Try our new research platform with insights from 80,000+ expert users
reviewer1463592 - PeerSpot reviewer
Cyber Security Architect at a tech services company with 5,001-10,000 employees
Real User
The compliance blueprints are flexible and can help with different types of audits
Pros and Cons
  • "We have used the solution to implement and manage microsegmentation initiatives. That is the whole point of modeling towards, "Hey, how will this work for a specific situation in the end?" I think it's a great solution because a lot of companies are not just going to the cloud, but microsegmentation and service-delivered products. So, I feel like it is very capable and comparatively better than its peers, if not equal."
  • "The API integration could potentially improve. I didn't get a chance to look and see how well this solution can integrate with ServiceNow or our GRC environment."

What is our primary use case?

We needed something to tell us the quality of our firewall rules in terms of their implementation.

We use the following components of AlgoSec: AlgoSec Firewall Analyzer (AFA), FireFlow, AppChange, and CloudFlow.

How has it helped my organization?

I get reports that address the different types of things that we look for in security which it protects for, mainly things in the firewall with monitoring or compliance. With this, I felt like it is a great product.

Because of how sophisticated the product is, it allowed us to get very useful, actionable information, reducing the time it takes to implement firewall rules in our organization by 40 percent. However, we are still trying to figure out if we are going to switch to it permanently.

I felt like the compliance blueprints were more sophisticated, which is kind of what we need. The type of environment we need in order to reduce risk is to have a number of different compliance blueprints that will give us the flexibility of being able to handle multiple different kinds of audits.

We use it to assess some of the readiness of some of our projects. We use it to model what we potentially would do if we keep it on, which it looks like we probably might. So, we did use it to help with some modeling.

AlgoSec's automation helped to reduce human error and misconfigurations. They have built-in ISO and other types of compliance fabrics. That reduces errors because it does a lot of policy thinking for you. This has improved our security operations.

It empowered our security engineers because you need to have the best, top-end tool if you are looking at modern high-end threats. 

We have used the solution to implement and manage microsegmentation initiatives. That is the whole point of modeling towards, "Hey, how will this work for a specific situation in the end?" I think it's a great solution because a lot of companies are not just going to the cloud, but microsegmentation and service-delivered products. So, I feel like it is very capable and comparatively better than its peers, if not equal.

AlgoSec is very complimentary to Cisco ACI because a lot of people are doing SDN. Having that integration is critical because a lot of the applications are more geared toward ACI. So, having something that compliments but doesn't break or get in the way of what the client finds important is ideal. Because, in some cases, we are not just representing ourselves, we have to extend what the client wants.

What is most valuable?

The Analyzer was the thing that had the most value because I am all about the quality of the rules and number of the rules. I thought it was really a great product, especially because we have more than one type of firewall.

I liked the level of detail. I thought it was a good measure of what people needed to understand. It had really useful information about controlling the environment. It looked like AlgoSec has done a really good job with developing what customers might find useful.

AlgoSec provides us with full visibility into the risk involved in firewall change requests. There is a lot of competition out there. This provides a comprehensive environment where risk is properly captured, which is very valuable.

The list of tools in the AlgoSec suite all seem to complement each other, which is what we needed towards making sure that we weren't leaving anything out. So, it seemed to be comprehensive enough between all the different products.

AlgoSec helped us to gain visibility into our application connectivity flows, which was important. We have Splunk, so we need a firewall/security expert view on top of Splunk. I felt like AlgoSec gave us that information. This allowed us to show that AlgoSec could be a valuable contributor to our security environment.

It enables us to manage multiple or dispersed environments in a single pane of glass. This is good because we have a complex support model that we are trying to simplify. There are as few panes of glass as necessary. Even with a separate security pane, it is worth it. 

What needs improvement?

The API integration could potentially improve. I didn't get a chance to look and see how well this solution can integrate with ServiceNow or our GRC environment.

Buyer's Guide
Prevasio
November 2024
Learn what your peers think about Prevasio. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.

For how long have I used the solution?

We demoed it for about three months.

What do I think about the stability of the solution?

It is a very stable product. It is definitely more stable than FireMon. I felt pretty good about it. I didn't have to worry about apologizing for the product because of integrity issues, which is usually a thing. I felt like I did not have to worry about it.

What do I think about the scalability of the solution?

It was very scalable, which is important. One of the reasons that I was able to champion it (in terms of the demo) is because we were starting small. However, if everybody likes it, we will ramp up pretty big.

The SOC has about 10 admins. There are a lot of IP addresses. These 10 guys administer about 3,000 devices.

How are customer service and support?

We haven't really had to call much. That was one thing we were trying to figure out: If we are going to get a consultant or get some a la carte stuff during the demo. We will probably look up a support agreement from the corporate side, if this goes into production. There are some people with whom we are talking about the contract on the backside.

How was the initial setup?

The initial setup was pretty straightforward. We had some help, but it just seemed pretty straightforward.

Deployment took about a month because of some internal stuff. This was fine because I couldn't get a lot of buy-in time on how much time we have for development.

We run a full SDLC where we use a project management organization who uses kind of an agile/waterfall hybrid. We have multiple departments that all have a stake in terms of how we deploy the demo to make sure that everything models exactly when we turned it on.

The migration process was easy because it was a complete product. We need something ready out-of-the-box to help where we don't have to figure out the product or use cases as much because it fits the use cases with its features. AlgoSec felt like a great fit to us.

What about the implementation team?

We had some in-house talent who had some experience with AlgoSec. We also contracted an integrator.

It helps to have somebody who really knows the product well enough in order to get it modeled quickly. That way, the executives who are looking at it see success quickly. 

What was our ROI?

It is worth the cost. 

What's my experience with pricing, setup cost, and licensing?

I heard that the licensing was around $100,000 a year, and I don't know how accurate that is. That seemed a little high, but compared to everybody else, it seemed about the same.

Which other solutions did I evaluate?

I have been at other companies in the past who did bake-offs.

It is not up to me. I just give them the information, putting the information into their hands and having them make the decision. However, I feel pretty strongly that AlgoSec could be it. Once we got rid of our third place (FireMon), I said, "Oh good. That gives AlgoSec a fighting chance." 

I have always thought it should be between Tufin and AlgoSec. That has always been the most realistic comparison to me. I didn't like FireMon's level of support. We thought AlgoSec was more scalable and efficient with better visibility. 

AlgoSec vs Tufin: I would have thought that Tufin would have won. AlgoSec kind of surprised me because: 

  • We had better performance with AlgoSec.
  • We were able to set it up easier. 
  • The regulatory compliance matrices were better. 
  • The ranking of risk in the firewall rules was better.
  • The role-based access was really good at the time.

What other advice do I have?

I probably wouldn't look at anything else if you're not going to integrate the API. Although a head-to-head trial is a good idea, a lot of people don't really have the time for all of that. Just start with AlgoSec. It is number one in a lot of markets for a reason.

We work with multiple security vendors for different tools and functionality. AlgoSec is an absolute leader when it comes to integrating with the leading vendors. I need to have things that are leading their sectors because that is the only way of answering security controls for risk.

We haven't had a breach as far as I know. However, I feel like if we were breached, this would be a critical tool because people would want to know what the firewalls saw. This is the best of the very best firewall tools. When you need something that tells you what is happening with top security devices and tools, this would be the first place where we would get intelligence about the breach. 

If we use AlgoSec, then we will use it 90 to 100 percent. If this solution gets the go ahead, then we may get the rest of the suite. Though, we are pretty much using the entire suite.

I would rate this solid nine (out of 10).

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Network Security Engineer at a comms service provider with 51-200 employees
Real User
Powerful, easy, and manageable
Pros and Cons
  • "AlgoSec has good tools to manage policies and devices. Many administrators like how it helps you monitor and clean up the policy for the on-premise firewall."
  • "In the new version H32, there are many, many bugs."

What is our primary use case?

I use AlgoSec Firewall Analyzer, BusinessFlow, AppViz, AppChange and CloudFlow. We use the appliances from the AlgoSec framework and the AlgoSec Firewall. The customer environment is mostly managed on-premise.  

How has it helped my organization?

AlgoSec has reduced the time to implement firewall rules in my customers' organizations by about 17%. AlgoSec has helped us keep our firewalls in compliance with data security regulations. It can produce many reports, like the ISO 27001, PCI DSS, and OX. It can even make recommendations to optimize your firewall based on compliance standards. 

For example, one of my clients uses the Palo Alto firewall device together with a user admin Palo Alto device. When the admin device needs to detect configuration on the Palo Alto firewall device, AlgoSec can verify if this is correct and in compliance with standards like ISO. In this example, my customer is conducting an assessment via Palo Alto based on ISO 27001. AlgoSec might provide recommendations, like passive complexity, for the firewall settings because the SMTC hasn't been configured. 

What is most valuable?

AlgoSec has good tools to manage policies and devices. Many administrators like how it helps you monitor and clean up the policy for the on-premise firewall. AlgoSec can give you recommendations to optimize your rules. It supports ITSM, and it's a powerful tool for monitoring firewall change requests.

A large company has many devices working with its firewall as well as many policies for managing router switches and networks. If a single security admin changes one policy, it impacts all the routers throughout the entire network. If you do not have a system for firewall change management, you're vulnerable to human error, misconfiguration, and other problems. AlgoSec has one central management system for managing your planning and implementation policies for your devices and firewall. This minimizes risk.

I think it's simple for AlgoSec to integrate with other security solutions. AlgoSec is supported on device firewalls like Cisco and Palo Alto. To integrate, you just have to verify that it has AlgoSec support. It's relatively easy to integrate with AlgoSec because it communicates using the SHA protocol with just a username and password.

I've used AlgoSec with Cisco ACI but only as a proof of concept. My clients are mostly using Cisco ASA with a Cisco router, Palo Alto, and Juniper.

What needs improvement?

In the new version H32, there are many, many bugs.

For how long have I used the solution?

I've been using AlgoSec since 2019, so almost two years now.

What do I think about the stability of the solution?

In terms of stability, I think it's good for what our end-user wants to do. When you integrate your device on the firewall analyzer and you analyze, AlgoSec can show you the root of your device. AlgoSec can also monitor changes on the specific firewall.  

What do I think about the scalability of the solution?

AlgoSec is powerful, easy, and manageable. It's user-friendly and deployment is easy. In my experience, it scales to my clients' needs because it helps track the policy and the changes.

How are customer service and support?

AlgoSec support is good and professional. And before you contact support, you can search the reference AlgoSec portal. For example, if you have issues with the SHA and AlgoSec cannot communicate with a specific firewall. You can search on the AlgoSec help portal. The whole issue is covered on the AlgoSec portal. From the 2018 version of AlgoSec to the latest version, all the references are there on the portal. AlgoSec support responds on schedule to explain the issue and recommend ways to fix it.

Which solution did I use previously and why did I switch?

I know the competitor of AlgoSec is Tufin, but I don't have experience with Tufin. If I did, maybe I could compare AlgoSec with it. At this time, I don't have any comment on its competition.

How was the initial setup?

Setting up AlgoSec is very simple and easy. Because I'm using the VMware appliance for AlgoSec, you can just download everything. After that, you just configure the IP address for AlgoSec, set up a username, and verify your configuration license. For the VMware appliance, it takes maybe 30 minutes to deploy AlgoSec.

What's my experience with pricing, setup cost, and licensing?

Licensing AlgoSec is easy. To license AlgoSec, you must get a MAC address on the AlgoSec server, then you can deploy the AlgoSec server in your environment. And if you get a MAC address, you must update on the AlgoSec portal to request the license

What other advice do I have?

I would rate it a nine out 10. It would get a perfect 10 if they fixed the many bugs in the new version.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user