AlgoSec Reviews

We are using Firewall Analyzer (AFA) to compare configurations from multiple firewalls, such as Cisco ASA, Palo Alto, Check Point, and so on. It helps us to streamline our firewall rules, identify risks, and provide better visibility. This product has significantly saved the time and human efforts in creating and deploying firewall rules. It is now easier for our cybersecurity team to analyze firewalls rules and ACLs, using them in a more efficient manner. Other features are also very important for us.

With the help of this product, we can manage all the network security equipment in a centralized way. We are also able to make requests to our security team about quick and valid changes requests, helping to minimize the workload in documentation, troubleshooting and so on. This helps to identify any wrong or unnecessary changes in the network security perimeter, making sure that all security policies and best practices are followed in our network domain. During change implementation, and especially after completion, we can validate, make sure that everything is working fine, and is up-to-date per our expectations.

It’s capability to build and present entire network topology via map makes team members to easily investigate the entire domain. Whenever new applications and services get on boarded and traffic rules and policies being created it automatically discovered those Apps and services and makes life easy. Each and every performance report can be fully automated using this and saves time in audit and compliance requirement.It also helps us to clean old and obsolete rules or those rules which are not in use otherwise it could be very difficult without this product as team have to log into each firewall and remove rules and policies

We are running multiple hybrid cloud solutions, working with cloud providers, and looking for API integrations with cloud and related interoperability. Sometimes, when we are trying to delete or disable any rule, it takes more time than expected. 

Sometimes, the web browser has issues with slowness. It can be worked out with a click or two. 

We are using Algosec Firewall Analyzer referred to as (AFA) since 2018.

This is very stable, robust product. During extreme load in business hours, it works well without any issues. 

It provides interoperability with all vendor firewalls and the scalability is much easier.

Technical support is always good whenever we contact the support team. We always get an immediate response and a solution within defined timelines.

Earlier we are not using any solution but always planning to procure solution that have ability to integrate multi vendor firewalls into single platform and after assessments and evaluations with OEM products we finally select Algosec as approved solution.  

Initial setup was very simple. Using Quickstart help, any member can take part in deployment and administration from basic to advanced level. 

Only the firewall integration could take time due to some complex interactions. 

We implemented using our own internal team and with the help of AlgoSec technical support team. AlgoSec technical support was excellent and prompt.

It provides an improvement in the firewall process load. It also helps with increasing CPU and memory utilization.

When it comes to the cost of support and licensing, it is much cheaper than other competing products.

We have tried FireMon and Tufin under a non-production environment, but the overall features of AlgoSec were best. Therefore, we choose this product for our production environment.

Excellent product to use and has tremendous support from OEM.

We have not faced many problems or issues using this product.

We also have not tested AI or ML capabilities and are very keen to start working with it now. 

Overall, it is well-maintained, robust platform tool for firewall management.

We use it for planning firewall changes and traffic simulation queries.

We use AFA (AlgoSec Firewall Analyzer) and FireFlow. Our network environment is mostly on-premises.

It has improved the way our organization functions in that, for our change process, we now require all changes to be planned using AlgoSec so that the security team has visibility into the changes and we're aware of any risks. We also are using the covered rules and risky-rule detection to improve our security posture.

We haven't fully implemented the processes, so we haven't measured any reduction in human error as a result of using the solution, but subjectively, it has reduced human error.

It has also helped to simplify the jobs of our security engineers.

The most valuable features for us are the functionality it provides for our two main use cases: planning firewall changes and traffic simulation queries.

We haven't used it yet to prepare for audits and ensure our firewalls are in compliance, but I think it will be very helpful for that. That's one of the main reasons we bought it.

We are using it with a couple of Cisco technologies and we're also sending events out to our Microsoft Sentinel workspace. We have a couple of other security technologies in there as well. AlgoSec integrates well with the Cisco ACI environment and with our Firepowers, our FTDs. There are still some bugs but it generally works well.

The overall visibility it gives us into our network security policies is pretty good but it has some bugs and shortcomings. It doesn't support all features on our firewalls. For instance, planning changes, which include net rules, doesn't work. It didn't integrate so well with the ACI network. It doesn't work with all firewall rules or with net rules on our firewalls.

For about 70 percent of firewall changes it does show us the risks, while for 30 percent of the changes, we can't plan because of these bugs and shortcomings.

I have been using AlgoSec for about a year.

The stability is good.

We've had no problems in terms of scalability.

I'm sure we will continue to add firewalls to it and we want to do more with the FireFlow.

Their technical support is good but it can be slow.

Neutral

The initial setup was straightforward.

We have about 10 engineers using it, and just one person who looks after it, maintenance-wise.

We used their personal services to help us set it up. We had an onboarding package. It wasn't me doing the configuration but it seemed straightforward with their support.

Our experience with them was good overall. We had some frustrations and surprises in the early days with the product not being completely compatible with our environment. But over the last year, they've been fixing the bugs which is making it much more usable. When we started, it had a lot of problems with our environment. We were only able to plan something like 40 percent of the changes, and the traffic simulations weren't working with our network environment. But now, we're up to close to 70 percent.

It took about nine months before it was properly integrated and enough of the bugs had been fixed for it to be helpful.

We are not measuring the effort saved or the errors avoided, but we think it's a good investment.

Initially, it was more expensive, but we managed to negotiate the price. It's about average now.

In addition to the standard fees, we bought the Jumpstart package to help us configure it.

We looked into Tufin. We chose AlgoSec because of its support for Cisco ACI. Tufin was just releasing that and we felt that AlgoSec was a more mature product.

At the moment, it hasn't reduced the time it takes to implement firewall rules in our organization. It's being used to improve the quality of the changes we make and improve visibility. But we haven't fully implemented the FireFlow features. That's our problem, rather than the tool. We just haven't finished implementing it.

We're only using AlgoSec for on-premises, but we do have environments in the cloud and we plan to use it for those in the future. It would help us manage these multiple environments in a single pane of glass, but for the moment we aren't using it in that way. However, we do have a number of firewalls that we have onboarded from acquisitions, so we are not just using it for our data centers. We're using it for smaller acquisitions' firewalls as well to understand the security posture of companies that we are purchasing.

My advice would be to make sure that the solution is completely compatible with whatever infrastructure you have. We should have spent more time evaluating its support for our infrastructure to avoid some of the problems or surprises we had when we implemented it.

The solution is mainly used for auditing firewall rules and inter-zone connectivity within the client environment. 

Another use case we have at the moment is to audit all changes done on the firewalls across the environment. We are also using Fireflow which significantly reduces the administration effort and time required to analyze, plan, and implement firewall changes on a day to day basis. 

Compliance reports are a big help and ensure that the client environment is up to date in terms of their security standing.

AlgoSec has definitely helped to improve the process of auditing all firewall rules and access. 

From a security standpoint, it has significantly improved an organization's standing from identifying all risky items in a given firewall policy as well as change audits, among others. 

Using Fireflow has also significantly reduced the amount of effort and time required to analyze and plan firewall changes that normally happen on a near-daily basis. 

Change audit has also reduced the effort during audit season especially when clients are running multiple-vendor firewalls.

Risky rules and compliance profiles are very valuable. With these reports, we are able to identify gaps in the client's firewall policy and this allows us to effectively remediate such gaps. 

The time and effort saved by using these compliance reports or profiles are definitely welcome. Another feature that we would use on a near-daily basis is the Fireflow and simulation query functionality. With the simulation query, one would not need to log into a specific firewall vendor console to verify if access is allowed or not; we run it through the simulation which saves us a lot of effort.

Support could be improved. Support of the KB database is extensive but still does not cover all subjects, at least from my experience. 

Another area of concern that I think could be improved is the licensing system. With the version we are currently running, it is a bit confusing since, for some reason, AlgoSec license usage is handled differently between firewall vendors. It may be a bit challenging to properly size the purchase of a new license - especially if a client is running multiple vendor firewalls in the environment.

I've been personally been using AlgoSec for more than ten years now.

The solution is very reliable. No issues encountered during daily operations.

I haven't personally done a lot of scaling projects with this product.

The technical support is all right, however, it can be improved.

Neutral

We did not previously use a different solution. 

The setup is pretty straightforward and AlgoSec did provide support during the process.

We worked in-house, with AlgoSec, and with a vendor found that both are highly knowledgeable.

I'm not part of the business team and do not analyze this aspect.

I am not part of the team in charge of licensing. 

We also looked into FireMon and Tufin.

I am part of the team providing managed security solutions and we have a number of clients that have a lot of network and security devices in their environment.

We use AlgoSec primarily to provide solutions to our clients in terms of how we can help tighten their security and optimize network performance.

AlgoSec Firewall Analyser makes this easily possible and with the help of AlgoSec's readily available reports, we are able to provide to all our clients the security and compliance report.

Before AlgoSec, our firewall rules got pretty big over time and it came to the point where it was barely manageable. Duplicate rules and objects were everywhere and there was nothing we could do about it. Performing a manual clean-up was a nightmare and near to impossible.

AlgoSec Firewall Analyser improves the firewall rules dramatically by identifying rules and objects that are not needed and consolidates rules and rule re-ordering.

It also helped our team to optimize performance and further secure the network by identifying risky rules.

I always find the policy optimization by identifying duplicate objects, shadowed rules, and unused objects pretty useful. By eliminating all these duplicate objects, unused rules, and unused objects, firewalls and other security devices will use fewer resources to process certain tasks/requests.

This will benefit both the security engineer managing the security devices and the client as they will spend less time in dealing with optimization and therefore can focus more on other important matters.

AlgoSec firewall analyzer is already an awesome product but there are still some areas that definitely need improving.

For instance, the risky rules reporting should have more information available in the risky rules report - especially when you export the data into a .CSV format. .CSV format being a text-based visualization, some information and formatting cause the reports to lose meaning and only become just another character in the file since it cannot port over some properties (like severity represented by colors).

I've used the solution for more than ten years.

We did not use a different solution previously.

The setup is pretty easy and the cost is really worth it.

We did not evaluate other options. 

We primarily use AlgoSec to just have a check on what firewall rule sets have been configured over a period of time, and if there are any redundancies within those rules, that we can eliminate without any confusion within the ruleset. It allows us to have the optimum support and effectiveness of the firewalls.

Doing the analysis of rule sets is very useful for us.

Being able to make and implement changes within a timeline is a very valuable aspect of the solution.

The solution is easy to navigate.

The initial setup is straightforward.

AlgoSec can probably do better at introducing features for the cloud firewall scenarios. This is something that will probably help customers. It needs a hybrid scenario that includes private cloud, public cloud, and on-prem things. If a feature could cover all three different types of deployment, that could probably make it even more desirable for clients.

I've been dealing with the solution for two and a half years at this point.

We've not received any complaints so far when it comes to stability. So far, our capabilities mapped with AlgoSec has always achieved the best of results for our customers. There don't seem to be bugs or glitches. It doesn't crash or freeze.

We haven't heard anything from clients that would lead us to believe they couldn't scale the solution if they needed to.

The technical support is quite good. I would rate them eight or nine out of ten.

There are some points wherein when it comes to support, my engineer may not have gotten direct support immediately. In the past, my engineer might have to wait half an hour or one hour to get an answer, and then, of course, the customer is also waiting. That slightly impacts my customer experience. Due to that aspect, I am reducing one or two points for that. However, overall, we're pretty satisfied with the solution.

I use a few other solutions as well. More often, I would advise clients to go with AlgoSec. Of course, as a secondary option, if our customers personally had some other preference, my experience is that they tend to go for Tufin rather than Skybox.

The initial setup is pretty straightforward. It's not complex. We don't face any challenges on that front.

We both deploy the solution and manage the solution for our customers.

In terms of pricing, it would be useful if they could be a bit more aggressive to their competition in the market. They need more aggressive pricing. That would be certainly more helpful to the market overall.

We have relationships with AlgoSec, Skybox, and Tufin. We are resellers as well as value-added service partners of all three solutions.

Our experience is across the board. What we advise depends on our customers' requirements and preferences. Based on that, we suggest select solutions.

We have a cloud model that we have worked out with AlgoSec. We are their managed security service partners. Along with that, we also do the on-prem deployment, especially in the Indian government sector.

Overall, I'd rate the solution a nine out of ten. I've had a fantastic experience with it so far.

We use AlgoSec to see where our firewalls stand, configuration-wise, and where we can make the policies safer for the environment. We are a large Government organization that provides critical services to the community.

We have a mix of ASA and Firepower that we use in the environment. The tempo is pretty high and there is a large amount of opportunity for error due to the size of the team and sometimes lacking in technical experience with configuring the firewall platforms.

This tool allows us to check the config really easily.

Our pen testers were constantly using AlgoSec for the firewall assessments, even when going with different vendors. We decided to buy the product in order to check the policy in real-time and ensure there were not miss-configurations that would linger until next year's pen test.

We also get an automated email of firewall changes in addition to being able to see if there are any rules that are poorly configured.

I am less stressed thinking there could be a glaring misconfiguration that could cause an incident.

We primarily use the firewall analyzer feature. It is really great for looking at stuff like PCI, HIPPA, etc. There are sometimes false positives but I don't know of a product out there that does not have false positives.

The firewall analyzer is great if you deploy a new firewall platform and need to see if it provides an adequate level of protection, where you don't have any dangerous rules.

I like the peace of mind that we get from seeing what our overall score is for the configs. I also like that I can check against PCI requirements.

This is a tough one because it has a lot of good features.

I think that the rate of false positives can be improved. I would like a FireFlow or packet-tracer-like capability at a lower licensing level.

I liked the additional capabilities for an analyst or lower-level network admin or service desk tech to be able to check the rules to see if there is something blocking the traffic. However, I was not able to get the licensing approved above just FA.

I like the training available as it is very informative, but, I wish it was just available from YouTube and I could easily play it from my cell phone without additional logins.

I have been using AlgoSec for a few years.

We just relied on tech skills and pen tests. This way led us to be reactionary instead of getting ahead of problems.

Setup was not too difficult.

The cost is kind of high but I really did not check any other vendors.

I did not evaluate other options. I do like NetBrain's Path tool. This gives us a similar capability to FireFlow and has some other really great tools. 

The AlgoSec solution is really helpful for us, as we need to review all of the rules that have been implemented or we intend to implement, everywhere in our organization, independent of the country or even region.

With AlgoSec, it is possible to check the risks for each rule in terms of security and it is possible to easily decide if the implementation is valid or risky. This allows us to keep only the rules that are following our internal security standards.

AlgoSec helps to keep order and improve efficiency for operations teams supporting the solution.

In short, this solution makes it possible to increase efficiency by simplifying the life of our engineers. They support the daily interactions with the Firewalls through the implementation of the requested rules. We can easily and quickly identify all of the rules on the firewall and avoid the individual review and analysis of each rule. This keeps the firewalls clean and under our security policy, following our internal standards.

I think that perhaps FireFlow could be the most valuable feature, according to the feedback from our technical teams. This allows them to easily add, modify, and remove rules from the firewalls.

Another good point is that we avoid the old procedure of end-users requesting rules, a security team in the middle validating, and then the final implementor doing the job. With this feature, you can directly permit the end-user to request what he or she needs, and if the security policy is respected then it can directly be approved and implemented.

What the technical teams report to me is that the network maps are a concern and should be improved. It would be easier if the network maps could be updated using the GUI portal instead of from the OS. This would benefit the operations teams working daily with this tool.

In the end, we are striving to improve efficiency, and taking into account that Operations are really under pressure from SLAs to keep support ticket queues clean, and with the least amount of backfill possible, it is key to get better tools that make it easier and faster to update the network maps.

I think we are roughly in the third year since the first time we started using the AlgoSec tool in our company.

In terms of stability, this tool is really good and more than you could expect.

We are still involved in debugging a lot of stuff because we have to accommodate the solution to our large IT network. As our company and network are really large, we have a lot of jobs to do. Even with this powerful tool, it is not immediate.

Scalability is really good with this tool as it is flexible, as long as we can move this solution to hybrid or fully cloud deployments. This is something we are really focusing on right now.

As I know, until today, all issues raised so far have had a good response time and solution. No bad reports or specific or important complaints were reported from the technical teams.

Overall, technical support is really pleasant and smooth.

Before knowing and using the AlgoSec tool, we were managing daily activities with Firewalls the standard way. It was done rule by rule, creating, modifying, removing, analyzing, and finally compiling once all it was decided that everything was under control and following internal security policies.

The initial setup was hard and made more difficult because of the network map configuration. There is no visibility on the provider because they cannot grant access to us. So, the configuration has to be manually done for the most part. This part was really hard and time-consuming.

My team was not involved in testing or pilots of any other solution prior to making a decision. Another global team was part of the negotiations, study, and comparison. My team and I were involved once the decision was made.

It is clear that it is difficult to have the perfect tool with all that you need. As we expect, it is not an ideal world. AlgoSec is, in general, doing fine.

Today, this tool is very stable and permits us to improve the efficiency of the day to day work by our technical teams. It also allows the end-user to be more directly involved in the requests, highly reducing the time between the request and the final implementation.

The only advice or remark I can add here is what concerns me with the network maps. This is the cause of what makes the initial setup harder than expected. The reason is because of the network map configuration. There is no visibility on the provider because they cannot grant us access, meaning the configuration has to mostly be performed manually.

The primary use case is for firewall rule optimization and rule tracking for changes in 80 Palo Alto firewalls. There are 30 clustered and 20 standalone in the environment. Formerly, it was Check Point with almost the same quantity.

This solution has helped the team to be updated with changes globally.

The most valuable feature is the unused rule optimization, where it clears the policy when appropriate.

The pricing structure is not good because there is no difference between a Data Center firewall for a small branch. The pricing for smaller installations should be lowered because sometimes there is just no ROI to add AlgoSec to the small branch offices with only 10 rules.

I have been using AlgoSec for seven years.

This solution looks very stable.

Our impression of the scalability is great.

I have no experience with technical support.

Other than Check Point, we did not use another solution prior to AlgoSec.

The initial setup is straightforward.

We had assistance from Bynet. They are very good professionals.

There is not so much ROI for us. We are using it basically for SOX purposes but find it useful on the way.

Pricing is great if you have a small number of large firewalls, otherwise, it does not bring ROI.

We did not evaluate other options before choosing this solution.