AlgoSec Reviews

I am the senior network security engineer in an environment of more than 80 firewalls ranging from ASA 5506-X to ASA 5585-X and now to FortiGate 3960E. As part of this position, I need to be able to audit firewalls and ensure that they are compliant to a number of policies.  Before AlgoSec, this was done in a very long, slow manual process, and it took days to audit even the smallest firewall. With AlgoSec, I can run a compliance report and see exactly where that firewall falls short.

AlgoSec has freed up my time to look into new solutions and complete other jobs that I have to get done. I have been able to shepherd the migration from Cisco ASA to FortiGate and using AlgoSec made that process much easier. Now, when I get a request for audit information, that information is available at a click. A PCI audit is no sweat. I know which firewalls fall under PCI, and I can provide the needed answers in minutes instead of days.  This has improved my use of time.

Policy optimization, compliance, and change reports are the most valuable. I can clean up firewall rules quickly, optimizing the rule set and moving on in hours. Before, I was looking at days. Compliance is a breeze. The change reports are helpful to see changes over time and also be a "second set of eyes" when looking into issues. 

The mapping tool is helpful. 

Traffic queries are a great help when troubleshooting a problem, especially if the traffic is going through two or more firewalls.

I can't think of specific improvements. If anything, the product has been improving in usefulness constantly. 

I have been using AlgoSec Firewall Analyzer for approximately two and a half years now.

Product hotfixes are released regularly and are a breeze to install. I have dealt with other products that always promising to fix bugs, but it takes months or longer for the next patch to appear. AlgoSec is on top of this and in my opinion is a real leader with bug fixes.

Technical support is the best that I have ever dealt with. I have yet to have a support engineer tell me that they couldn't fix a problem or that it was sunspots (Cisco TAC). They have gone above and beyond multiple times. I never hesitated to call as they have never made me feel that the problem is the user, even though I am sure that there were times it has been.

I have never had a problem that the technical support wasn't willing to dig into and get resolved.

Not really. We used a homegrown VBScript that would parse the configurations on our firewalls for auditing. This didn't help at all with compliance.

The setup is not difficult. The professional services were outstanding in installation and knowledge transfer.

We implemented through a vendor team. Their expertise was outstanding. They made sure to spend a lot time doing knowledge transfer.

The initial cost was high for us, but we have always been behind the tech curve and cost has always been the limiting factor. That attitude has changed. Now, we look for the best, not simply the cheapest.

We did look at a couple of other solutions. FireMon and Qualsys are the only two I remember.

It has saved my bacon a number of times and is a great arrow to have in your quiver of tools.

We need less time to identify any risks in our firewalls, as we can detect changes in real-time.

We have obtained in easy way to do compliance reports for audit purposes. With this optimization reports, we can clean up unused rules, consolidate covered or redundant rules. We can also define trusted rules that apply.

Risky rules reports help to reduce manual work and identify the main risky configurations to remove. This give us some recommendations on how remediate and their importance.

• Identifying and removing risky rules
• Firewall rules cleanup (unused rules)
• Security compliance reports
• Security baseline settings

A vulnerability management module might be interesting, though not integrated with a third-party vendor. It should be an AlgoSec VM module.

I would like some server integration for vulnerability management.  

Some PDF reports are not so good. E.g., the graphics and reports are not so good. Sometimes, we need to create graphics and reports to compare security ratings across months and groups. 

I have been using AlgoSec for two years. 

Awesome.

Great.

Excellent and very kind technical support.

No.

Licensing is very easy to set up. The pricing is relative to how you want to expand and harden your network security. 

I did not evaluate another solution.

It is a great tool that makes work easier each day. I can't imagine working without AlgoSec and using it for my daily activities. 

The primary use of this solution is to extract Risky Rules reports obtained from our Firewalls, check the rules, and proceed with changes on the Firewall as needed. In these reports, we also see the traffic being applied for different rules.

The traffic used for different Firewall rules can be obtained and then, we have a clear idea of the use for different rules. If some service or protocol is more often used or not, we can see.

We use the FireFlow tool to create the rule to be validated and applied in the appropriate Firewall. FireFlow can install the rule automatically.

This solution has improved our Security in our Firewalls. This has helped to restrict rules, delete rules that are too permissive, and create a configuration that complies with our security policy.

The reports are very useful for determining whether our Firewalls are compliant with our security rules and directives.

The feature that I've found most valuable is the risk classifications for different rules. The number of different risky rules that we have for each Firewall is determined automatically. 

The traffic used or not for every service is very useful to check if some service is needed or not. In cases where it is not used, we can delete or disable it.

The FireFlow tool is very useful with the automatic installation of rules into Firewalls. It detects the router and applies the new rules, which saves us time in manual configuration.

There are sometimes issues with the Risky Rules reports where the number of hits is registering zero, but we know that this is incorrect because we have checked the rules and see that they are indeed registering traffic.

Sometimes the Trust setting on Firewall rules is changing to trusted by itself.

I have been using AlgoSec for more than one year.

I have very good impressions of AlgoSec stability.

The scalability is very good.

I did not use another solution prior to this one.

I did not evaluate other options before choosing AlgoSec.

Overall, I think this tool is very useful and we think that it's difficult to improve.

Our primary use for AlgoSec is to automate our firewall configuration. We use the AlgoSec system to remotely configure the firewalls, making our life easier.

We are in a multisite environment with plenty of firewalls for perimeter security and LAN segregation for specific proposes. This solution helped us to make the process more dynamic.

It has reduced the workload for the firewall team thanks to the API integration with our ticketing system, handling the standard types of requests automatically. Before having it, we had to create a lot of standard rules that now can now be just pushed from the AlgoSec system.

It has also helped in terms of firewall monitoring. Automatic alerts are sent to the security team so we can react quicker in case something goes wrong or a thread is detected going through the firewall. This is made possible using the simple reports.

The most valuable feature of this solution from an operations perspective is the automation of the firewall rule deployment, working together with our ticketing system.

Any new needs are requested by a user using the internal webpage request. This request is automatically validated against a set of standard rules. If the request is compliant, the new rule sets are automatically configured in the specified firewalls without any human action. This reduces the firewall team's workload and improves efficiency.

It would be nice to have a good tool for network map discovery in the GUI to make it more user-friendly. I would also like to be able to check and modify network maps in a graphical and more intuitive way. This will improve our network overview for new deployments and troubleshooting.

An API to connect to Palo Alto Prisma and Zscaler to be used after SD-WAN deployment would be a helpful feature. We have discussed this with AlgoSec and are hoping to see it in the near future. 

We have been using the AlgoSec solution for four years.

We did not use a solution like this one previously. This is the first time.

I'm part of the team that uses the AlgoSec solution, not on the finance IT team.

Our primary uses for AlgoSec are to gain visibility and automate rule creation.

We met our goal by gaining visibility and automating rule creation. We are on a very good track.

The most valuable feature is the help of cleaning the firewall rules and object databases.

This solution would be improved if it were able to compare configurations and provide recommendations. For example, suggest cluster members.

I have been using AlgoSec for four years.

Firewall rule base management and FCR processing is the main reason we use AlgoSec.

We also use it for troubleshooting purposes and reporting. In that sense, there are three instances that are the main consumers of it. Our infrastructure management uses reporting to get insights, our Network and Security team does all of the FCR processing and troubleshooting of network problems, and our security department that also uses reporting and is part of the approval process for FCRs that are placed in AlgoSec.       

AlgoSec provided a much easier way to process FCRs and get visibility into traffic. With previous vendors, we had to guess what was going on with our traffic and we were not able to act accordingly.

By automating some parts of the work, business pressure is also reduced since we now deliver much faster. I received feedback from our security department that their FCR approval process is also now much easier. The network team is also now able to process FCRs much faster and with more accuracy.

Most of all, Technical Reviews are now top-notch and AlgoSec does part of the job automatically that had been done manually with our previous vendor.

We now process FCRs much faster, which helps us to deliver faster and implement reworks at a quicker rate.

With Business Flow and Firewall Analyzer, it provides much better visibility into traffic and process flows. Visibility into traffic was our main problem in the past since we had no clue what was going on but now, we have all sorts of analyses and reports. This makes our decision process, firewall clean up, and troubleshooting much easier.

All of the search options needed are there but the search menu could be a bit more intuitive. In other words, I can perform any search I want without any problems but combining different search parameters can sometimes be a problem.

Creating more intuitive menus could be helpful, especially for the first-time users.

For example, it would be useful to be able to save searches with complex structure so they can be easily reused with simple change of parameter. Also, "contain" criteria sometimes misses just like ability to search using any value in basic search box, instead of reaching out to Advanced search (it would be great if simple typing IP address, or Project ID in basic search box lists all rules containing such a value).

We have been using AlgoSec in production for about one year. Before that, we used it as a PoC for around six months.

We have had no issues in the past year.

This solution is very scalable.

We used another vendor prior to AlgoSec but we were not satisfied with the "intelligence" of the product when it came to the processing of FCRs.

We also evaluated Skybox.

I have not seen any major issues with AlgoSec and it is better than the previous product we used. I am glad to have it now.

First and mostly, as a large company, we had some issues regarding the main rating companies as they found some issues compromising our assets. There are different management systems and models with human interaction and sometimes with a different validation. This was impacting our business, so we put a lot of effort into solving problems, case by case, with manual operations. AlgoSec came into action in order to avoid this and streamline our process.

AlgoSec is one security management tool with the main target to find any rule that is not in compliance with our internal standards. New rules cannot be configured in any firewall unless it has been validated from security.

We were able to identify every rule configured on each firewall in our facilities with AlgoSec. This included every risky rule, shadow rule, and non-compliant rule. After this, we were working with a fully cleaned-up process.

Now, any rule is pushed automatically with AlgoSec. In fact, every user in the company is raising tickets through it to request a new open flow across firewalls. If AlgoSec detects that this flow has no risk, it is automatically pushed onto the firewall. If not, it goes to a dedicated approval process.

Among all of the different AlgoSec modules, I think that FireFlow is the most valuable and we have integrated it into our internal processes. This is something that increases business efficiency and helps avoid bottlenecks in our NOC team. Moreover, we have eliminated any human mistakes that we have dealt with in the past and now we want to avoid as we are moving toward a completely automated network.

There are a few things that we have already raised to AlgoSec in order to improve the tool. First, as the highest volume in our network is SaaS traffic, we need to secure this connection. To secure SaaS traffic there are a few vendors such as Palo Alto and Zscaler, but AlgoSec is not yet able to push rules onto these clouds. It’s in the roadmap but this is something that blocks our whole design.

The network map design is not very useful for the administrator as the information displayed is not user-friendly.

It's been almost two and a half years since when we were looking for a fully integrated Security Management tool and we decided to run this solution in our multi-vendor network.

Stability is good, but we are still debugging tiny things because we have to accommodate the solution to our large IT infrastructure.

It will be good as long as they can move this solution to hybrid or fully cloud deployments. 

All issues raised so far have had a good response SLA.

We didn't use any security managament tool prior to this one.

This initial setup was tough because of the network map configuration. There is no visibility on the provider (ISP) because they cannot grant access to us. So, the configuration was mostly set up manually.

AlgoSec was deployed with the support of professional services coming from the vendor. This made the implementation smooth for us. The expertise was good, as they had experience with this solution.

We were doing some workshops with both AlgoSec and Tufin. 

The AlgoSec solution is really helpful for us, as we need to review all of the rules that have been implemented or we intend to implement, everywhere in our organization, independent of the country or even region.

With AlgoSec, it is possible to check the risks for each rule in terms of security and it is possible to easily decide if the implementation is valid or risky. This allows us to keep only the rules that are following our internal security standards.

AlgoSec helps to keep order and improve efficiency for operations teams supporting the solution.

In short, this solution makes it possible to increase efficiency by simplifying the life of our engineers. They support the daily interactions with the Firewalls through the implementation of the requested rules. We can easily and quickly identify all of the rules on the firewall and avoid the individual review and analysis of each rule. This keeps the firewalls clean and under our security policy, following our internal standards.

I think that perhaps FireFlow could be the most valuable feature, according to the feedback from our technical teams. This allows them to easily add, modify, and remove rules from the firewalls.

Another good point is that we avoid the old procedure of end-users requesting rules, a security team in the middle validating, and then the final implementor doing the job. With this feature, you can directly permit the end-user to request what he or she needs, and if the security policy is respected then it can directly be approved and implemented.

What the technical teams report to me is that the network maps are a concern and should be improved. It would be easier if the network maps could be updated using the GUI portal instead of from the OS. This would benefit the operations teams working daily with this tool.

In the end, we are striving to improve efficiency, and taking into account that Operations are really under pressure from SLAs to keep support ticket queues clean, and with the least amount of backfill possible, it is key to get better tools that make it easier and faster to update the network maps.

I think we are roughly in the third year since the first time we started using the AlgoSec tool in our company.

In terms of stability, this tool is really good and more than you could expect.

We are still involved in debugging a lot of stuff because we have to accommodate the solution to our large IT network. As our company and network are really large, we have a lot of jobs to do. Even with this powerful tool, it is not immediate.

Scalability is really good with this tool as it is flexible, as long as we can move this solution to hybrid or fully cloud deployments. This is something we are really focusing on right now.

As I know, until today, all issues raised so far have had a good response time and solution. No bad reports or specific or important complaints were reported from the technical teams.

Overall, technical support is really pleasant and smooth.

Before knowing and using the AlgoSec tool, we were managing daily activities with Firewalls the standard way. It was done rule by rule, creating, modifying, removing, analyzing, and finally compiling once all it was decided that everything was under control and following internal security policies.

The initial setup was hard and made more difficult because of the network map configuration. There is no visibility on the provider because they cannot grant access to us. So, the configuration has to be manually done for the most part. This part was really hard and time-consuming.

My team was not involved in testing or pilots of any other solution prior to making a decision. Another global team was part of the negotiations, study, and comparison. My team and I were involved once the decision was made.

It is clear that it is difficult to have the perfect tool with all that you need. As we expect, it is not an ideal world. AlgoSec is, in general, doing fine.

Today, this tool is very stable and permits us to improve the efficiency of the day to day work by our technical teams. It also allows the end-user to be more directly involved in the requests, highly reducing the time between the request and the final implementation.

The only advice or remark I can add here is what concerns me with the network maps. This is the cause of what makes the initial setup harder than expected. The reason is because of the network map configuration. There is no visibility on the provider because they cannot grant us access, meaning the configuration has to mostly be performed manually.

AlgoSec is a global tool that has been purchased to get a centralized view of our infrastructure. This enables us to review our security posture and implement a compliance strategy.

AlgoSec is also used for in-depth firewall analysis and intelligent policy tuning and optimization. It helps in regulatory compliance metrics and overall firewall security optimization. It is currently used by the network security, audit, and internal control departments of organizations, giving overall insight/visibility and enhancing improved security across the enterprise.

It has been really helpful in automating changes. This helps us to reduce operational work drastically. The product has centralized visibility, unified management, and reporting across an entire hybrid environment. It can be deployed on-premises, in a private cloud, public cloud, and in SDN platforms. It automatically discovers applications and their connectivity flows, then associates connectivity with their underlying firewall rules.

AlgoSec's solutions are incredibly powerful, providing us with intelligent process improvement that has directly translated into the highest level of security and compliance for our internal network.

AlgoSec is one of the most complete security management solutions on the market. It manages security and compliance based on the applications that power our business. It is one product combining multiple tools. This makes a real difference compared to its competitors.

It helps us deploy new business applications quickly and securely. It ties cyber threats directly to critical business processes.

Using AlgoSec is a double benefit to us. By using this solution we can reduce the cost and the number of errors in our daily operation and also expand our offerings. 

It has reduced our audit preparation efforts and costs drastically and maintains continuous compliance.

AlgoSec delivers a rich set of change management workflows and enables zero-touch change processes if no risks are identified.

AlgoSec proactively analyzes all risks in the network security policy, across multi-vendor firewalls and cloud security groups.

AlgoSec is the only solution that supports the entire security policy management lifecycle from application connectivity discovery, through migration, maintenance, and decommissioning. Independent testing describes it as ‘one of the most complete security management solutions on the market’.

It seamlessly integrates with all leading brands of traditional and NGFWs, cloud security controls, routers, and load balancers.

The graphical user interface is much better than in other products.

The GUI has not been upgraded for a long time and could use updating.

We have been using AlgoSec for several years.

I'm sure we will use this solution for ten more years, at least, as long as it continues to do what is promised.

This product is ready to work within a next-generation infrastructure environment. It simplifies and automates network security policy management to make your enterprise more agile, more secure and more compliant – all the time.

Overall, this is a complete product that helps our organization on a daily basis.

We recommend the AlgoSec Firewall Security Management solution to our customers in order to help them with firewall policy application and optimization.

This solution helps all of our customers. They are network engineers and network administrators who need to recertify expired firewall rules, as well as clean and remove all of the rules that the customer doesn't need in their devices.

The most valuable feature is the ability to deploy new rules in all of the firewalls included in the environment at one time. This automates the process instead of installing one rule or one device at a time.

The UX control panel is in need of improvement.

I have used AlgoSec for a long time and with many customers.