AlgoSec Reviews and Pricing

it_user506337

Security Consultant at Securelink

Nov 13, 2016

We took advantage of the the system's ability to add intelligence in all stages of a change.

Good and bad experience - A case study of the use of AlgoSec FireFlow.

The Good:

· Cut turnaround time on firewall rule changes from weeks to days.

· Improved network visibility via policy discovery, map and traffic simulations.

· Increased accuracy of firewall changes with improved network security.

· Highly improved traceability and accountability in the firewall change process.

· It is easy to customise AlgoSec FireFlow to a quality system.

The Bad:

· Lots of time was used to build and maintain the topology database (the network map). This is the foundation for the magic to happen. If the topology is wrong, the path discovery and automatic selection of Firewalls in path / in scope for the change can be incorrect.

· A decommissioning feature is missing in FireFlow, separate unused rules can be found and decommissioned via the AlgoSec Analyzer, but the FireFlow product does not have a feature for decommissioning of a complete FireFlow ticket.

· The system has a so called roll-back feature, but this is implemented very simply just by a restore of the complete configuration. In practice, this feature is not useful. If a FireFlow ticket is implemented, and it is discovered that some of the data in the ticket was wrong, it is not possible to roll-back the mistakenly implemented firewall rules. The cleanup is a manual task that can be time consuming.

Challenges in this case story:

To reach the goal and have the above highlighted business impact, several challenges were faced during the first year of deployment.

One of the best lessons is that the AlgoSec FireFlow system is only accurate if the network topology is complete and accurate. We would have to spend a lot of time tweaking the network topology to make it accurate.

Another challenge was software bugs. AlgoSec technical assistance center was keen to help fix the software defects, but still it was time consuming at times when software defects were disturbing normal operation.

Results

Firewalls need constantly maintained rule changes and security assessment in order to adapt to the ever changing business and threats. We see our decommissioned business applications, new factories or sites that are build, etc.

This altogether brings a heavy workload on the security department.

Now the firewall maintenance tasks scale with existing staff.

Firewall rule changes take days and not weeks.

The most significant benefits we achieved were:

· All firewall rules match exactly the planned action

· All stages of a change are now accountable in the history/audit trail of the change

· No time spent on already working change requests

· Full visibility into the network path of traffic

The intelligence provided by the AlgoSec system, and easy accessible security controls are significant, reducing the time spent in the periodic security assessments carried out.

in the AlgoSec product:

Over the last couple of years we have had several missing features in the product that prevented us from reaching the full extent of automation from a start. However, most of the missing capabilities are today in the product.

Remaining is a better support for decommissioning of firewall rules and applications. This is high on our wish list.

Challenge

As responsible for the network infrastructure and security on more than 95 firewalls. The network infrastructure and security must follow the same strict regulated quality guidelines as the main business area itself.

The most central aspects of strict regulated quality are:

Traceability: the ability to reconstruct the development history of the products.

Accountability: the ability to resolve who has contributed what to the development and when.

Firewall change management in this environment is time consuming and cumbersome.

Each firewall change took several weeks with high cost. Many firewall rules were build unnecessarily wide due to complexity in network.

Many changes were performed for already working traffic. Human errors in creation of firewall rules put the total security at risk. The validation process was cumbersome and error prone.

Solution

We succeeded in automating the flow in the change process with full traceability and accountability. AlgoSec FireFlow was integrated with the surrounding quality system using the great customisation capabilities, and is now used as the main change management system for all infrastructure changes to Switch, Router and Firewalls in the production network.

We took advantage of the AlgoSec system's ability to add intelligence in all stages of a change.

This raised the accuracy of firewall changes.

Disclosure: My company has a business relationship with this vendor other than being a customer: I have been working as a contractor for the Customer for 2 Years building and using the AlgoSec FireFlow My company originally sold the solution to the Customer, however my role has been operation and maintenance at Customer site each day for the last 2 Years

it_user502044

Senior IT Security Consultant at a tech services company with 501-1,000 employees

Aug 25, 2016

Download

Valuable features include FireFlow, traffic simulation and the network map.

Valuable Features:

* Network map - to see how firewalls and routers are connected.

* Traffic simulation - to emulate traffic through the rule-base and see if you need to open additional ports/services.

* FireFlow - to order new firewall openings.

Improvements to My Organization:

* Less overhead on the network security department since the user can verify the rules themselves.

* Risk profiles helps find disallowed traffic.

* Policy cleanup feature is really good for removing unused rules, etc.

Room for Improvement:

* More unified UI

Use of Solution:

Since 2013

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner

Buyer's Guide

AlgoSec

May 2025

Free Report: AlgoSec Reviews and More

Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: May 2025.

DOWNLOAD NOW

851,823 professionals have used our research since 2012.

it_user552438

Technical Consultant at a tech services company with 10,001+ employees

Nov 22, 2016

Download

By leveraging BusinessFlow/FireFlow/ActiveChange we have been able to reduce the time from initial requirements gathering to implementation of complex firewall designs.

What is most valuable?

We were immediately able to leverage the workflow tools in FireFlow with ActiveChange to speed up our deployment of firewall policies.

How has it helped my organization?

By leveraging BusinessFlow/FireFlow/ActiveChange we have been able to reduce the time from initial requirements gathering to implementation of complex firewall designs by approximately 80% without compromising our security posture.

What needs improvement?

Additional understanding of complex routing in multiple systems.

For how long have I used the solution?

We have had this working in our production environment for about 6 months.

What was my experience with deployment of the solution?

The initial deployment was unsuccessful as the product had not initially support our use of virtual routing instances on Juniper SRX devices however AlgoSec engineering was quick to deploy fixes to allow us to reach our desired outcome.

What do I think about the stability of the solution?

None.

What do I think about the scalability of the solution?

None.

How is customer service and technical support?

Top notch.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

it_user540387

Information Security Consultant at a tech company with 51-200 employees

Nov 21, 2016

Download

It detects dangerous rules that affect security. I would like an architecture diagram that combines intelligence from all integrated firewalls.

What is most valuable?

The most valuable features are the risky rules analysis and network diagram representation generated from the firewall perspective.

How has it helped my organization?

It has helped to detect all unauthorized changes made on my firewalls. Also, this product can identify if anyone is creating dangerous rules that can severely affect the security of my organization.

What needs improvement?

One scope of improvement is to create an architecture diagram that combines intelligence from all integrated firewalls.

For how long have I used the solution?

I have used this product for three years.

What do I think about the stability of the solution?

During the early implementation phase, some stability issues were experienced. However, that is somewhat stable now.

What do I think about the scalability of the solution?

We have not encountered any scalability issues yet.

How is customer service and technical support?

I manage the reviews aspect, not maintenance.

How was the initial setup?

We were not part of the implementation team.

Which other solutions did I evaluate?

We evaluated the FireMon solution prior to this product.

What other advice do I have?

Prior planning is required for licensing and appliance handling if the company is looking to introduce new firewalls/security devices. This tool even integrates Cisco products to track changes on core switch or primary routers/VPNs.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

reviewer1335642

Associate Consultant- Cybersecurity & GRC services at HCL Technologies

Jan 20, 2021

Assists with identifying traffic flow issues within a short span of time

AlgoSec assists with identifying traffic flow and related issues within a short span of time. The operational value it provides us helps in increasing our efforts towards different issues, thus increasing our scope of work.

We haven't observed any technical issues with AlgoSec and the support provided is as per the expectations. Overall, we are satisfied with AlgoSec products and services.

I would like to see an improvement to the technical support which is provided by AlgoSec.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

reviewer1278324

Cyber Security PreSales Engineer at a comms service provider with 10,001+ employees

Feb 3, 2020

Download

Optimize firewalls quickly and efficiently using multi-target rule and policy deployment

Pros and Cons

"The most valuable feature is the ability to deploy new rules in all of the firewalls included in the environment at one time."

"The UX control panel is in need of improvement."

What is our primary use case?

We recommend the AlgoSec Firewall Security Management solution to our customers in order to help them with firewall policy application and optimization.

How has it helped my organization?

This solution helps all of our customers. They are network engineers and network administrators who need to recertify expired firewall rules, as well as clean and remove all of the rules that the customer doesn't need in their devices.

What is most valuable?

The most valuable feature is the ability to deploy new rules in all of the firewalls included in the environment at one time. This automates the process instead of installing one rule or one device at a time.

What needs improvement?

The UX control panel is in need of improvement.

For how long have I used the solution?

I have used AlgoSec for a long time and with many customers.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

it_user456096

Network Engineer at a comms service provider with 1,001-5,000 employees

Aug 31, 2016

Download

Implementation of new rules without the need for manual configuration of rules on all firewalls in the traffic path has been good for us.

Valuable Features:

Firewall analyzer and traffic simulation based on configuration analyzer of all rules on the firewall. Implementation of new rules without the need for manual configuration of rules on all firewalls in the traffic path.

Improvements to My Organization:

It helped to improve our automation and simplified the configuration of new access rules.

Room for Improvement:

In our experience, AlgoSec need to improve the integration of firewall vendors, because at the moment they don't support all vendors that are out there.

Algosec Firewall Analyzer has a feature called 'Implement on device' which automatically creates access rules based on your request and sends it to the appropriate device. At the moment, this feature can not be implemented on Fortigate firewalls or Juniper EX switches which act as a layer three device with ACL's etc. I mean they need to improve interoperability with more vendors in order to automate access rules modification on these unsupported yet equipment.

Use of Solution:

I've used this solution for approximately five months.

Deployment Issues:

According to my colleagues who implemented it, there were some problems during the implementation. They contacted their support team who provided us with good support and we were able to get it implemented.

Stability Issues:

We had no issues with the performance.

Scalability Issues:

It's been able to scale for our needs.

Initial Setup:

I wasn't involved in the original implementation.

Other Advice:

It's an amazing product for those admins who have huge variety of firewall vendors and would like to be able to automate the implementation of new firewall rules for access across the network.

Disclosure: I am a real user, and this review is based on my own experience and opinions.