Try our new research platform with insights from 80,000+ expert users
MarcelTe - PeerSpot reviewer
IT Technical Consultant at Schneider Electric
Real User
Good support, optimized our security, and streamlined our process
Pros and Cons
  • "This is something that increases business efficiency and helps avoid bottlenecks in our NOC team."
  • "To secure SaaS traffic there are a few vendors such as Palo Alto and Zscaler, but AlgoSec is not yet able to push rules onto these clouds."

What is our primary use case?

First and mostly, as a large company, we had some issues regarding the main rating companies as they found some issues compromising our assets. There are different management systems and models with human interaction and sometimes with a different validation. This was impacting our business, so we put a lot of effort into solving problems, case by case, with manual operations. AlgoSec came into action in order to avoid this and streamline our process.

AlgoSec is one security management tool with the main target to find any rule that is not in compliance with our internal standards. New rules cannot be configured in any firewall unless it has been validated from security.

How has it helped my organization?

We were able to identify every rule configured on each firewall in our facilities with AlgoSec. This included every risky rule, shadow rule, and non-compliant rule. After this, we were working with a fully cleaned-up process.

Now, any rule is pushed automatically with AlgoSec. In fact, every user in the company is raising tickets through it to request a new open flow across firewalls. If AlgoSec detects that this flow has no risk, it is automatically pushed onto the firewall. If not, it goes to a dedicated approval process.

What is most valuable?

Among all of the different AlgoSec modules, I think that FireFlow is the most valuable and we have integrated it into our internal processes. This is something that increases business efficiency and helps avoid bottlenecks in our NOC team. Moreover, we have eliminated any human mistakes that we have dealt with in the past and now we want to avoid as we are moving toward a completely automated network.

What needs improvement?

There are a few things that we have already raised to AlgoSec in order to improve the tool. First, as the highest volume in our network is SaaS traffic, we need to secure this connection. To secure SaaS traffic there are a few vendors such as Palo Alto and Zscaler, but AlgoSec is not yet able to push rules onto these clouds. It’s in the roadmap but this is something that blocks our whole design.

The network map design is not very useful for the administrator as the information displayed is not user-friendly.

Buyer's Guide
AlgoSec
November 2024
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.

For how long have I used the solution?

It's been almost two and a half years since when we were looking for a fully integrated Security Management tool and we decided to run this solution in our multi-vendor network.

What do I think about the stability of the solution?

Stability is good, but we are still debugging tiny things because we have to accommodate the solution to our large IT infrastructure.

What do I think about the scalability of the solution?

It will be good as long as they can move this solution to hybrid or fully cloud deployments. 

How are customer service and support?

All issues raised so far have had a good response SLA.

Which solution did I use previously and why did I switch?

We didn't use any security managament tool prior to this one.

How was the initial setup?

This initial setup was tough because of the network map configuration. There is no visibility on the provider (ISP) because they cannot grant access to us. So, the configuration was mostly set up manually.

What about the implementation team?

AlgoSec was deployed with the support of professional services coming from the vendor. This made the implementation smooth for us. The expertise was good, as they had experience with this solution.

Which other solutions did I evaluate?

We were doing some workshops with both AlgoSec and Tufin. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user837879 - PeerSpot reviewer
Senior Security Analyst at The Hartford Financial Services Group, Inc.
Real User
We use it to assist in processing firewall changes, clean up unused rules and objects, and perform rule re-certifications.

What is our primary use case?

  • We use the Firewall Analyzer extensively to manage our firewall security policies. 
  • We use it to assist in processing firewall changes, clean up unused rules and objects, and perform rule re-certifications.

How has it helped my organization?

We could not effectively manage our security policies before using the Firewall Analyzer tool. We had never performed a firewall cleanup. We could not meet our Audit Requirement of re-certifying without the Firewall analyzer tool.

What is most valuable?

Firewall Analyzer's policy optimization reports: They provide the data needed to perform all the activities mentioned above. 

What needs improvement?

We have had challenges with technical support as mentioned earlier. However, we have a new account team and they are very responsive and addressing our concerns. 

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

We had a number of issues moving from 6.11 to 2107.1 but have found the latest code 2018.1 to be much more stable.

What do I think about the scalability of the solution?

No issues with scalability in our environment. We do not have a large number of managed devices as we only manage our 21 firewalls.

How are customer service and technical support?

We have had challenges with technical support as mentioned earlier. However, we have a new account team, and they are very responsive in attending to our concerns.

Which solution did I use previously and why did I switch?

No, we evaluated AlgoSec and Tufin, and we selected AlgoSec.

How was the initial setup?

The initial setup is very intuitive and not an issue for those with a good understanding of security, networks and the company's use of them.

What about the implementation team?

In-house and we should have employed the vendor/professional services for an engagement to assist in the FireFlow implementation.

What was our ROI?

This is a difficult question to answer quantitatively. I'd say it is a great story when determining ROI for the Analyzer. We could not meet audit requirements, including PCI, which had the potential for large fines going forward.

The ROI for FireFlow is more of an incomplete story, and much of the issue is the way in which we implemented it.

What's my experience with pricing, setup cost, and licensing?

We also purchased AlgoSec's FireFlow tool. We have had challenges getting value from it, and it is because the scope of this tool is very broad compared to Analyzer. In hindsight, we should have created a formal project and management backing to ensure success with this tool. 

The scope of a Fireflow implementation touches many organizations and we did not have an appreciation of the need for involvement of so many.

Which other solutions did I evaluate?

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
AlgoSec
November 2024
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.
IT Support Specialist at Taarak India Private Limited
User
Top 20
Good automation and analysis with helpful support
Pros and Cons
  • "With the help of advanced NSPM tools, network administrators and security managers can gain a deeper understanding of their network devices and business applications."
  • "Due to the fact that AlgoSec's user interface is less friendly than that of other programs, it might not be appropriate for persons with little experience in security or IT."

What is our primary use case?

App Flow, Firewall Analyzer, and FireFlow are utilized. For gap-cleaning efforts to improve the firewalls and to gain visibility into firewall rules, we use AlgoSec. In order to maintain a clean environment, have a set of firewalls that are optimized, and then automate the deployment of firewall rules, we also employ the solution as a firewall assurance tool.

Our goal is to increase our understanding of firewall regulations. We utilized this tool to conduct a gap-cleaning project and tidy up our firewalls. Furthermore, we rely on this solution as a firewall assurance tool to ensure our rules are optimized and up to date. Additionally, we use this tool to automate the entire process of deploying firewall rules, ensuring a smooth change process in FireFlow, and allowing us to automatically deploy the firewalls on our appliances.

How has it helped my organization?

Security policy management entails far more than simply inspecting a device and applying certain rules. It is all about improving and automating time-consuming security processes so that staff can concentrate on more strategic responsibilities. AlgoSec FireFlow, for example, enables enterprises to process security policy changes in minutes or hours rather than days or weeks. It automates the entire security policy change process, from design and submission to proactive risk analysis, implementation, validation, and auditing, using intelligent, highly customizable processes.

What is most valuable?

The most valuable aspects of the solution include:

Dealing with misconfigurations. Automating manual processes reduces misconfigurations and prevents nearly all firewall breaches caused by misconfigurations, rather than flaws.

Automation as a strategy. Network policy automation is not an end unto itself. Rather, it supports the business strategy of maintaining security, ensuring SLAs, increasing cooperation, and reducing friction between departments. It improves competitive differentiation through better customer engagement, e.g., by moving applications to the cloud. Network policy automation aids regulatory compliance, and frees IT time from housekeeping so it can be applied to digital transformation and supporting strategic initiatives.

Understanding visibility requirements. With the help of advanced NSPM tools, network administrators and security managers can gain a deeper understanding of their network devices and business applications. By analyzing traffic flows across various vendor devices and hybrid infrastructures, they can identify security vulnerabilities, simplify troubleshooting, and uncover new applications and services.

What needs improvement?

To provide comprehensive instructions on product integration, a manual page can be added to the dashboard at the integration point. This will make it simple for the system administrator to incorporate new goods, even if they are unfamiliar with them thoroughly. Every time we integrate a new product, we shouldn't have to wait for coordinated work with a product specialist.

Due to the fact that AlgoSec's user interface is less friendly than that of other programs, it might not be appropriate for persons with little experience in security or IT. It does, however, allow for more customization. As a result, the interface can be regarded as more sophisticated.

For how long have I used the solution?

I've been using this solution for the last two years.

What do I think about the stability of the solution?

For cybersecurity, AlgoSec automates application connectivity flows reliably.

What do I think about the scalability of the solution?

    The scalability is available via:
    High-Availability. AlgoSec appliances can be clustered for fault tolerance, ensuring availability if system components fail.
    Disaster Recovery. AlgoSec appliances can automatically synchronize data with offsite appliances to provide redundancy and ensure data preservation in the event of a failure at the primary site.
    Geographically Distributed Architecture. AlgoSec appliances can be deployed across distributed sites for the local collection of logs and rulesets.
    This data is then efficiently transmitted to a central appliance for processing.
    Load Sharing. AlgoSec appliances can be clustered to share data workloads across multiple appliances for faster data analysis and reporting.

How are customer service and support?

It was a wonderful experience dealing with customer service and support.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is straightforward.

What about the implementation team?

We implemented the solution in-house.

What was our ROI?

We've noted ROI in the following ways:

Automation. By analyzing the firewall rulesets, the network topology, and your corporate security policy, FireFlow can save more than 50% of the time required to process a firewall change. From automatically pinpointing the exact devices that need to be changed, to proactively assessing the risk and designing the change in the most optimal way. With AlgoSec’s ActiveChange technology, administrators can also automatically execute the change on the firewall and save even more time.

Accuracy. As much as 30% of requested firewall changes are not required, and many others are implemented incorrectly. FireFlow can automatically identify and close “already works” requests, and also ensure changes are performed exactly as requested.

Auditing. In order to meet regulatory and internal security requirements, IT find themselves spending a lot of time ensuring each change is properly documented to address any questions an auditor may have. FireFlow maintains a detailed history of every step of every change request and saves precious time. It even identifies changes that were performed without a formal request.

What other advice do I have?

AlgoSec is a useful firewall management tool for organizations that require management of multiple firewall levels.

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1335075 - PeerSpot reviewer
Network Security Engineer at Chubb
Real User
Risky rules reports help to reduce manual work
Pros and Cons
  • "We need less time to identify any risks in our firewalls, as we can detect changes in real-time."
  • "A vulnerability management module might be interesting, though not integrated with a third-party vendor. It should be an AlgoSec VM module."

How has it helped my organization?

We need less time to identify any risks in our firewalls, as we can detect changes in real-time.

We have obtained in easy way to do compliance reports for audit purposes. With this optimization reports, we can clean up unused rules, consolidate covered or redundant rules. We can also define trusted rules that apply.

Risky rules reports help to reduce manual work and identify the main risky configurations to remove. This give us some recommendations on how remediate and their importance.

What is most valuable?

  • Identifying and removing risky rules
  • Firewall rules cleanup (unused rules)
  • Security compliance reports
  • Security baseline settings

What needs improvement?

A vulnerability management module might be interesting, though not integrated with a third-party vendor. It should be an AlgoSec VM module.

I would like some server integration for vulnerability management.  

Some PDF reports are not so good. E.g., the graphics and reports are not so good. Sometimes, we need to create graphics and reports to compare security ratings across months and groups. 

For how long have I used the solution?

I have been using AlgoSec for two years. 

What do I think about the stability of the solution?

Awesome.

What do I think about the scalability of the solution?

Great.

How are customer service and technical support?

Excellent and very kind technical support.

Which solution did I use previously and why did I switch?

No.

What's my experience with pricing, setup cost, and licensing?

Licensing is very easy to set up. The pricing is relative to how you want to expand and harden your network security. 

Which other solutions did I evaluate?

I did not evaluate another solution.

What other advice do I have?

It is a great tool that makes work easier each day. I can't imagine working without AlgoSec and using it for my daily activities. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Network Security Engineer at Türkiye İş Bankası
Real User
Optimizes firewall policies and facilitates compliance auditing
Pros and Cons
  • "The most valuable feature is the reporting, including the policy report and regulatory compliance reports."
  • "Cisco Firepower device support is limited in our AlgoSec system and I think AlgoSec can improve in that area."

What is our primary use case?

We primarily use the AlgoSec Firewall Analyzer.

We have more than ten cluster firewalls and we have deployed the AlgoSec solution suite. We want to check compliance status of our devices. We also need to reduce the number of rules in each of the policies.

In our new data center, we want to automate the firewall policies.

How has it helped my organization?

Now, we can easily track the changes in policies. With every change, AlgoSec automatically sends an email to the IT audit team. It increases our visibility of changes in every policy. 

Every month, I use the optimizer to reduce firewall rules. In the summary tab, I can easily track the number of changes in the firewall policies.

What is most valuable?

The most valuable feature is the reporting, including the policy report and regulatory compliance reports.

In the Intelligent Policy Tuner, the tighten permissive rules tab allows us to reduce the number of rules in each policy. I can easily control, report, and reduce the rules for policies. Also in the Rules Cleanup tab, I am removing unused rules as I feel confident in deleting these types of rules.

Our Information team read Regulatory Compliance Reports that can easily track the compliance status of each device.

What needs improvement?

Cisco Firepower device support is limited in our AlgoSec system and I think AlgoSec can improve in that area. For example, in FireFlow we can easily track using the ticketing system to integrated Check Point devices. However, with Cisco Firepower devices, we couldn't integrate with them.

For how long have I used the solution?

We have been using AlgoSec for almost six years.

Which solution did I use previously and why did I switch?

We did not use another solution prior to this one.

What's my experience with pricing, setup cost, and licensing?

The pricing of AlgoSec is fair.

Which other solutions did I evaluate?

Before purchasing AlgoSec, we implemented a PoC with each of AlgoSec, Tufin, and FireMon.

What other advice do I have?

We have more than ten clusters behind our firewall. It is essential that we track the changes in policies and the compliance status of devices. AlgoSec can easily do that.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Sunil Kumar. - PeerSpot reviewer
Works at Maple Leaf Foods
Real User
Significantly improved our firewall security optimization
Pros and Cons
  • "The Firewall Analyzer helps us achieve our various IT compliance requirements, like ISO-27001."
  • "There is huge scope for improvement in the level of support, especially around the issue of resolution time. That is the only negative point I find in the solution."

What is our primary use case?

We are using AlogSec mainly for firewall compliance reporting as well analyzing and evaluating firewall policy. That, in turn, means we can actively work on firewall policy optimization and elimination of unused and risky rules. We also using it for compliance reporting. 

How has it helped my organization?

The solution has helped us a lot in improving our firewall security optimization as well in evaluating security policy to eliminate the risky rules or secure them. 

Its reporting modules solve all our monthly and quarterly compliance-related reporting requirements. 

What is most valuable?

Currently, we are using almost all the features of the product to take as much advantage as we can of what it offers. But our primary use is compliance reporting and the Firewall Analyzer helps us achieve our various IT compliance requirements, like ISO-27001.

What needs improvement?

There is huge scope for improvement in the level of support, especially around the issue of resolution time. That is the only negative point I find in the solution. I hope you guys will work on it and improve your resolution time which will help customers to keep their AlgoSec device healthy.

For how long have I used the solution?

We have been using AlgoSec for six years.

What do I think about the stability of the solution?

In the six years we have been using it, we have never seen an outage or failure of AlgoSec or any other software-related failure. 

What do I think about the scalability of the solution?

The product is very scalable. We have never faced any issues related to the scalability of the product. 

How are customer service and technical support?

As an individual, my experience has been good, but in terms of technical-issue resolution, I am not 100 percent satisfied because of time the AlgoSec team takes to fix issues, some of the time.

Which solution did I use previously and why did I switch?

Previously, we were using Tufin but we found that solution more complicated when compared with AlgoSec. 

How was the initial setup?

The initial setup was straightforward because of the well-defined GUI platform.

What about the implementation team?

We implemented it in-house.

What was our ROI?

Given that we have been using this product for the last six years, there is no question about ROI. If we were not seeing ROI, per our expectations, we would not continue with the product. 

What's my experience with pricing, setup cost, and licensing?

AlgoSec is not much more expensive compared to other products available in the market.

Which other solutions did I evaluate?

We evaluated FireMon but it was more complicated than AlgoSec and did not fulfill our basic requirements. 

What other advice do I have?

Overall, AlgoSec is doing a good job.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Network Manager at iPSL
Real User
The risk and compliance area is key to ensuring we conform to company regulations

What is our primary use case?

We use the AFA to accurately determine rule use and where we can make improvements across our checkpoint estate. We have around 17 clusters of firewalls that are in constant use and frequently change rules.

How has it helped my organization?

AlgoSec has given us the confidence to remove unused rules, consolidate where appropriate, and prove reachability prior to searching a rule base to check access for an application or user. Breaking down a rule to specify used objects within groups and protocols used has proved invaluable for us to narrow exposure to potential threats.

What is most valuable?

A number of features are used more than others. We use the policy optimiser to search out unused objects in rules and determine when the rule was last hit accurately.

The risk and compliance area is key to ensuring we conform to company regulation. Having a number of compliance options to baseline ensures that we get the basics right before looking at advanced risks and remediation.

Finally, the traffic simulator can be used to check if a request from a user or project is already a function enabled or we have a full access change to implement.

What needs improvement?

  • The maps are a little clunky and could be made easier with some automatic layout technology which assists in spacing out the devices for easier viewing.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It runs well with little intervention.

What do I think about the scalability of the solution?

Good, it has the ability to add more devices anytime.

How are customer service and technical support?

We use Bytes to escalate, and this has proved effective.

Which solution did I use previously and why did I switch?

No. 

How was the initial setup?

Straightforward, it needs to run for a period to ensure accuracy.

What about the implementation team?

We used Bytes Security to assist in setup and initial optimization. 

What was our ROI?

Not really applicable.

What's my experience with pricing, setup cost, and licensing?

Setup is easy; we use a VM to run it. Having knowledge in Linux is not a requirement but helps when required to update the software. Also, ensure the reseller has the ability to escalate any issues in case they can't fix it for you. Your licensing should cover the support of the product.

Which other solutions did I evaluate?

Yes, we looked at Tufin and FireMon.

What other advice do I have?

Put it in, let it collect for up to 12 months and ensure you run regular reports. Only then can you be sure that you don't use rules. Remember, DR testing and failovers sometimes happen on a 6 or 12-month basis, and removing rules covering this will cause issues when you least expect it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
IT Security Analyst at The Hartford Financial Services Group, Inc.
Real User
Our firewall governance group uses the AFA tool to gather object and rule usage on a recurring basis for recertification as well as research and design of new firewall rule changes.

What is our primary use case?

AlgoSec's Firewall Analyzer tool for rule usage and recertification. Our firewall governance group uses the AFA tool to gather object and rule usage on a recurring basis for recertification as well as research and design of new firewall rule changes.

How has it helped my organization?

Object and rule usage statistics enable object-level recertification of all rules. AFA usage statistics have enabled our company to establish regularly scheduled recertifications of all firewall rules across all policies.

What is most valuable?

Traffic simulation queries, policy tuner analysis and rule usage. Traffic simulation queries assist with new firewall change design and reduce manual work effort. Policy tuner analysis and rule usage enable recertification and provide additional validation for new changes.

What needs improvement?

Support/upgrade processes and documentation. The platform would benefit from additional support articles and guides on the Algopedia knowledge base.

For how long have I used the solution?

One to three years.

What do I think about the scalability of the solution?

This solution scales well from tens of devices to thousands.

How are customer service and technical support?

Support interactions have been hit or miss. It is my understanding the AlgoSec is putting a renewed focus on support and documentation to improve this aspect going forward.

Which solution did I use previously and why did I switch?

No.

Which other solutions did I evaluate?

What other advice do I have?

I would recommend investing the time in a full project to implement the AlgoSec suite if you will be using more than just the Analyzer piece. Fireflow and Business flow would benefit from dedicated standup time and effort to achieve the best results.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free AlgoSec Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free AlgoSec Report and get advice and tips from experienced pros sharing their opinions.