AlgoSec Reviews

We use AlgoSec to integrate firewalls. I'm a senior network security engineer and we are customers of AlgoSec.

Security ratings and security rules analysis are two valuable features. In general, it's a very good and stable solution. 

I believe the customization of dashboards should be simplified and more user-friendly. Customization inside the domain level needs to be improved.

The solution is stable although there are occasionally issues with patches, but they are generally resolved quickly. The solution is extensively and regularly used for compliance reports. 

The solution is scalable. We have close to 30 firewall admins.

The technical support is good. The only drawback is that the product is not very user-friendly and it's too expensive to contact support each time we have a problem. 

The initial setup was carried out using professional support and the company was happy with the integrator. We moved our ticketing up to AlgoSec using FireFlow. I wasn't around but I think it took some time.

The license was initially renewed every three years but it's now done on an annual basis. I'm not aware of any additional costs. 

I rate this solution eight out of 10. 

My main use case is as a firewall analyzer module where it can be further broken down as follow: 

1) Network topology visualization: visualizes a network traffic path during troubleshooting

2) Policy optimization: uses optimization and clean-up recommendations to perform annual housekeeping of the firewall

3) PCI DSS compliance: follow the out-of-the-box checklist to prepare for a PCI DSS audit

4) Risk reduction: uses the recommendation of the risky rules to address all the critical and high-risk rules

5) Monitor changes:  monitor for firewall-config changes in real-time via email alerts

The solution has improved our organization in multiple ways. We can:

• Easily understand and provision application connectivity to accelerate application delivery and minimize outages

• Process firewall changes 4x faster, and eliminate misconfigurations and rework

• Proactively assess the impact of network changes to ensure security and continuous compliance

• Simplify and automate internal and regulatory firewall audits, and reduce time and costs

• Streamline communication across the application, network and security teams

• Deliver a tighter security policy that provides better protection against cyber-attacks

The product is great for:

1) Network topology visualization: reduces network troubleshooting effort which contributes to quickly restoring network or application outage.

2) Policy optimization: reduce/consolidate the number of rules created prior to the existence of AlgoSec Firewall Analyzer in order to free up hundreds of rule capacity before reaching the max rule limit of the firewall.

3) PCI DSS compliance: helps to highlight the area which firewall admin need to take note and address in a streamlined and structured manner.

4) Risk reduction: helps to quickly identify the risk that exists in existing rules and provide useful recommendations that help the firewall admin to remediate with ease.

5) Monitor changes: helps firewall admin to comply with security requirements of providing real-time security alert whenever a change is made, with detailed info on what was the value before and after.

The FireFlow's out-of-the-box workflow configuration/customization wizard could be improved to be more user-friendly and have a shorter learning curve. The current configuration wizard is quite complex and complicated, which will result in the need to engage with an AlgoSec professional services team to perform even the simplest workflow adjustment.

I had tried AlgoSec's direct competitor's workflow configuration wizard and found it to suit most organization requirements even though the customization capability may not be as advanced as AlgoSec.

I've used the solution for six years. 

The setup is fairly straightforward.

We did also consider Tufin.

We have a large setup of multi-vendor firewalls with large in numbers of policies and rules. Handling rules and policy visibility manually are very difficult for clients multi platform firewalls. AlgoSec AFA has eased day-to-day operation, firewalls rules optimization, clean-up for unused policies and reporting, and visibility on policy and rules. All of this improves the firewall performance.

AlgoSec FireFlow workflow change tracking in environment makes it easy to have a central repository also multiple stakeholder approved change management.   

The AFA workflow has helped us to manage firewall rules implementation using multiple stakeholders' approval with an end-to-end lifecycle of change management and tracking. 

Reporting helps us with deliverables, areas of focus for improvement, and much more. Algosec AFA is useful for policy optimization and clean-up and can measure capacity management. 

AFA provides greatly extended support for firewall rule review for risky rules, optimization, and clean-up for unused rules. 

Firewall rule automation for implementation also makes support easy for support firewall administrators.

AlgoSec currently has two useful features: AFA and AFF. 

The AFA workflow helped us to manage firewall rules implementation using multiple stakeholders' approval with an end-to-end lifecycle of change management and tracking. 

Algosec AFA is useful for policy optimization, cleanup, and measuring capacity management. 

AFA provides greatly extended support for firewall rule review for risky rules, optimization, and clean-up for unused rules. Firewall rule automation for implementation also makes support easy for support firewall administrators.

There could be certain improvements such as supporting secure email. We have some cases where the client SMTP /POP email system is discarded, which is very important factor change notifications.

Fireflow workflow rule/change implementation for time-based rules is not currently supported. 

These improvements in upcoming code will definitely help with end-to-end firewall rule implementation. 

NAT rule implementations were in the roadmap. We are expecting this soon. 

Certain optimization of AFA/AFF SMS resources would ease daily operations.

I've used the solution for four years.

While stability is good, further improvement is needed.

The scalability is good.

Technical support is good.

Positive

We did not use a different solution previously.

Some changes in setup are ongoing as we are growing.

I am a vendor partner of AlgoSec.

The licensing is commendable.

We evaluated a few other options before positioning this solution. 

The solution could use improved support.

We planned to start with AlgoSec Firewall Analyzer and later procured FireFlow as well.

We deployed Fireflow as we have been migrating the Infrastructure to SaaS, increasing in multi-vendor engagements on multiple Network and Security layers and handling requests from roaming users ends.

AlgoBot has been enabled to few users to validate their requirements and requests on their own, which has helped them to understand their current access and to create requests that are very accurate and relevant.

With respect to the environment, it's distributed with various network and security solutions, with multiple zones and a maintenance team.

Over the period of two years, we integrated the AlgoSec Firewall Analyzer and FireFlow on multiple solutions including next-generation firewalls, web security, proxies, and other network devices.

On the improvement part, we enabled the common set of policies across firewalls and proxies. This tool helped us eliminate the requirement to have L3 engineer in our other data centers and our Tier 1 and 2 engineers utilize the solution well from the configuration and maintenance areas.

We simply pass over three to four external agency audits on various particulars which we spent more time on before onboarding the solution.

One of the most valuable parts for us is to achieve the compliance standards without ample strain and burden. Defined templates assisted us to make effective on following the internal processes and the industry standard.

It enhanced the complete workflow system within six months of deployment. We eventually onboarded by integrating with multiple solutions.

We performed regular audits internally to standardize and to pass the external audits effortlessly.

In simple words, this process empowered us to define a metrics among our industry and set the development goals clearly.

Support tickets and engineer assignments are one of the few concerns we are facing these days. Initially, they were hard to co-ordinate with the technical support team and the AlgoSec management team helped us to follow the defined Service Level Agreements.

We needed to directly communicate with the integrated solution TAC Teams, let say of Palo Alto or Checkpoint, and we needed to co-ordinate jointly for addressing an issue.

The AlgoSec support team came on a joint call to address the issue on time without saying "this is not my cup of tea" and by then we were happy about the support. This happened during one of our major migrations.

Our management is expecting us to set up a CXO/CISO dashboard from AlgoSec. It would be great for us if the AlgoSec team could assist in setting up the new benchmark.

We have been using this solution for more than two years.

Over the period of two years, we have seen multiple enhancements being made available inside the product. One of the new requirements is on containers/Docker/Kubernetes where AlgoSec really needs to focus. I am not sure about the availability of the latest support release, however, these are booming technologies and we require solutions like AlgoSec to support them.

Earlier it was good. Possibly due to the pandemic, we faced a couple of challenges in getting the support on time. That said, now it's getting better.

Neutral

Earlier we used to manage everything with our internal and vendor team, where lots of coordination was required. It was a long time-consuming process of gathering requirements and defining the best possible solution.

Since few of the solutions were being managed by outsourced team, it was challenging to make the solutions ready to integrate with AlgoSec during the deployment phase.

Some delays happened due to the lack of support by the external party. There were some delays due to upgrading products to make everything compatible with AlgoSec Analyzer and FireFlow.

Initially, we found this as a complex deployment. Later, it was easier than anticipated. We referred to the technical documents and AlgoPedia portal to understand more and deployed successfully within the proposed timelines.

Our in-house team took care of almost everything and the AlgoSec team did the governance.

We'd like the solution to share the complete Infrastructure details along with the business use cases with AlgoSec SE to evaluate and propose the best fit deployments and licensing.

Pricing-wise, AlgoSec still needs to support the customers.

We evaluated Skybox and Tuffin as well. Our internal team showed interest in AlgoSec right away, however, Skybox was a real challenge to differentiate.

Technical documentation and readily available solution blogs helped us to deploy the solution in a better way

AlgoPedia helped us in many ways - including sharing information on the new vulnerabilities, management of appliances, and maintaining the workflows (by providing enough insights to explore and understand).

The solution is mainly used for auditing firewall rules and inter-zone connectivity within the client environment. 

Another use case we have at the moment is to audit all changes done on the firewalls across the environment. We are also using Fireflow which significantly reduces the administration effort and time required to analyze, plan, and implement firewall changes on a day to day basis. 

Compliance reports are a big help and ensure that the client environment is up to date in terms of their security standing.

AlgoSec has definitely helped to improve the process of auditing all firewall rules and access. 

From a security standpoint, it has significantly improved an organization's standing from identifying all risky items in a given firewall policy as well as change audits, among others. 

Using Fireflow has also significantly reduced the amount of effort and time required to analyze and plan firewall changes that normally happen on a near-daily basis. 

Change audit has also reduced the effort during audit season especially when clients are running multiple-vendor firewalls.

Risky rules and compliance profiles are very valuable. With these reports, we are able to identify gaps in the client's firewall policy and this allows us to effectively remediate such gaps. 

The time and effort saved by using these compliance reports or profiles are definitely welcome. Another feature that we would use on a near-daily basis is the Fireflow and simulation query functionality. With the simulation query, one would not need to log into a specific firewall vendor console to verify if access is allowed or not; we run it through the simulation which saves us a lot of effort.

Support could be improved. Support of the KB database is extensive but still does not cover all subjects, at least from my experience. 

Another area of concern that I think could be improved is the licensing system. With the version we are currently running, it is a bit confusing since, for some reason, AlgoSec license usage is handled differently between firewall vendors. It may be a bit challenging to properly size the purchase of a new license - especially if a client is running multiple vendor firewalls in the environment.

I've been personally been using AlgoSec for more than ten years now.

The solution is very reliable. No issues encountered during daily operations.

I haven't personally done a lot of scaling projects with this product.

The technical support is all right, however, it can be improved.

Neutral

We did not previously use a different solution. 

The setup is pretty straightforward and AlgoSec did provide support during the process.

We worked in-house, with AlgoSec, and with a vendor found that both are highly knowledgeable.

I'm not part of the business team and do not analyze this aspect.

I am not part of the team in charge of licensing. 

We also looked into FireMon and Tufin.

I am part of the team providing managed security solutions and we have a number of clients that have a lot of network and security devices in their environment.

We use AlgoSec primarily to provide solutions to our clients in terms of how we can help tighten their security and optimize network performance.

AlgoSec Firewall Analyser makes this easily possible and with the help of AlgoSec's readily available reports, we are able to provide to all our clients the security and compliance report.

Before AlgoSec, our firewall rules got pretty big over time and it came to the point where it was barely manageable. Duplicate rules and objects were everywhere and there was nothing we could do about it. Performing a manual clean-up was a nightmare and near to impossible.

AlgoSec Firewall Analyser improves the firewall rules dramatically by identifying rules and objects that are not needed and consolidates rules and rule re-ordering.

It also helped our team to optimize performance and further secure the network by identifying risky rules.

I always find the policy optimization by identifying duplicate objects, shadowed rules, and unused objects pretty useful. By eliminating all these duplicate objects, unused rules, and unused objects, firewalls and other security devices will use fewer resources to process certain tasks/requests.

This will benefit both the security engineer managing the security devices and the client as they will spend less time in dealing with optimization and therefore can focus more on other important matters.

AlgoSec firewall analyzer is already an awesome product but there are still some areas that definitely need improving.

For instance, the risky rules reporting should have more information available in the risky rules report - especially when you export the data into a .CSV format. .CSV format being a text-based visualization, some information and formatting cause the reports to lose meaning and only become just another character in the file since it cannot port over some properties (like severity represented by colors).

I've used the solution for more than ten years.

We did not use a different solution previously.

The setup is pretty easy and the cost is really worth it.

We did not evaluate other options. 

One of our customers was using basic firewalls and the VPN, however, much of the policies were not applied - hence there were a lot of loopholes and hence a lot of spam and malicious activities were going on in their organization. Employees were able to use blocked sites, IT managers were not able to address the issue on their own. 

The client replaced existing solutions with AlgoSec. AlgoSec has given better visibility and better performance. IT managers who [reviously could not find loopholes were able to address them. 

Detection of loopholes and pinpointing troubleshooting areas were the key value additions that AlgoSec has provided. Its response time is fast. 

Detection of malicious activities and malware is much better than other options. 

Previously, the company was dependent on third-party solutions for audit reports. AlgoSec now provides an instant audit report. 

It has improved the management of all the firewalls (which are both cloud and on-prem) via a single console. The integration with the routers and other IT products is seamless.

The most valuable aspect of the product is the automatic application connectivity. The second best feature would be detection and response and analysis of the data. Applying security policies over the network is easy. AlgoSec instantly provides audit reports which is a most useful feature in this organization. 

Integration of the next-gen firewall, cloud firewall, routers, and load balancers is seamless and a very useful feature.

The solution offers unified and risks analytics reports features. 

AlgoSec helps IT managers automate firewall management across all hybrid environments.

The blacklisting and whitelisting of IP addresses should be improved. There are many false positives.

The cloud migration process should be more streamlined for my customer-facing issues.

The price should be less. The customers who have just started using the AlgoSec firewall management tool, as of now, have not faced any major issues apart from some small debugging. 

Improvement can be done in many areas. For example, it would be great if AlgoSec could integrate with an endpoint solution and directly integrate with firewall and endpoint solutions to bring much more visibility.  

We started deploying the application in January of this year. Currently, in our contract, we have a license for AlgoSec FireAnalyzer and FireFlow. So, at this moment, we are only working with AlgoSec FireAnalyzer. 

We are using AlgoSec to have a good view of our environment in terms of the risks and compliance and to implement rules. Our environment at this moment is only on-premises. We have servers, routers, firewalls, etc.

The visibility that AlgoSec provides about our environment is very important. Without it, we won't have visibility into various risks to our environment. AlgoSec can show us these risks and allows us to improve and close some rules. It improves the security of the network, and we can protect the data of our customers more efficiently.

It is helpful in improving the security and compliance of our environment. We can optimize our environment by improving the rules that are not used or are duplicated. FireFlow is useful in creating and implementing new rules. It allows us to automate rules implementation and have more control over rules.

Its reports are very important for compliance and understanding and mitigating risks. They show us the rules that are open or that can create risks for our environment. This information is very important for us for optimizing our environment and correcting the policies.

In our environment, we add rules in the firewall based on user logins, but currently, we can't do that with AlgoSec. AlgoSec can't create rules based on user logins. For example, generally, when we create a rule, we put IP Address, Destination IP Address, and Service Port. However, in our environment, we put IP Address, User Login, Destination IP Address, and Service Port, but AlgoSec doesn't support a rule in this format. We opened a ticket regarding this with their support two months ago, and they said that they will be able to add it in the future, but they don't know the timeframe. We are currently in the process of making changes in our environment for such rules, and after two months, we won't be using the rules that are based on user logins. We will make them consistent with the market, and we will use only the IP Address, Destination IP Address, and Service Port for rules. So, it won't be a problem for us, but this can be an improvement for other clients.

It is quite new for us. We starting working with it just a few months ago.

Its stability is good. We never had a problem where we couldn't access the platform. It is always available, and we don't have any problems related to the downtime of this platform.

At the moment, it gives us what we need. Next month, we will add new technologies to AlgoSec.

AlgoSec has a great team. They are professional and have good knowledge of AlgoSec. We have a good relationship with them, and we got good support from them.

We never had a solution like this. It is the first one in our environment.

We started its implementation in January with the help of a partner company. It was very easy to implement, and we didn't have to contact AlgoSec.

We completed the deployment in February. We put it in our environment and started the server. After that, we did the configuration and started to add our devices to AlgoSec.

We implemented it with the help of a partner company in Brazil called Logicalis. When we have any problem, we talk to them, and they are able to help us.

I would recommend this solution because AlgoSec provides a lot of reports and views of your environment. You won't be able to get this view through a firewall manager. For example, the CheckPoint firewall manager won't provide what AlgoSec provides, especially related to the compliance of your environment.

We have implemented Cisco ACI in our environment, and AlgoSec will help us to work with this new technology implemented in our environment. We will integrate AlgoSec and ACI next week.

I would rate AlgoSec a 10 out of 10.