AlgoSec Reviews

Increase the visibility of CyberSec and the area of compliance (audit) of the environment, with the AFA increasing the visibility of vulnerabilities in the environment caused by extensive configurations, and with the AFF optimizing the operation, allowing to focus on improvements.

We implemented in an environment with more than 280 Firewalls from different manufacturers and the AlgoSec solution enabled a more detailed analysis of the environment, ensuring greater security.

It made it possible to reduce the performance of the operating team in the reactive combat of threats, making the operation more active and focused on quality.

Reducing operational costs and decreasing the cat's time with rework and unproductive audits.

We find that the traffic simulation query, active change, policy optimization, FireFlow, and map features are especially useful. All other features of the app are also valuable.

The time spent on auditing before AlgoSec was very heavy, at least one analyst dedicated for a week for small audits, and for most, we lost an analyst for weeks.

After implementing AlgoSec, we reduced the audit time to three days.

The environment is much safer with more active configurations.

Analysis of the environment to optimize the use of the solution (firewall) and obtain a greater view of compliance.

Optimizing the operation making it possible to focus on other improvements.

The possibility for the end-user to request their rule and ensure that policies are complied with using AlgoSec adds greater security, and it also speeds up the request process. It also makes it possible to automate the implementation of rules.

The user receives the information if his request is within the policies and can continue the request, or if it is denied, the applicant must adjust their request to stay within the policies. The time spent for this without AlgoSec is up to one week, whereas with AlgoSec, in a maximum of 15 minutes we have the request analyzed.

I would like to see support more technologies, but I know that AlgoSec is always in the process of evolution.

Perhaps a better financial option would allow customers to choose the complete solution. In an environment that is very large, with many firewalls and routers, it is sometimes impossible to buy all of the licenses. This makes the AFF solution impossible.

This product is stable. There have been a few problems, but when there is some instability the support is always available.

Scalability-wise, this product is good. You can increase capacity simply by buying more licenses.

We had a few cases where we needed support, but whenever we did, it was available, and with the information needed to solve the problems.

The initial setup is easy and simple.

Always by supplier, highly qualified work with positive results.

The solution has a high cost, but the reduction in operation pays the investment.

For the AFF solution, it is necessary to purchase a license for each network asset so that the solution is complete, depending on the size of the environment. 

Before choosing this product, we evaluated SolarWinds and FireMon.

Overall, this is a good product and it meets the needs of customers.

We use AlgoSec to see where our firewalls stand, configuration-wise, and where we can make the policies safer for the environment. We are a large Government organization that provides critical services to the community.

We have a mix of ASA and Firepower that we use in the environment. The tempo is pretty high and there is a large amount of opportunity for error due to the size of the team and sometimes lacking in technical experience with configuring the firewall platforms.

This tool allows us to check the config really easily.

Our pen testers were constantly using AlgoSec for the firewall assessments, even when going with different vendors. We decided to buy the product in order to check the policy in real-time and ensure there were not miss-configurations that would linger until next year's pen test.

We also get an automated email of firewall changes in addition to being able to see if there are any rules that are poorly configured.

I am less stressed thinking there could be a glaring misconfiguration that could cause an incident.

We primarily use the firewall analyzer feature. It is really great for looking at stuff like PCI, HIPPA, etc. There are sometimes false positives but I don't know of a product out there that does not have false positives.

The firewall analyzer is great if you deploy a new firewall platform and need to see if it provides an adequate level of protection, where you don't have any dangerous rules.

I like the peace of mind that we get from seeing what our overall score is for the configs. I also like that I can check against PCI requirements.

This is a tough one because it has a lot of good features.

I think that the rate of false positives can be improved. I would like a FireFlow or packet-tracer-like capability at a lower licensing level.

I liked the additional capabilities for an analyst or lower-level network admin or service desk tech to be able to check the rules to see if there is something blocking the traffic. However, I was not able to get the licensing approved above just FA.

I like the training available as it is very informative, but, I wish it was just available from YouTube and I could easily play it from my cell phone without additional logins.

I have been using AlgoSec for a few years.

We just relied on tech skills and pen tests. This way led us to be reactionary instead of getting ahead of problems.

Setup was not too difficult.

The cost is kind of high but I really did not check any other vendors.

I did not evaluate other options. I do like NetBrain's Path tool. This gives us a similar capability to FireFlow and has some other really great tools. 

We use it daily to check existing rules created on all our firewalls and existing flows that are allowed, and if we can improve the performance of our firewalls by just doing the rearrangement of rules, etc.

We got more productive and agile using the product since the most time consuming job of our team is the creation of firewall rules, analyzing what is already created based on the requests of our users and internal costumers. The solution provides us an in-depth detail of what we have already in production and what we can do to resolve tickets/requests in the most effective way.

We now have more visibility into our firewall and security environment using a single pane of glass. We have a better audit of what our network and security engineers are doing on each device and are now able to see how much we are complaint with our baseline.

The product gave us more agility in the process to analyze and resolve tickets by requesting permissions to access services not enabled by default. At the same time, providing visibility of what we can improve on the scenario that we are already running on it.

The quick wins that the product can help us to achieve. With a few rule arrangements, we can improve the rule processing of the firewalls, increasing their performance and reducing possible bottlenecks, but keep us under the defined baseline of the company.

Also, the gain on the agility of checking what we already have created. The rules that can accommodate new requests instead of creating new rules have definitely helped us to resolve tickets in a faster way, achieving the expected SLA from users and internal customers of the company.

The product should support more vendors with the same in-depth analysis that it already is providing. This would give more reasons to for other companies to adopt it and make us preserve the investment in case we change the running environment.

Five months.

It is very stable without any major issues.

We don't see scalability on this product as a showstopper. We are confident that we can grow without any impact.

Very good. They helped us on everything that we needed.

We stopped using FireMon due to the price and lack of features.

No.

Through a vendor who fulfilled all our expectations.

It is fair. 

For cloud environments, it can be expensive. The model adopted to use as licensing for the cloud environment should be reviewed since it sometimes can increase the value of the service/product in an unexpected way. For example, they should instead use the amount of instances, which should just take into consideration the number of Security Groups and ACLs.

No.

We use this solution for rulebase analysis. AlgoSec provides great unified visibility into all policy packages in one place. Also, the compliance feature is quite useful. 

It is great for checking rules/objects across numerous policies/domains, as well as generating advanced reports about risks, trends in recent changes, covered and unused rules, and if you want to go really deep in rule base optimisation - unused objects. This helps our team to keep network access up to date and secure. 

Growing big requires an increased level of automation and less manual tasks, and this is where AlgoSec comes into the picture.

It has being used for CheckPoint environment with numerous domains, hundreds of Firewalls and numerous policy packages, and Algosec able to provide single point of review. Security risks reports and rules analysis are very handy to optimise company's security posture and operational excellence. 

The most valuable feature is the rule base optimization, which provides extremely valuable information about inactive rules, and rules that can be optimized or unified.

In addition it is about tracking insecure changes and getting better visibility into network security environment - either on-prem, cloud or mixed.

We are also going to implement full change management via Algosec as it allows to eliminate human error, ease on security governance and improve general ROI.

In my opinion, the user should be granted more flexibility to choose exactly which devices per CMA should be analyzed.

The process to replace a decommissioned device with a new device is not straightforward.

With the upgrade to CheckPoint R80.xx we have started to see some issues, although this version was already some time on the market, hence I was surprised that there was no full compatibility achieved. Nevertheless, working with support and professional services solved our problems.

I have been using this solution for one to three years.

This solution is stable. There has been zero technical support interaction during last two years.

Support is build in tier model so the case can be always escalated to more advanced level if needed

We did not use another solution prior to this one. However, it was picked up after careful review and comparison with similar products.

The setup was long in the past but recent upgrades were flawless and support engineers knowledgeable 

Our company have close relationship with Algosec team and they are always showing great level of expertise along with the will to develop custom solutions in case of need

The pricing for this solution seems to be reasonable for the functionality.

We have evaluated number of solutions which are available on the Market. In my opinion several of them were concentrating to much on security operations and SOAR while not having that much functionality related to managing rulebases. Solid firewall change management is something must to have as it is provide strong basis for security governance, improves company's posture and allow to reduce risks in rapidly growing companies associated with multiple changes which might be not properly assessed or implemented as a security exception.

As my company uses basic package, I quite happy with the functionality.

The primary use of this solution is to extract Risky Rules reports obtained from our Firewalls, check the rules, and proceed with changes on the Firewall as needed. In these reports, we also see the traffic being applied for different rules.

The traffic used for different Firewall rules can be obtained and then, we have a clear idea of the use for different rules. If some service or protocol is more often used or not, we can see.

We use the FireFlow tool to create the rule to be validated and applied in the appropriate Firewall. FireFlow can install the rule automatically.

This solution has improved our Security in our Firewalls. This has helped to restrict rules, delete rules that are too permissive, and create a configuration that complies with our security policy.

The reports are very useful for determining whether our Firewalls are compliant with our security rules and directives.

The feature that I've found most valuable is the risk classifications for different rules. The number of different risky rules that we have for each Firewall is determined automatically. 

The traffic used or not for every service is very useful to check if some service is needed or not. In cases where it is not used, we can delete or disable it.

The FireFlow tool is very useful with the automatic installation of rules into Firewalls. It detects the router and applies the new rules, which saves us time in manual configuration.

There are sometimes issues with the Risky Rules reports where the number of hits is registering zero, but we know that this is incorrect because we have checked the rules and see that they are indeed registering traffic.

Sometimes the Trust setting on Firewall rules is changing to trusted by itself.

I have been using AlgoSec for more than one year.

I have very good impressions of AlgoSec stability.

The scalability is very good.

I did not use another solution prior to this one.

I did not evaluate other options before choosing AlgoSec.

Overall, I think this tool is very useful and we think that it's difficult to improve.

Our primary use for AlgoSec is to automate our firewall configuration. We use the AlgoSec system to remotely configure the firewalls, making our life easier.

We are in a multisite environment with plenty of firewalls for perimeter security and LAN segregation for specific proposes. This solution helped us to make the process more dynamic.

It has reduced the workload for the firewall team thanks to the API integration with our ticketing system, handling the standard types of requests automatically. Before having it, we had to create a lot of standard rules that now can now be just pushed from the AlgoSec system.

It has also helped in terms of firewall monitoring. Automatic alerts are sent to the security team so we can react quicker in case something goes wrong or a thread is detected going through the firewall. This is made possible using the simple reports.

The most valuable feature of this solution from an operations perspective is the automation of the firewall rule deployment, working together with our ticketing system.

Any new needs are requested by a user using the internal webpage request. This request is automatically validated against a set of standard rules. If the request is compliant, the new rule sets are automatically configured in the specified firewalls without any human action. This reduces the firewall team's workload and improves efficiency.

It would be nice to have a good tool for network map discovery in the GUI to make it more user-friendly. I would also like to be able to check and modify network maps in a graphical and more intuitive way. This will improve our network overview for new deployments and troubleshooting.

An API to connect to Palo Alto Prisma and Zscaler to be used after SD-WAN deployment would be a helpful feature. We have discussed this with AlgoSec and are hoping to see it in the near future. 

We have been using the AlgoSec solution for four years.

We did not use a solution like this one previously. This is the first time.

I'm part of the team that uses the AlgoSec solution, not on the finance IT team.

Our primary uses for AlgoSec are to gain visibility and automate rule creation.

We met our goal by gaining visibility and automating rule creation. We are on a very good track.

The most valuable feature is the help of cleaning the firewall rules and object databases.

This solution would be improved if it were able to compare configurations and provide recommendations. For example, suggest cluster members.

I have been using AlgoSec for four years.

Firewall rule base management and FCR processing is the main reason we use AlgoSec.

We also use it for troubleshooting purposes and reporting. In that sense, there are three instances that are the main consumers of it. Our infrastructure management uses reporting to get insights, our Network and Security team does all of the FCR processing and troubleshooting of network problems, and our security department that also uses reporting and is part of the approval process for FCRs that are placed in AlgoSec.       

AlgoSec provided a much easier way to process FCRs and get visibility into traffic. With previous vendors, we had to guess what was going on with our traffic and we were not able to act accordingly.

By automating some parts of the work, business pressure is also reduced since we now deliver much faster. I received feedback from our security department that their FCR approval process is also now much easier. The network team is also now able to process FCRs much faster and with more accuracy.

Most of all, Technical Reviews are now top-notch and AlgoSec does part of the job automatically that had been done manually with our previous vendor.

We now process FCRs much faster, which helps us to deliver faster and implement reworks at a quicker rate.

With Business Flow and Firewall Analyzer, it provides much better visibility into traffic and process flows. Visibility into traffic was our main problem in the past since we had no clue what was going on but now, we have all sorts of analyses and reports. This makes our decision process, firewall clean up, and troubleshooting much easier.

All of the search options needed are there but the search menu could be a bit more intuitive. In other words, I can perform any search I want without any problems but combining different search parameters can sometimes be a problem.

Creating more intuitive menus could be helpful, especially for the first-time users.

For example, it would be useful to be able to save searches with complex structure so they can be easily reused with simple change of parameter. Also, "contain" criteria sometimes misses just like ability to search using any value in basic search box, instead of reaching out to Advanced search (it would be great if simple typing IP address, or Project ID in basic search box lists all rules containing such a value).

We have been using AlgoSec in production for about one year. Before that, we used it as a PoC for around six months.

We have had no issues in the past year.

This solution is very scalable.

We used another vendor prior to AlgoSec but we were not satisfied with the "intelligence" of the product when it came to the processing of FCRs.

We also evaluated Skybox.

I have not seen any major issues with AlgoSec and it is better than the previous product we used. I am glad to have it now.