA) to compare configurations from multiple firewalls, such as Cisco ASA, Palo Alto, Check Point, and so on. It helps us to streamline our firewall rules, identify risks, and provide better visibility. This product has significantly saved the time and human efforts in creating and deploying firewall rules. It is now easier for our cybersecurity team to analyze firewalls rules and ACLs, using them in a more efficient manner. Other features are also very important for us.

With the help of this product, we can manage all the network security equipment in a centralized way. We are also able to make requests to our security team about quick and valid changes requests, helping to minimize the workload in documentation, troubleshooting and so on. This helps to identify any wrong or unnecessary changes in the network security perimeter, making sure that all security policies and best practices are followed in our network domain. During change implementation, and especially after completion, we can validate, make sure that everything is working fine, and is up-to-date per our expectations.

It’s capability to build and present entire network topology via map makes team members to easily investigate the entire domain. Whenever new applications and services get on boarded and traffic rules and policies being created it automatically discovered those Apps and services and makes life easy. Each and every performance report can be fully automated using this and saves time in audit and compliance requirement.It also helps us to clean old and obsolete rules or those rules which are not in use otherwise it could be very difficult without this product as team have to log into each firewall and remove rules and policies

We are running multiple hybrid cloud solutions, working with cloud providers, and looking for API integrations with cloud and related interoperability. Sometimes, when we are trying to delete or disable any rule, it takes more time than expected. 

Sometimes, the web browser has issues with slowness. It can be worked out with a click or two. 

We are using Algosec Firewall Analyzer referred to as (AFA) since 2018.

This is very stable, robust product. During extreme load in business hours, it works well without any issues. 

It provides interoperability with all vendor firewalls and the scalability is much easier.

Technical support is always good whenever we contact the support team. We always get an immediate response and a solution within defined timelines.

Earlier we are not using any solution but always planning to procure solution that have ability to integrate multi vendor firewalls into single platform and after assessments and evaluations with OEM products we finally select Algosec as approved solution.  

Initial setup was very simple. Using Quickstart help, any member can take part in deployment and administration from basic to advanced level. 

Only the firewall integration could take time due to some complex interactions. 

We implemented using our own internal team and with the help of AlgoSec technical support team. AlgoSec technical support was excellent and prompt.

It provides an improvement in the firewall process load. It also helps with increasing CPU and memory utilization.

When it comes to the cost of support and licensing, it is much cheaper than other competing products.

We have tried FireMon and Tufin under a non-production environment, but the overall features of AlgoSec were best. Therefore, we choose this product for our production environment.

Excellent product to use and has tremendous support from OEM.

We have not faced many problems or issues using this product.

We also have not tested AI or ML capabilities and are very keen to start working with it now. 

Overall, it is well-maintained, robust platform tool for firewall management.

We use it for planning firewall changes and traffic simulation queries.

We use AFA (AlgoSec Firewall Analyzer) and FireFlow. Our network environment is mostly on-premises.

It has improved the way our organization functions in that, for our change process, we now require all changes to be planned using AlgoSec so that the security team has visibility into the changes and we're aware of any risks. We also are using the covered rules and risky-rule detection to improve our security posture.

We haven't fully implemented the processes, so we haven't measured any reduction in human error as a result of using the solution, but subjectively, it has reduced human error.

It has also helped to simplify the jobs of our security engineers.

The most valuable features for us are the functionality it provides for our two main use cases: planning firewall changes and traffic simulation queries.

We haven't used it yet to prepare for audits and ensure our firewalls are in compliance, but I think it will be very helpful for that. That's one of the main reasons we bought it.

We are using it with a couple of Cisco technologies and we're also sending events out to our Microsoft Sentinel workspace. We have a couple of other security technologies in there as well. AlgoSec integrates well with the Cisco ACI environment and with our Firepowers, our FTDs. There are still some bugs but it generally works well.

The overall visibility it gives us into our network security policies is pretty good but it has some bugs and shortcomings. It doesn't support all features on our firewalls. For instance, planning changes, which include net rules, doesn't work. It didn't integrate so well with the ACI network. It doesn't work with all firewall rules or with net rules on our firewalls.

For about 70 percent of firewall changes it does show us the risks, while for 30 percent of the changes, we can't plan because of these bugs and shortcomings.

I have been using AlgoSec for about a year.

The stability is good.

We've had no problems in terms of scalability.

I'm sure we will continue to add firewalls to it and we want to do more with the FireFlow.

Their technical support is good but it can be slow.

Neutral

The initial setup was straightforward.

We have about 10 engineers using it, and just one person who looks after it, maintenance-wise.

We used their personal services to help us set it up. We had an onboarding package. It wasn't me doing the configuration but it seemed straightforward with their support.

Our experience with them was good overall. We had some frustrations and surprises in the early days with the product not being completely compatible with our environment. But over the last year, they've been fixing the bugs which is making it much more usable. When we started, it had a lot of problems with our environment. We were only able to plan something like 40 percent of the changes, and the traffic simulations weren't working with our network environment. But now, we're up to close to 70 percent.

It took about nine months before it was properly integrated and enough of the bugs had been fixed for it to be helpful.

We are not measuring the effort saved or the errors avoided, but we think it's a good investment.

Initially, it was more expensive, but we managed to negotiate the price. It's about average now.

In addition to the standard fees, we bought the Jumpstart package to help us configure it.

We looked into Tufin. We chose AlgoSec because of its support for Cisco ACI. Tufin was just releasing that and we felt that AlgoSec was a more mature product.

At the moment, it hasn't reduced the time it takes to implement firewall rules in our organization. It's being used to improve the quality of the changes we make and improve visibility. But we haven't fully implemented the FireFlow features. That's our problem, rather than the tool. We just haven't finished implementing it.

We're only using AlgoSec for on-premises, but we do have environments in the cloud and we plan to use it for those in the future. It would help us manage these multiple environments in a single pane of glass, but for the moment we aren't using it in that way. However, we do have a number of firewalls that we have onboarded from acquisitions, so we are not just using it for our data centers. We're using it for smaller acquisitions' firewalls as well to understand the security posture of companies that we are purchasing.

My advice would be to make sure that the solution is completely compatible with whatever infrastructure you have. We should have spent more time evaluating its support for our infrastructure to avoid some of the problems or surprises we had when we implemented it.