AlgoSec Reviews

I have been implementing AlgoSec for different end customers. None of the environments are on the cloud, they're on-premise applications. Some of them have been planned, but a majority of them are for virtual instances. I have implemented four or five end-customers and also supported them with AlgoSec.

I deploy and maintain AlgoSec for customers for test purposes. I use it before doing anything on the customer's premises. For testing purposes, I have used it in my own environment also, but the majority of the time I'm using it in the customers' environment.

I have integrated AlgoSec with Check Point, Palo Alto, some older Cisco versions like WSN, Fortinet firewalls, and Cisco ASA.

The features that I like are the monitoring and the alerts. It provides real-time monitoring, or at least close to real-time. I think that is important. I like its way of organizing, also. It is pretty clear. I also like their reporting structure - the way we can use AlgoSec to clear a rule base, like covering and hiding rules. For example, if the customer is concerned about different standards, like ISO or PZI levels, we can all do the same compliance from AlgoSec. We can even track the change monitoring and mitigate their risks with it. You can customize the workflows based on their environment. I find those features interesting in AlgoSec.

The visibility is pretty clear from top to bottom, even interconnected maps and zones.

We can always customize the standard risk profiles. But even within the standard one, before doing any changes, when you go with the flow, they always inform you. Before implementing the change, you get the visibility there. You get the visibility with risks.

This is important because the places that I have worked have different departments for risk handling. So whenever we go through the flows before implementing, that part goes through the risk department and gets their approval first. With AlgoSec you get to know the risk profile before implementing the change. That way you get to know the risks that you are taking with that particular change. So it's important.

It has helped to reduce the time that it takes to implement firewall rules. In some places where I work, they fill a form and send it to a particular manager. For example, if an end-user fills it and he sends it to his manager, then it gets his approval and he sends it to the risk department, and gets their approval, and sends it back to the person who implements. There's a chain that takes a longer period of time and even their paper costs. That gets reduced when they use a workflow from AlgoSec. They always get automatic notifications when the change moves on to the next level so they know exactly which stage the change is in.

It is helping to reduce those policy changes by more than 50%.

You can face audits in two ways. You can either do it from AlgoSec. I have used it like that for periodic audits. You can always plan it. Either you can go from one of your rules, clean up your rule base and improve the standards of your risks and all the other areas in the AlgoSec reports. Or else, you can go for a PCR level report and you can prepare it stage-by-stage and commit up to a certain standard. I have used both methods. You can also do reports for the particular changes and check how much your environment is improved after you follow the report and do the particular change that they suggest. For example, reordering or combining your rules or removing some of the unused objects. Then you can run a report and see how much it gets improved. So in terms of auditing, which they can run every six or eight months, or once in a year, you can always turn on your audit before it comes to that level. You can always prepare for your audit by scheduling reports.

It's pretty easy when it comes to integrating with the leading vendors. If you want to integrate, they have proper documentation. Their documentation is very good. I have to give them credit for that. You can always follow it. Integrations are pretty easy and much easier than with some of the similar competitive products that I have used. I don't want to mention names, but AlgoSec is much easier because of their proper documentation. For example, when you are integrating a particular device or application, you know the things that you need to do because they have the proper documentation before doing it. It takes less time to integrate compared to some of the other products in the field.

I have come up with two cases of misconfigurations in some rules. One of them is with change requests when you have a single object and you just have to amend it to the particular rule but not to other specific rules. The other thing is what rule it's covering. It's not a misconfiguration, actually, and you can amend it. I have come up with some situations like that. Before coming back to my stage, it is always clear from the other risks and level of approval. So I did come up with that kind of a scenario but it's not actually a misconfiguration.

AlgoSec has helped to simplify the job of security engineers because you can always monitor your risks and know that your particular configurations are up-to-date, so it reduces the effort of the security engineers. You can always get top to bottom. For example, if you talk about the rule base of a particular firewall and access to some particular things, you can always get a clean one with the required security. So rather than going here and there, they can always use this tool to do the automation and their decision-making.

I haven't yet configured with Cisco ACI, but in the next one and a half months, I'll be integrating it with an ACI structure.

I expect the value of bringing AlgoSec and ACI together will be good. It'll be like an extension. If you integrate AlgoSec, it's not like a single point. If you connect it with the ACI fabric it will be challenging. I haven't really experienced it in full, because I am still in the designing phase and I haven't done the full implementation, but I feel like it'll be interesting and challenging. Since I have not experienced it or yet done the implementation combining these two, I cannot fully say how it will be. It's a question mark. But I'm expecting it to be a little bit challenging because the visibility differs.

AlgoSec needs improvement with its support level.

I know that they have 3D architecture like SMB and enterprise on top of that. Some people consider this as a noncritical device. But because it's not as critical as a firewall, some people think that the support level does not need to be equal to a firewall level of support. But if some people are monitoring and managing firewalls through AlgoSec, the level of support should be equal to a firewall level. It shouldn't be dragging over two or three days. I know that they have three levels of support, but at the very first level, I believe you should be able to directly contact the tech and get a solution as soon as possible.

The only problem I have with AlgoSec is just its level of support, not with the product. Not with the organization or the documentation or anything else, but if I need any additional support, the only problem is the time it takes to get it.

I've been using AlgoSec for two and a half to almost three years now.

I use AlgoSec Firewall Analyzer and FireFlow.

It is generally stable. As I mentioned, the only problem the customers are worried about is the technical response time from AlgoSec. If you have to contact tech support the project will get delayed. The customers are comparing it because, for example, in their environment they have Palo or Check Point, and their support levels are much higher. With them, when you open a ticket, after a few minutes you can check and get the opinion from the tech or check if an engineer is available. If it's a critical issue, you can always talk to him within hours and fix the issue. So they always compare that level to AlgoSec's support level. That's the only issue that we have to explain to them. The customer's opinion is this is a non-critical device because this is not a firewall. But we manage firewalls so that kind of level of support should be given.

In terms of scalability, the maximum that I have tried with AlgoSec is six clusters. Its scalability is good. The way that we can work with it is good because with every device you can see everything on the same dashboard. If you want to check the monitoring, you can always select the device to see. You can check the status by clicking the device. It's the same structure. The scalability is good but I have only worked with a maximum of six clusters so I can't tell you exactly when it comes to a high number of hours, if it is good or bad, but for the six that I have worked with, it's good.

We do have plans to increase usage of AlgoSec. I have explained to some of the customers about the application integrations, the visibilities, and the rule-based optimizations by using this feature. In terms of features, I am expecting that they'll amend that component to their environment. Since we are a system integrating company, when we propose a solution for a particular customer, we always propose to do firewalls. Therefore, we always add AlgoSec. When we are proposing it, we always submit AlgoSec automatically.

I did not find the initial set up very complex. It's advanced, but not complex. Their documentation for implementation is very good.

It really depends on the customer. Some places, when you go for a POC or a deployment, we can always plan and tell them that if they are integrating these kinds of things, these are the levels of provisions that we need. These are the things that they need to do from their end. 

The POC for some customers goes three or four days because of their delays. But with some customers it goes fairly quickly, like a day and a half or two days. For one customer it took five days because they had a procedure where you have to fill a form and send it before creating your user for AlgoSec when it's with the firewall integrations. Because of that, it took a little bit longer. So depending on that I give it three to five maximum days to integrate four or five clusters. It really shouldn't have taken that long to do the work. Then you need to contact different teams to get the support. It all causes delays.

In terms of implementation strategy, I'm always looking at what their components are. I always have to go with the Firewall Analyzer components and to check what type of devices  they are willing to integrate for this particular unit. I check if it is a Check Point cluster, or the Palo cluster, or a Forti cluster, and what the additional features are that they are looking for. Based on that, I complete the Firewall Analyzer unit as soon as I can. Since I have worked with the product, I have similar use cases. What are the things that we can use to demonstrate for firewall change flow? I'm always asking for input from them. What are the things that you need for base level policy changes, etc...?

In terms of actually deploying AlgoSec, most of the time it's me only. But I have to contact the other end. There is always a direct contact person and a support team when it comes for integrating the firewalls. 

When it comes to maintaining AlgoSec, we have another colleague also. They can always give the support.

I have seen improvements of ROI at companies. Although customers might have a department, they recruit new people to use AlgoSec reports to analyze their risk, monitor the alerts, and check their daily tasks. I have seen new implementaton by a banking customer who obviously see the value.

I'm on the technical side so I don't have a clear picture about pricing and licensing. But as far as I know, if a customer asks for a 24/7 support, the pricing level is much higher, relative to normal 8 - 5 support.

Recently, we proposed AlgoSec and there were other companies who proposed other solutions. During the technical discussions, I was the one who did the demonstration, and we were able to say that whatever features they are looking for, we can always provide it with AlgoSec. When they finally released the tenders we were in the top three options and the second place for technical. The only problem was the pricing with AlgoSec.

The other company gave much a lower price. We couldn't match the AlgoSec price level to that particular vendor. I think the company and customer were really impressed with our presentation and demonstration that we gave. They even told us if we can reduce our pricing by a certain level, they can take us because they are impressed with our product, but the pricing won't do. But when we tried to AlgoSec to reduce the cost so we can get this deal they couldn't match it to that level. Unfortunately, we lost the customer.

It was not a one day effort that we put into submitting these documents, to comply to their requirements, and do a demonstration. They were convinced to take this product, but because of the pricing issue we lost it. We all got disappointed about the support level.

I find AlgoSec more organized than some of the other products. With some other products, you have to go here and there to check it, but with AlgoSec it's more organized. But, I find some of the other products more customizable than AlgoSec. It takes a little bit of time to do the customization, for example, if you need to change or add some special level of approval or if you need to add three different levels of approvals for a particular workflow. To do that, sometimes you have to contact AlgoSec's regional support. But with other products that I know, it's just a matter of adding a particular character to the workflow. In some cases I have found other products that are useful, but in terms of organization, I find AlgoSec easier and more manageable than some of the other products.

I have learned so many lessons here. A secure environment is your main asset. When you have a secure environment you can always run your business smoothly, do your changes smoothly, and do your daily tasks smoothly. A secure and safe environment is the key to a successful IT business. That's the main point that I've learned from this.

If you're implementing, I always recommend AlgoSec and to check whether it can cater to their needs. Most of the time, it is capable. It's capable of handling your requirements most of the time.

On a scale of one to ten, I would give AlgoSec a seven.

This is taking into consideration the support and everything else. Any talks about AlgoSec and you need to consider their support level.

We are not personally using AlgoSec in our organization. We consult with the customer, as to why they have to buy such a solution like Firewall Analyzer. We are a distributor for the Indian market. We guide the customer to why they have to buy this kind of solution, what are the business requirements, etc. 

I have done PoCs and demos on the product.

The solution allows multi-vendor firewalls to have a centralized solution where they can analyze all the rules, duplicates rules, etc. Also, it helps them understand if a change can be automated.

We consult with big customers who have multiple locations. In every location, they have various firewalls available. With AlgoSec as our product, it has really helped with our operational tasks and activities.

If you go through that compliance report, it will give you whether your firewall is in compliance or not. It will also give you a recommendation whether you need to change it. The compliance has helped us with customers, e.g., internal audit from the quality team and external auditors.

AlgoSec integrates with multiple security vendors. It captures the rules, policies and authentication required.

It is pretty simple to use. Resources are readily available.

Firewall Analyzer and FireFlow are very helpful for IT guys, especially for multi-vendor firewalls.

We get a lot of visibility from Firewall Analyzer. It is definitely helpful to see the details of duplicate rules on the firewall. It can define the connectivity and routing.

The solution provides us with full visibility into the risk involved in firewall change requests. This is always required. For example, if you are implementing one rule for network A to network B, but you don't have that visibility in terms of network when you have multiple firewalls, then you have to deploy the rule on every firewall. However, if you have FireFlow, then FireFlow will automatically deploy this rule where it is needed.

I would like more documents and support for the cloud firewall.

We have been using it for one year. I am level 2 certified. I am familiar with AFA (Algosec Firewall Analyzer), FireFlow, and CloudFlow. I have done the online training for AppViz and AppChange.

It has been good. I have not seen any issues.

One to two people are enough for deployment and maintenance. 

The scalability is good.

The technical support is good because it is already available in India as well as the R&D. Whenever I need help, they take my call. I don't have complaints in respect to the AlgoSec support.

I also have experience with Tufin.

It is straightforward and easy to deploy. Two to three days was enough time to complete the configuration along with the device integrations.

For implementation, I always follow these steps:

1. Understand the customer's infrastructure, e.g., what are the customer expectations and primary pain points?
2. Deployment architecture
3. Hardware requirements and prerequisites
4. Port prerequisites
5. initial configuration and setup
6. Onboard devices with default configuration
7. Monitor devices for seven days, then apply the recommendation based on the AFA solution.

For the migration, it is really helpful because we all capture all their policies. We can clean up things with Firewall Analyzer. When doing a migration, we take a backup and that is really helpful for the migration process.

It has reduced the time it takes to implement firewall rules in hundreds of our customers' organizations. Without FireFlow and Firewall Analyzer, you would need one to two hours to deploy the firewall change request rule because you need to identify where to position that rule. It definitely reduces the time by half.

The pricing is good. Though, I would like if pricing could better support small businesses.

We use Cisco ACI with Check Point , FortiGate, and Palo Alto.

This technology gives us total control of our stuff, validation, and clean up of everything that we need.

If you are doing migration from on-prem to cloud, then there is definitely a very quick process and helpful process for that migration.

I would rate this product as an eight and a half out of 10.

We use this solution for device changes auditing, device compliance, network mapping, active change, clean-up of the rule base, and a ticket system.

The device changes audit is a quick identification when changing the configuration on devices. Device compliance gives us the ability to generate device compliance reports. The network map is the method for locating the devices that are related to the communication of origin and destination.

Active change is used to centralize the creation of rules in AlgoSec without the need to access other devices. Cleaning up the rule base means that AlgoSec reports and helps remove unused rules and even unused objects within a rule.

In terms of the ticket system, FireFlow helps to record user requests.

AlgoSec products help to manage complex environments with many devices, so we can deliver requests more quickly.

Environments with many devices are difficult to identify problems, especially when there are new analysts on the team. AlgoSec helps in troubleshooting and streamlines the analysis.

AlgoSec helps in the agility of the analysis, speed in the delivery of compliance reports, automation in the request to create rules in firewalls, removal of unused rules, and optimization of the rule base.

In my opinion, the most valuable features are the network map, unused rules reports (IPT), and active change. They are features that help with automation and reduce the analyst's time spent troubleshooting.

The unused rules reports (IPT) help remove unused rules and even unused objects within a rule.

I would like an analysis to be created for user group rules (Check Point - identity awareness). 

Current versions of AlgoSec do not perform analysis of Identity awareness (Check Point). It would be important for the user to be able to request a rule by an access role group and then AlgoSec would create this rule automatically in the firewall.

An improvement in tool performance would be important. Environments with many devices need a lot of hardware resources to avoid slowdowns. Memory consumption of the server is very high.

I have been working with AlgoSec for five years.

The tool is very stable and does not present many problems.

Currently, the tool works well with large environments.

It may be necessary to create a distributed solution of the product on different servers (WEB / DB).

We did use another solution prior to AlgoSec and the change was due to the reports having more information and easy customization.

The initial setup is simple.

After that, it is possible to make customizations to adapt the tool as desired.

The cost of the tool can be recovered with AlgoSec automations.

We evaluated Tufin and FireMon before choosing AlgoSec.

AlgoSec is the best tool on the market.

We primarily use AlgoSec to just have a check on what firewall rule sets have been configured over a period of time, and if there are any redundancies within those rules, that we can eliminate without any confusion within the ruleset. It allows us to have the optimum support and effectiveness of the firewalls.

Doing the analysis of rule sets is very useful for us.

Being able to make and implement changes within a timeline is a very valuable aspect of the solution.

The solution is easy to navigate.

The initial setup is straightforward.

AlgoSec can probably do better at introducing features for the cloud firewall scenarios. This is something that will probably help customers. It needs a hybrid scenario that includes private cloud, public cloud, and on-prem things. If a feature could cover all three different types of deployment, that could probably make it even more desirable for clients.

I've been dealing with the solution for two and a half years at this point.

We've not received any complaints so far when it comes to stability. So far, our capabilities mapped with AlgoSec has always achieved the best of results for our customers. There don't seem to be bugs or glitches. It doesn't crash or freeze.

We haven't heard anything from clients that would lead us to believe they couldn't scale the solution if they needed to.

The technical support is quite good. I would rate them eight or nine out of ten.

There are some points wherein when it comes to support, my engineer may not have gotten direct support immediately. In the past, my engineer might have to wait half an hour or one hour to get an answer, and then, of course, the customer is also waiting. That slightly impacts my customer experience. Due to that aspect, I am reducing one or two points for that. However, overall, we're pretty satisfied with the solution.

I use a few other solutions as well. More often, I would advise clients to go with AlgoSec. Of course, as a secondary option, if our customers personally had some other preference, my experience is that they tend to go for Tufin rather than Skybox.

The initial setup is pretty straightforward. It's not complex. We don't face any challenges on that front.

We both deploy the solution and manage the solution for our customers.

In terms of pricing, it would be useful if they could be a bit more aggressive to their competition in the market. They need more aggressive pricing. That would be certainly more helpful to the market overall.

We have relationships with AlgoSec, Skybox, and Tufin. We are resellers as well as value-added service partners of all three solutions.

Our experience is across the board. What we advise depends on our customers' requirements and preferences. Based on that, we suggest select solutions.

We have a cloud model that we have worked out with AlgoSec. We are their managed security service partners. Along with that, we also do the on-prem deployment, especially in the Indian government sector.

Overall, I'd rate the solution a nine out of ten. I've had a fantastic experience with it so far.

The purpose of using the product was to attack and Analyse rule bases from a holistic perspective. The Firewall Analyzer has a rule base consolidator as well as a feature to make the rule base more permissive. It also helps to reduce rule base clutter, as well as legacy rules.

Traffic query helps us to quickly find rules that allow outbound access.

FireFlow is a useful ticketing system that integrates with many products.

We would like to use FireFlow's API to automate certain tickets that come through to leverage automation in our environment. 

An example is that we have a policy with 900 rules, which we were able to reduce to 500 rules. That's close to a 50 percent savings on the rule base.

We used the Unused rules function in Firewall Analyser to examine our rule base. This has drastic performance increases in our production firewalls.

Objects not used within rules can save even more when it comes to cleaning up rule bases. Where this is a very manual process without AlgoSec, engineers can have a level of automation by building useful reports to assist with clean up.

The most valuable feature is the Firewall Analyser, which has a number of fantastic features.

From a risk perspective, you can apply compliance Frameworks like ISO 27001 and PCI DSS against firewall rule bases to see if your rule base is compliant. If you are not then AlgoSec provides descriptive ways on how to adjust rules to make your rule base more compliant. 

Definitely, the policy-cleanup features are the main draw. Shadowed rules, rule duplication, rule consolidation, rules permitting too much access, and rule usage are very useful and help to clean up rule bases.

There are areas where auditing rule changes are not accurate. It is important to be accurate when using rule changes, as users need to be accountable for their changes; however, I cannot trust AlgoSec when rule changes come through on reports as they reflect incorrectly. I have taken this up with support and have never really had a resolution for this. 

I would like to see enhanced dashboards or build meaningful reports for executive consumption. 

AlgoSec is a fantastic product, and I would like to see more "granular" breakdowns of traffic on IPT traffic analysis for source and destination, as the way it does it currently does not allow me to self problems for rules with ANY in the destination.

We have been using AlgoSec for one and a half years.

The stability is good.

Scalability-wise, this product is good.

The technical support is always responsive and always willing to understand the issues. 

Our previous solution was not useful and did not have an intuitive interface. Support was also terrible.

The initial setup is straightforward. If you understand your infrastructure, it will be easy to deploy in a central location.

Our deployment was done through a vendor team and it took one week.

We haven't saved any money yet but we have improved the performance of certain devices.

I would suggest that you start with a VM, get a PoC with a temp license, and try it out. You will love it.

I would not like to disclose which other products, but I have used two other products that didn't even come close to AlgoSec's power.

Its a good production and good support, definitely worth it.

The primary use case of this solution was to optimize and cleanup all the unused legacy firewall rules from multiple firewalls which was massive in terms of time and effort.

The other user case in our environment was to automate all the manual day to day firewall changes to reduce the turnaround time for application owners.

We wanted to have central visibility for our entire firewall portfolio to see the firewall flow of traffic traversing through multiple layers of firewalls.

Definitely with the help of this solution it made our life easier to optimize and clean up the task within a short span of time which provided the quick visibility of all the rules to be actioned.

Traffic Analyzer provided the centralized view for our IT SOC operations to focus mainly on high-risk firewall rules exposing with explicit any rules.

The other best feature is the Fire flow module which is in the process of implementation to automate the firewall rules changes along with the workflow model right from the requester to the implementer.

Both the modules of AlgoSec solution which has been on-boarded in our environment are amazing to use it as it provides a central end to end visibility of the firewall rules spanning across the multiple layers of the firewall.

It's helping our Risk and Compliance team to assess all our firewall rules periodically and help us to remain compliant. 

It saves a lot of manual time especially in daily operations and increases the turnaround time for business.

It has helped us internally to provide the documentation for our auditing and reporting purposes.

AlgoSec should explore integrating more multi-vendor platforms and should be looking towards ready infrastructure for providing Infrastructure as service (IAAS) on any cloud platforms as the trend and technology is gradually moving from In House platforms to Cloud platforms.

Algosec should also be exploring the integration with the open source firewalls as well.

The GUI features of Algosec solution should be more flexible to use and adopt.

We have been using this solution for one year.

In terms of scalability, it's a license-based model to add license at any point of time when you have any new firewalls added in the portfolio.

Customer service is good but needs more improvement to be on listening side of the customers.

No, this is the first time we have introduced this solution.

Our Initial setup was not so straight forward as we were exploring all the features to its depth so lots of engagement was done with OEM level to explore and implement in our environment.

We went through local vendor support however the involvement from OEM was also huge and phenomenal.

Definitely the simplicity to use this solution is the key factor to be a leader in this competition and the other factor is the response and support model.

We went through the RFP process evaluation for all the magic quadrant leaders of the  market.

We've been using Algosec as our reference tool to clean our policies from old unused rules and objects and to assess rules that are categorized as risky so that we can fix those risks.

Firewall Analyzer from Algosec is our main tool for Firewall auditing and it makes our external auditors very confident on the way our policies are managed.

Fireflow from Algosec also helps us identifying which firewalls are on the way from source to destination when we need to open flows and it saves us a lot of time. We are still on our path to implement full automation of firewall policy creation with Algosec's Fireflow but the goal is to achieve it soon.

Since we deployed Algosec our Firewall policies which didn't have much maintenance over more than 15 years had their policies reduced to less than half the rules by using Algosec's Firewall Analyzer to remove unused rules, unused objects withing rules, compacting several firewall rules in one rule, etc.

We were also able with Firewall Analyzer to get risk reports of our firewall policies and start tackling them to close them or at least to be aware of its existance.

Firewall Analyzer is amazon in Policy Optimization and we feel we are much more secure since we have this product. If we add a rule that poses a risk we get an alert from Firewall Analyzer which is very important to us.

We are also starting to use Fireflow and our goal is to have the policy creation automated soon. For now we are already able to identify which firewalls are on the path between point A and point B and we are on the path to full automation which will reduce a lot the workload of our team.

The feature we find the most valuable is the Firewall Analyzer for the firewall policy audits and to show external auditors we have a process to identify risks and to tackle them. It's also very important for policy clean maintenance. 

This helps us know which devices are between the source and destination on the flows that we need to open for the business. The audit tools are also very important to us because we can easily have everything that needs to be presented to the security auditors.

We are in the process of implementing FireFlow for full automation which will save us time for more important things we need to to on daily basis that are not creating firewall rules. We aim to achieve the full automation soon.

In our case it would be very important to improve support to Dell switches and also some Juniper switches, which we have a lot of in our company network. This has been our difficulty for the full automation on the Fireflow. If all our network devices were Cisco I'm sure we would have the network map complete very easily and the full automation working with much less effort.

We already asked Algosec for the support of the switches we have that are not natively supported for the future versions and we expect that we are lucky enough for them to be supported on the next releases, although there are some ways of working around non-natively supported switches to complete the network map.

We have been using Algosec solution for more than 5 years now.

We never had issues so far in terms of stability.

The solution is very scalable and allows you to add all the firewalls and devices you need.

It is also scalable on the licensing as you can start by buying only the Firewall Analyzer license with which you can start onboarding all the devices and completing the network diagram so that Algosec's has the whole picture and know all the paths from network A to B.

After that you are ready to start using FireFlow and you can buy the license only when you are ready to start deploying it.

Sometimes it takes more time than expected to have answers for support tickets, but in general the customer service is good.

Positive

Not in our case.

The initial setup has been easy. The only difficult thing was the part in which we needed to onboard non natively supported switches. That part is a bit more complex.

We implemented with a mix of external company and in-house. The external team was helpful and had a good expertise level.

The time we save on our daily operations is very important. We could reduce the team size with this tool as we had a trainee almost fully working on opening flows.

It also allows us to detect risks on firewall rules and fix them, keeping the company network safe.

The price for the solution is not cheap but if you use it fully it will compensate in terms of securitization and in terms of time gained on the daily operations. It is also very helpful if your company is audited on the security part.

We heard about Tufin and Algosec, and after going through the specs we decided to go on a POC with Algosec and ended up buying it as it fitted our needs. We followed our Firewall integrator advice, who also recommended Algosec for our Firewall's park which is basically Fortinet and Check Point.

We recommend trying fully automation in a controlled environment before widely deploying it to the production firewalls. It's important to gain confidence on the product.

We use AlgoSec for firewall policy management.

The most valuable feature of AlgoSec is its firewall analyzer. AlgoSec also has a better interface.

AlgoSec's audit management is not good enough and can be improved. Also, AlgoSec should be made more scalable.

I have been using AlgoSec for around one year.

AlgoSec is a stable solution.

AlgoSec is not a scalable solution. Only I use AlgoSec in our company to do firewall management.

It is moderately easy to set up AlgoSec.

Two staff were involved in AlgoSec's deployment, which took around three hours.

Before choosing AlgoSec, we evaluated Tufin as an option. We chose AlgoSec because it has a better interface.

AlgoSec is a good firewall management tool for organizations with multiple firewall levels. If you only have two or three firewall levels, then AlgoSec is not worth investing in.

Overall, I rate AlgoSec an eight out of ten.