AlgoSec Reviews

Our primary purpose right now is Firewall AlgoSec Analyzer so we can ensure that our rules are nice and tight. We also use the configuration report to make sure that the firewall configuration is nice and tight. 

We are starting to use modeling. AlgoSec Firewall Analyzer enables us to input details about what we would like to do to see what firewall changes would be required, if any. Also, if we are having problems with getting an application running across the network, then we can use that to establish what firewall rules might be giving us problems.

As a small branch office focused on wholesale banking, we have a very flat network that we are trying to improve upon. Over the course of last year, everything has been flat and accessible. Now, we are breaking into VLAN segmentation. That is where Firewall Analyzer will really come into good use, because it will help us to limit the traffic to only what is necessary. 

We have some cloud. Our core banking is with a different organization, which is in the cloud. We also have a couple of other treasury cloud applications in the cloud. However, a fair amount of our network is within our data center and office. So, we have a hybrid model.

We are very simple. The benefit of AlgoSec Firewall Analyzer right now is to give us skills that we don't already have with our people. Also, when we get into our periodic reviews, AlgoSec enables us to do it without adding additional staff. Something that we are not able to do because that is controlled in the Chilean head office. So, we need to make the best use of the best tools to secure our environment with a minimal number of people.

AlgoSec reduced the time it takes to implement firewall rules in our organization. Before, our firewall rule review was always done manually. When we installed the appliance and ran the report, we quickly found half a dozen areas where we were more exposed than we needed to be. The manual process used to go on for weeks. The AlgoSec process right now, as we develop and become better with it, takes only a matter of two or three days. We can have a good solid review, then we can get into very specific details about any rule or configuration with the objective of ensuring least privilege. Only the things that are needed to support business activities are allowed.

We are a regulated industry: financial services. We are obliged to at least annually review our firewall rules for risk. Are they too permissive? Are they not needed? Because we have this tool, we can now do that once a quarter. Before, we only did it once a year. 

We are a small branch of a much larger organization in Latin America. The rules that were set up allow free flow of information back and forth, i.e., network connections. Right now, with ransomware being what it is, we are starting to review those rules because they are too permissive. Another way that AlgoSec is helping us, internally, is working with our head office to make sure that they are treated with least privilege. Something that is not normal. Something that didn't happen, "Just because."

I have been with this organization for about two years. All the wide-openness of the network communications was just a bad event waiting to happen. AlgoSec Firewall Analyzer has given us the great ability to dig down into the details and work at a level above the skills that we already have, making sure that we are in a process. It started months ago and will continue for seven more months. That network traffic in and out of our perimeter is the least that it should be.

We work with multiple security vendors. For just IT alone, we have three primary vendors and a couple others that pitch in when needed. AlgoSec Firewall Analyzer helps us to make sure that we allow only what they need and that we keep them to the internal assets. They are external third-parties. We have high assurance that they are only able to access network assets that are part of the contract. Another vendor manages our firewall. The reason we have them do it is because we don't have the expertise amongst our people. So, the addition of the AlgoSec Firewall Analyzer enables us to have the intelligence of what is good and what is less than good. Thus, we can help keep that third-party on the rails, that they are doing good things for us, and we have the evidence to prove it.

We are getting into using AlgoSec to implement and manage micro-segmentation initiatives. One of our audit concerns was the flat network, and we started to work based on what we already know to create a test segment. However, AlgoSec is helping us to validate the traffic that will be allowed into that new segment, restricted to only that which we need. No sense in creating an isolated network if bad things can still flow back and forth between test and production. So, AlgoSec is a tool that is helping us make sure that we have all the isolation that we need. But, because of the syslog counters, we can also tell over time whether we did a good job in the first place and whether the remaining rules that we configured to be nice and tight are still needed for business purposes.

The most valuable is helping us determine where our rules are too permissive. Based on previous human review of our rules, they are very cursory. We know why we do something, but we don't get into the details of whether the rule is nice and tight. What Firewall Analyzer lets us do is understand the risks presented by our rules. The tool does a calculation of all the traffic that could be allowed and we can match that to whether it should be allowed. Another thing that we have recently started to do, but only about 100 days ago, is collect syslog events from the firewall that now tell us whether the rules that might be well-configured are actually being used by people or traffic. Our next step will be to start eliminating well-formed rules that just aren't needed.

The overall visibility that AlgoSec gives me into our network security policies is perfect. We think about separation of duties. As the information security officer, I shouldn't be logging into the firewall and playing around. What AlgoSec does is give me the ability to see everything about the firewall: its rules, configurations, and usage patterns. It gives me all the visibility that I need to make sure that we are doing what we should do to keep it tight. There is no perimeter anymore. We have to be very careful what we are letting in and out, and Firewall Analyzer helps us to do that.

Another very useful feature of the AlgoSec Firewall Analyzer is it will alert us to changes in firewall rules and configuration. So, we have a third-party who manages our firewall. AlgoSec gives us notification, if they go in and make changes either to the configuration or rules, so we can keep track and make sure that only authorized changes are occurring.

We are using AlgoSec directly against our Cisco Firepower. At first, AlgoSec didn't work with Firepower. It didn't know how to read the logs. So, improvement has been made. Now, the feature that was available on the older generation firewall is available on the current one, but this is a problem which has already been dealt with.

I became familiar with AlgoSec Firewall Analyzer way back in 2004. I was trying to do some independent consulting, and part of that is a good firewall review. So, I started to look for tools. That is when I had my first discussion with AlgoSec. Since then, I have used it a couple at different organizations, including the one where I work now. It has been quite helpful with making sure that our firewall configuration is all that it should be.

It is set and forget. I don't have a lot of Linux or Unix experience, at least not in the last 20 years. So, that has been removed from me. The appliance comes and we connect to the command line. Anything I need to do is menu-driven. So, it is easily maintained by people whose skill set changed from hands-on to management quite awhile ago.

Scalability is not something that I have had to concern myself with right now.

Currently, we have five people who use it to either tune the rules or find out answers to questions about the network and flows.

We have a customer success manager, Matt, who is terrific, very responsive, and always there for us when we need it, providing quick answers. This also applies to the support desk if we raise a ticket. I did have a problem after we installed the A32 version, where I was getting some errors in the email. The engineers got into the code and found some code that needed to be corrected. I don't remember exactly what the problem was, but it took less than two hours to find and correct it. So, the support has been superb.

At this bank, it replaced the manual solution, where if you were not a Tier 3 Network Engineer, then you were probably not going to be able to get into the details and nuances of any of the rules and configurations. So, they get glossed over. The firewall review done manually is more of a sanity check. "Do we need the rule at all?" is really the question that gets asked, not whether the rule is done correctly to support privilege and least access.

The setup was quite easy. 

if I were to take out the fits and starts that were our responsibility, the installation was less than four hours. Then, the upgrade was done because we went from version A30 to A32. That took about an hour and a half. It was very simple and straightforward. Now, when I need to do regular releases, i.e., patches, I can do them myself. It is menu-driven. It's pretty easy.

AlgoSec's support was there for us. We worked with them. They did all the heavy-lifting. It was easy to schedule as well as very flexible, as we got our act together. Organization is important. 

One staff member would have been sufficient for deployment and upgrades, but I made sure that our IT staff population representation was there so they understood the tool, where it was going, and how it would be used. However, it easily could have been done with only one person on our end.

In the end, I did a calculation. When I think about the number of people, when we did the manual way, who had to be involved, and how long did it go? Did we risk being out of compliance with regulations? There is a big cost to that. It is cheaper operationally to work with AlgoSec than to try to do this manually.

AlgoSec has absolutely helped to simplify the job of our security engineers. It gives us a level of expertise that we didn't have within our own staff. AlgoSec showed us that what our staff could do wasn't good enough. So, it is a force multiplier. It enables us to have the expertise that we don't have, but it also gives us the cycles, e.g., the actual ability to extract the rules, evaluate them, and then assemble them into a form that we can present to auditors and regulators, if needed. This greatly helps us. As a tool that has so many features, there are certainly more that we can grow into, but the ones that we are using right now have been of a substantial value to us. This is even being commented by our auditors from one review period into another.

The staff enjoy it. There is always that dynamic between security and IT. IT has projects to do and serve the business. Security isn't quite seen in that same light. So, they enjoy it because they don't have to spend the time to go through the rules, trying to reverse-engineer what is going on, and it takes care of a lot of the documentation for them. It keeps them in the zone that they are used to working with the correspondence that belongs to the rule, allowing them to understand the details. This has helped us understand ourselves better, how we operate on the network layer, and saved us the time of actually doing the rules. So, we are much better with our compliance, audits, and regulatory requirements, but we are also better in our security. Two things that an ISO always has to be concerned with - compliance and actual security. This tool acts like another person on staff, increasing our ability to be very fine-tuned on rules. We will be using it for a while to come.

I am a fan of AlgoSec for its pricing. As a small branch, getting any amount of money, is very difficult. Less than a thousand dollars, that will take some effort for two reasons:

1. Asking for money.
2. It wasn't in the budget. 

The price came in where we really didn't even need to have much of a discussion. That was very good. There are also options regarding what you want to pay for. It wasn't really pushed on me that I have to get all of it or else I can't be an AlgoSec customer. 

There are training and support levels that come in beyond the product itself, and we did subscribe to the training. We also have the support. The pricing has been very approachable, and that is why we have it here.

I have looked at other options along the way, like Skybox. AlgoSec came to the market before the alternatives did. When I become aware of it and something is good, I stick with it. Why change? 

I went to the Gartner page and looked at who the competitors were. I looked at customer reviews and things like that. However, because I have had such a good experience with AlgoSec Firewall Analyzer, I continue to use it. I have found no reason to go with any of the other alternatives.

Our local policy is that I have to be able to compare at least three products when I go to management to ask for money. I did exactly that. I took three alternatives and brought them to our management team. I explained the whys and wherefores for why I was promoting AlgoSec. Now, we have it here in our environment.

I would recommend, "Do it," in regards to implementing AlgoSec. I wouldn't have been with it since 2004 if it wasn't among the best tools. I have tools in vulnerability scanning and SIEM/SOC as well as tools for authentication. There are a lot of tools. As a security guy, I have been doing this since 1997. When you find a product that delivers, you stick with it, and AlgoSec is that type of product.

I have been so pleased with the tool. It sounds cliché, but I haven't gotten to a point yet where the tool hasn't provided for me. This is why I always come back to it. For an organization as small as ours, it gives us a tool that is affordable, easy to implement, and the expertise that we were lacking.

When I need it, it is there. If I have a question about an endpoint or protocol, I am trying to resolve audit points about what ports are listening and why, or I have to figure out how to isolate something more than it already is, AlgoSec is the tool that I go to first to get information and answer some of these questions. In most cases, all the details and rules are all right there. It has been great.

I have seen the capability for AlgoSec to enable us to manage multiple or dispersed environments in a single pane of glass. Because I am such a supporter and have seen the value that AlgoSec can bring to more than one organization, I invited the CSO office in Chile to attend a work session with us so they can start to see everything that AlgoSec might do for them. I knew that it was on their task list, and they have a need to get into the same area. The potential is there that our head office will begin to use the tool, having seen how it has been helping us in just our local office. They need it more because they do have a broader array of firewalls, connections, and things like that. So, I'm looking forward to that.

I know for a fact we are not getting all the value out of the appliance that we can. I know for a fact we are getting more value out of the appliance than we intended when we licensed it. Those are good things. The visualization of our network is helping me. There are diagrams that can be drilled into which help me. When you are small, going over to IT all the time and asking questions isn't always the best thing. It is disruptive. Then, I have to worry whether I got the right answer or not. AlgoSec removes those things. I see what is happening and I know that it is based on the facts. There are five of us using it. I am sure that we use it every week, probably not every day to answer questions, and we are running monthly reports, which are automated, so we have a good history. So, we have the opportunity at any point to identify problems and resolve them.

What we have learned from using AlgoSec Firewall Analyzer: We didn't understand our risk with our firewall. It is good that we relied on a credible third-party, but what we saw was rules could be better configured. These are our protection to the outside world between the bad world outside and inside, between our head office and us. I worked for a Wall Street firm, and we didn't trust anybody. It is a big deal now with zero trust. This tool will help us to get there, dialing things down.

For the AlgoSec experience (the company, product, support, and people), I want to give it 10 (out of 10). Nobody trusts that, but they have been very good to me. The boss who didn't like spending money is very happy with the results. I brought it back to him and showed him what we have been able to do past our manual efforts, and it resonates with him. It makes sense to him. He reads the paper. He sees how quickly ransomware can spread across a network. One of the things that we can do to help protect against that is make sure that we have good segmentation and only the endpoints which really need to talk to each other are allowed to do so.

We have actually played around quite a bit with the network flow piece of it (with the routers). That has helped us troubleshoot a few things with data flow and where it might be stopped or redirected to an incorrect location.

We use the following components of AlgoSec: AlgoSec Firewall Analyzer (AFA), FireFlow, and AppViz. We have a very limited cloud deployment at the moment.

We have a very complex network environment. It requires very specific compliance protocols to be put in place, including HIPAA compliance, PCI compliance, and HITRUST compliance. Therefore, we have very specific rules that we have to adhere to. We have 13 sites with very complex setups at each site to allow for redundancy and security, utilizing multiple vendors and technologies to achieve that. 

We are currently developing and going to have a hybrid deployment for the cloud and on-prem. Right now, 98% of our stuff is on-prem, and that will change. We are probably going to be about 75% on-prem and 25% in the cloud, which is very complex. This will allow our external vendors and external clients in as well as all our internal resources.

They have compliance rules built right into the system. Right out-of-the-box, you can run a compliance check against your environment that tells you exactly what needs to be fixed and why. Their compliance check is phenomenal. They even have a base compliance check. So, you can set your own standards to make sure that all your equipment meets those base compliances that you have for internal standards.

AlgoSec has reduced the time it takes to implement firewall rules in our organization. While our usage of it has been fairly limited to what we have tested so far, it has probably reduced the time by about 30%.

It gives us 100% visibility into our network security policies. It has given us a couple of surprises. Over the years, the network that we are administrating has been subject to people who have an idea of how a network should be set up. That differs from technician to technician or engineer to engineer. So, we are finding little pockets of hidden little self-engineered configurations and the way things were done that nobody knew about. Once the engineer left, the knowledge of that setup disappeared. You don't know about those until something either goes wrong, or you get something like AlgoSec to discover it for you, and it says, "Hey, there is this going on over here." 

It has helped us figure out how it was set up and why it was set up that way, then allowed us to engineer it so it fits a little better into our standards. We found a couple of secrets in our network that nobody would have known about. If we had an outage on those, nobody would have been able to figure them out without a tool like AlgoSec. This would have been a complete outage for our organization. Since we are healthcare insurance, that is a significant amount of money.

It has helped to simplify the job of our security engineers. We have a snapshot of where we are at with the correct data that we need to be able to fix the issues that we have. We keep finding little secret pockets of out-of-standard configurations that need to be addressed.

AlgoSec absolutely provides us with full visibility into the risk involved in firewall change requests. There is a risk analysis piece of it that allows us to go in and run that risk analysis against it, figuring out what rules we need to be able to change, then make our environment a little more secure. This is incredibly important for compliance and security of our clients. We deal a lot with patient health information that needs to be secure for physicians who are dealing with it and the patients themselves.

The most valuable for us so far has been the firewall rule analysis. Just to be able to get to a point where our infrastructure is secure and stable. The analysis runs everything that we actually need. When we run a report, we need to look at the report, then go back to the analysis because the analysis has all the information for us. We just have to match up the analysis to the report.

We have a security vendor who runs an analysis on the logs that we send them. We have multiple vendors who come in and do an annual security assessment. We have multiple vendors who come in and do an annual penetration test. We have vendors who deal with the end clients as well as vendors who deal with the servers for security, in addition to our firewalls, routers, and public interfaces. AlgoSec takes all of the information on our network, puts it into one single pane of glass where we can go and request what we need from the vendors. Plus, there are reports in AlgoSec that we can run and send out to our vendors so they have an eye into what we are looking at.

The reports are lacking information when they come out. They will not pull the URL or application information from Cisco FTDs. I know this works for Palo Alto Firewalls, which we currently do not have. If they could improve the integration with Cisco FTDs as a whole, that would be immensely helpful.

We are actually in the process of purchasing AlgoSec. We have gone through a proof of concept with them. Right off the bat, running through that proof of concept with them was absolutely fantastic. Usually, they have an offsite proof of concept server that you connect up to, then kind of take a look at their technology to see how everything works and if you like it. However, we have a different setup onsite for some of our firewall rules. We wanted to make sure that their application/appliance worked on our internal environment. They were more than willing to set up an onsite PoC for us so we could make sure everything did work.

The stability is fantastic. We haven't had an issue with stability at all.

Two people are needed for maintenance (someone for backup plus me). Maintenance on it is fairly limited. It is very automated in the way that it handles all our data and firewall needs.

The scalability is easy, just add more licenses if needed, then turn up another virtual machine. It is pretty straightforward.

There will probably be a dozen of us actually utilizing AlgoSec. This will mainly be the network and security team, then the security team themselves.

During deployment, the technical support fixed our issue within 30 minutes of the phone call.

We are in the process of doing microsegmentation right now. That is one of the reasons why we started looking into a utility like this because we needed to get that current snapshot of where we are at and where we need to go. AlgoSec is beyond phenomenal for helping to create and manage this type of initiative. With the automation piece and the fact that we can take a look at the traffic that is currently running through our firewalls and automate the rules being created for that. This will take a lot of manual work off of our shoulders that would have taken many man-hours to be able to implement.

We ran into some errors/issues, so it probably took us a week to fully deploy it. The process was straightforward except for the typos that we had in the programming. Without those typos, it would have been up within half a day.

We had an implementation strategy that we laid out beforehand and went forward with that.

James, the AlgoSec engineer who was working with me, spent about two weeks on and off with me trying to get the solution up and running, and he was successful at it. This was so we could utilize their proof of concept in our environment to make sure that it would fit our needs.

Because we went from having no unified tool to having AlgoSec, it has improved our security platform by probably 80% in just the short time that we have had and used it. It is invaluable. There is no question in my mind that it is a tool for anybody who has multiple sites, firewalls, and routers. It is something that everybody needs to look into getting because it is invaluable.

Even if we were to pay the first quote that we got, AlgoSec would be worth it. Just having the automation and that overall look into your security platform, you can't be without it.

We are working with our finance department right now to be able to purchase it. The AlgoSec team is doing everything that they can in their power to get the costs down to where our budget is. They have worked a lot on it. They have cut the cost in half for us so far by questioning, "This is in the quote. Is this something that is actually needed?" They have pulled some stuff out and cut our costs down by 50% for the product itself.

There were four of us involved in the evaluation of the product.

We compared this tool to two other different tools. Even with their higher-end solution, when we had the full budget for this, AlgoSec was less expensive than some of the other top tools. We looked at FireMon and Tufin. The reason why we said, "No," when we had budget to FireMon and Tufin is because they were not pulling in the application data or URL data. 

AlgoSec actually pulls application data and URL data in. AlgoSec is a little easier to use than the other solutions. Cisco recommended AlgoSec to us.

Don't trust what you think you know about your network. There are surprises everywhere, and sometimes it takes a utility like this to find those.

Don't don't hesitate. Go get it. If somebody came and asked me for an analysis tool, AlgoSec would be at the top of my list.

The integration is fine.

Migration to the cloud is on our roadmap. 

We have not set up any automation quite yet, but that is on the roadmap. That will make the tool even better.

I would rate this solution as a nine (out of 10).

I use AlgoSec for compliance reports and security purposes. I also use it for monitoring. Monitoring is the best part of using AlgoSec, as I can monitor and connect again in security mode.

AlgoSec has improved the functionality and the comfort of my organization. Whenever I have any issue, there is a chat box from the AlgoSec team that can help me whenever I need it. It's very easy to use, and I have done integration with it.

AlgoSec allows me to monitor who is making a change on my Check Point device. It is very easy to monitor.

I cannot think of anything that could be improved. Everything is good.

I would like for there to be more AI functionalities.

I have been using AlgoSec for about two years now.

There are zero stability issues. It's stable.

It is scalable.

The customer service and support are satisfactory. I am satisfied with it.

Positive

The initial setup was straightforward and took about forty-five minutes. I didn't have any issues when implementing it. 

There are two of us in our team, myself and one colleague.

The pricing is moderate. It's not that cheap and it's not expensive.

I would recommend Algosec to all. It is very easy to deploy, scalable, and enables us to monitor.

I would rate AlgoSec a ten out of ten.

App Flow, Firewall Analyzer, and FireFlow are utilized. For gap-cleaning efforts to improve the firewalls and to gain visibility into firewall rules, we use AlgoSec. In order to maintain a clean environment, have a set of firewalls that are optimized, and then automate the deployment of firewall rules, we also employ the solution as a firewall assurance tool.

Our goal is to increase our understanding of firewall regulations. We utilized this tool to conduct a gap-cleaning project and tidy up our firewalls. Furthermore, we rely on this solution as a firewall assurance tool to ensure our rules are optimized and up to date. Additionally, we use this tool to automate the entire process of deploying firewall rules, ensuring a smooth change process in FireFlow, and allowing us to automatically deploy the firewalls on our appliances.

Security policy management entails far more than simply inspecting a device and applying certain rules. It is all about improving and automating time-consuming security processes so that staff can concentrate on more strategic responsibilities. AlgoSec FireFlow, for example, enables enterprises to process security policy changes in minutes or hours rather than days or weeks. It automates the entire security policy change process, from design and submission to proactive risk analysis, implementation, validation, and auditing, using intelligent, highly customizable processes.

The most valuable aspects of the solution include:

Dealing with misconfigurations. Automating manual processes reduces misconfigurations and prevents nearly all firewall breaches caused by misconfigurations, rather than flaws.

Automation as a strategy. Network policy automation is not an end unto itself. Rather, it supports the business strategy of maintaining security, ensuring SLAs, increasing cooperation, and reducing friction between departments. It improves competitive differentiation through better customer engagement, e.g., by moving applications to the cloud. Network policy automation aids regulatory compliance, and frees IT time from housekeeping so it can be applied to digital transformation and supporting strategic initiatives.

Understanding visibility requirements. With the help of advanced NSPM tools, network administrators and security managers can gain a deeper understanding of their network devices and business applications. By analyzing traffic flows across various vendor devices and hybrid infrastructures, they can identify security vulnerabilities, simplify troubleshooting, and uncover new applications and services.

To provide comprehensive instructions on product integration, a manual page can be added to the dashboard at the integration point. This will make it simple for the system administrator to incorporate new goods, even if they are unfamiliar with them thoroughly. Every time we integrate a new product, we shouldn't have to wait for coordinated work with a product specialist.

Due to the fact that AlgoSec's user interface is less friendly than that of other programs, it might not be appropriate for persons with little experience in security or IT. It does, however, allow for more customization. As a result, the interface can be regarded as more sophisticated.

I've been using this solution for the last two years.

For cybersecurity, AlgoSec automates application connectivity flows reliably.

The scalability is available via:

High-Availability. AlgoSec appliances can be clustered for fault tolerance, ensuring availability if system components fail.

Disaster Recovery. AlgoSec appliances can automatically synchronize data with offsite appliances to provide redundancy and ensure data preservation in the event of a failure at the primary site.

Geographically Distributed Architecture. AlgoSec appliances can be deployed across distributed sites for the local collection of logs and rulesets.
This data is then efficiently transmitted to a central appliance for processing.

Load Sharing. AlgoSec appliances can be clustered to share data workloads across multiple appliances for faster data analysis and reporting.

It was a wonderful experience dealing with customer service and support.

Positive

The initial setup is straightforward.

We implemented the solution in-house.

We've noted ROI in the following ways:

Automation. By analyzing the firewall rulesets, the network topology, and your corporate security policy, FireFlow can save more than 50% of the time required to process a firewall change. From automatically pinpointing the exact devices that need to be changed, to proactively assessing the risk and designing the change in the most optimal way. With AlgoSec’s ActiveChange technology, administrators can also automatically execute the change on the firewall and save even more time.

Accuracy. As much as 30% of requested firewall changes are not required, and many others are implemented incorrectly. FireFlow can automatically identify and close “already works” requests, and also ensure changes are performed exactly as requested.

Auditing. In order to meet regulatory and internal security requirements, IT find themselves spending a lot of time ensuring each change is properly documented to address any questions an auditor may have. FireFlow maintains a detailed history of every step of every change request and saves precious time. It even identifies changes that were performed without a formal request.

AlgoSec is a useful firewall management tool for organizations that require management of multiple firewall levels.

One of the standout features is its ability to provide visibility and control over security policies. The product offers a centralized dashboard that gives an overview view of the entire network infrastructure, including firewalls, routers, and switches, regardless of their vendor or location. This unified view enables administrators to easily manage and modify security policies from a single platform, eliminating the need for manual, error-prone processes. 

AlgoSec also provides a powerful rule analyzer that detects and highlights any redundant, overlapping, or conflicting rules, helping organizations optimize their security policies for maximum efficiency. AlgoSec also allows administrators to define and enforce a standardized change management process, reducing the risk of unauthorized or misconfigured changes.

AlgoSec's compliance management capabilities have helped a lot in my organization. It offers predefined compliance frameworks, such as PCI DSS and HIPAA, and assists organizations in mapping their security policies to these standards. AlgoSec can generate comprehensive reports that demonstrate compliance with regulatory requirements, simplifying the audit process. 

It also provides continuous compliance monitoring, alerting administrators of any of policy violations or any changes that may impact compliance.

The visibility of security policies and automation is the most valuable feature of AlgoSec. It offers a range of automated workflows and processes that accelerate security policy management. For example, it can automate the process of rule recertification, ensuring that rules are regularly reviewed and validated. 

AlgoSec also facilitates policy optimization by automatically suggesting rule modifications based on industry best practices or specific compliance requirements. By automating these repetitive tasks, AlgoSec frees up valuable time for security teams to focus on more strategic initiatives.

AlgoSec offers almost everything that clients want and has a robust set of features. That said, there are a few areas where it could improve. The user interface, although functional, could benefit from a more modern and intuitive design. Additionally, the initial setup and configuration process may require some technical expertise, which could pose a challenge for organizations with limited security resources. A simple tutorial about the initial configuration on Youtube could provide a lot of help. Even a self-guide link inside the GUI would be helpful.

I've used the solution for two years.

The initial setup was complex.

The implementation was handled in-house.

We use the solution for rule optimization. We had almost 100+ firewalls in our network. AlgoSec helps us to manage the firewalls more effectively.

AlgoSec made our work simple in managing the multivendor firewall rule. Audit-ready reporting is an awesome feature.

The most valuable aspects of the solution include policy optimization, rule cleanup, and network discovery.

They need to do some improvements in multi-vendor firewall policy migration. They need improvements in network discovery. The solution could fix some bugs in the A32. Fireflow needs to be a little more user-friendly.

I've used the solution for the past four years.

The scalability is good.

We previously used Firemon. AlgoSec has more functionality and is user-friendly to manage our firewall more effectively.

The initial setup is good.

The ROI is good.

AlgoSec provided the best price and the team helped effectively with the support and A32 migration.

We did look into Tufin.

The solution is the best in the market.

We have implemented the AlgoSec ASMS solution with the AFA Firewalls analyzer, AFF Fireflow, and AppViz application security,

We are using all these modules to have a more tightened and secure environment. The AFA we are using is it to optimize and clean the firewalls' rules and to comply with the cybersecurity policies and standards. 

The Fireflow is integrated with the ticketing system to simplify and facilitate the opening of tickets process and document it for later reference.

The AppViz module is used to secure and optimize access to the applications in a secure way.

The solution has allowed us to:
• Easily prove compliance during internal or external audits
• Has reduced resources needed to manage firewall changes

With the AlgoSec firewall analyzer, it now takes us half the time to deploy firewall changes and policy optimization.

The AFA also provided us with the flexibility and intelligence that reduces human error and risk.

It allows the security compliance team to focus more on providing a better level of security and compliant devices than on the process and changes.

AlgoSec Firewall Analyzer offers great security policy visibility and the analysis has changed the firewalls management and operation, including firewall rulesets cleaning, optimization, tuning, and ensuring compliance with the company and PCI-DSS requirements.

Also, the fact that this firewall management solution will reduce the resources needed to manage the firewall changes the management processes and audits.

It leads to a quick response to any type of audit whether it's an internal audit or an external audit.

Releasing hot fixes or patches is late compared to other security products.

Also, the integration with the Cisco FTD security group tagging is still not supported, so we cannot get the rules with SGT-ACL, and still there is no clear roadmap to support such a feature.

The user interface can be more friendly. They could work on enhancing it by adding step-by-step guides in the GUI of the AlgoSec AFA.

It's better to give some priority to the integration with other security systems and enhance this capability.

I've used the solution for about two years.

I did not use another solution previously.

I did not evaluate other options. 

We use it for planning firewall changes and traffic simulation queries.

We use AFA (AlgoSec Firewall Analyzer) and FireFlow. Our network environment is mostly on-premises.

It has improved the way our organization functions in that, for our change process, we now require all changes to be planned using AlgoSec so that the security team has visibility into the changes and we're aware of any risks. We also are using the covered rules and risky-rule detection to improve our security posture.

We haven't fully implemented the processes, so we haven't measured any reduction in human error as a result of using the solution, but subjectively, it has reduced human error.

It has also helped to simplify the jobs of our security engineers.

The most valuable features for us are the functionality it provides for our two main use cases: planning firewall changes and traffic simulation queries.

We haven't used it yet to prepare for audits and ensure our firewalls are in compliance, but I think it will be very helpful for that. That's one of the main reasons we bought it.

We are using it with a couple of Cisco technologies and we're also sending events out to our Microsoft Sentinel workspace. We have a couple of other security technologies in there as well. AlgoSec integrates well with the Cisco ACI environment and with our Firepowers, our FTDs. There are still some bugs but it generally works well.

The overall visibility it gives us into our network security policies is pretty good but it has some bugs and shortcomings. It doesn't support all features on our firewalls. For instance, planning changes, which include net rules, doesn't work. It didn't integrate so well with the ACI network. It doesn't work with all firewall rules or with net rules on our firewalls.

For about 70 percent of firewall changes it does show us the risks, while for 30 percent of the changes, we can't plan because of these bugs and shortcomings.

I have been using AlgoSec for about a year.

The stability is good.

We've had no problems in terms of scalability.

I'm sure we will continue to add firewalls to it and we want to do more with the FireFlow.

Their technical support is good but it can be slow.

Neutral

The initial setup was straightforward.

We have about 10 engineers using it, and just one person who looks after it, maintenance-wise.

We used their personal services to help us set it up. We had an onboarding package. It wasn't me doing the configuration but it seemed straightforward with their support.

Our experience with them was good overall. We had some frustrations and surprises in the early days with the product not being completely compatible with our environment. But over the last year, they've been fixing the bugs which is making it much more usable. When we started, it had a lot of problems with our environment. We were only able to plan something like 40 percent of the changes, and the traffic simulations weren't working with our network environment. But now, we're up to close to 70 percent.

It took about nine months before it was properly integrated and enough of the bugs had been fixed for it to be helpful.

We are not measuring the effort saved or the errors avoided, but we think it's a good investment.

Initially, it was more expensive, but we managed to negotiate the price. It's about average now.

In addition to the standard fees, we bought the Jumpstart package to help us configure it.

We looked into Tufin. We chose AlgoSec because of its support for Cisco ACI. Tufin was just releasing that and we felt that AlgoSec was a more mature product.

At the moment, it hasn't reduced the time it takes to implement firewall rules in our organization. It's being used to improve the quality of the changes we make and improve visibility. But we haven't fully implemented the FireFlow features. That's our problem, rather than the tool. We just haven't finished implementing it.

We're only using AlgoSec for on-premises, but we do have environments in the cloud and we plan to use it for those in the future. It would help us manage these multiple environments in a single pane of glass, but for the moment we aren't using it in that way. However, we do have a number of firewalls that we have onboarded from acquisitions, so we are not just using it for our data centers. We're using it for smaller acquisitions' firewalls as well to understand the security posture of companies that we are purchasing.

My advice would be to make sure that the solution is completely compatible with whatever infrastructure you have. We should have spent more time evaluating its support for our infrastructure to avoid some of the problems or surprises we had when we implemented it.