AlgoSec Reviews

• Risk management for the rules
• Policy optimization suggestions

AlgoSec allows me to understand the inside of the firewall and brings simplicity to very complex firewall setups.

It has helped us manage PCIDSS compliance and also improved the overall network security.

The product has several compliance checks built in for PCIDSS, ISO, SOX, etc., and also a baseline security policy. It would be nice to allow customers to build their own policy, based on the customer’s own customization and business needs.

I have used it for four years.

The application is easy to deploy in an hour and can be done via a user guide.

Support needs are rare. I only require support around twice a year. Upgrades are easily done by the user but when support is required, it is great.

Initial setup is easy because it is a virtual appliance with its own OS.

I have expertise in implementation and prefer to do it myself rather than invoke the support contract. I believe it helps me stay knowledgeable and besides, AlgoSec implementation is a breeze.

The license is perpetual but support is periodic.

I tried the ManageEngine firewall analyzer. AlgoSec has a superior firewall policy optimization algorithm.

It’s a good buy for simplifying large networks.

Firewall analyzer and traffic simulation based on configuration analyzer of all rules on the firewall. Implementation of new rules without the need for manual configuration of rules on all firewalls in the traffic path.

It helped to improve our automation and simplified the configuration of new access rules.

In our experience, AlgoSec need to improve the integration of firewall vendors, because at the moment they don't support all vendors that are out there. 

Algosec Firewall Analyzer has a feature called 'Implement on device' which automatically creates access rules based on your request and sends it to the appropriate device. At the moment, this feature can not be implemented on Fortigate firewalls or Juniper EX switches which act as a layer three device with ACL's etc. I mean they need to improve interoperability with more vendors in order to automate access rules modification on these unsupported yet equipment.

I've used this solution for approximately five months.

According to my colleagues who implemented it, there were some problems during the implementation. They contacted their support team who provided us with good support and we were able to get it implemented.

We had no issues with the performance.

It's been able to scale for our needs.

I wasn't involved in the original implementation.

It's an amazing product for those admins who have huge variety of firewall vendors and would like to be able to automate the implementation of new firewall rules for access across the network.

• Firewall rule monitoring
• Consolidated report on unused objects and rules

We use this tool for rule monitoring and cleaning up the unused objects to improve performance. The risk team uses this tool to validate the existing traffic flow for their approval.

It is currently unable to export the report to a CSV file, and I look forward to seeing it in the next version/release.

I have used it for more than four years.

Deployment was very easy; the vendor-provided documentation was good.

Technical support is 8/10.

I was able to implement it on my own.

It's a very useful product and I highly recommend everyone having this product in place on their security infrastructure.

The reports for the policy optimization are the product’s most valuable feature.

It provides better performance on our firewalls.

• Filtering in the reports
• Adjusting parameters for reports
• To be able to generate custom-made reports

For example, it would be nice if you could define a report to show the unused objects for a specific timeframe. Now, it’s for the whole log period. Or, another example would be: deny rules that have been adjusted in the last 90 days.

I have used it for about two years.

I have not encounter any deployment, stability or scalability issues. It runs very smoothly.

Technical support is very good, providing fast responses and good knowledge of their product.

Initial setup is very straightforward and it is easy to implement.

We did it in-house, as it’s easy to install on your own.

Just try it and you’ll see where the problems are in your firewall. You can easily request trial licenses.

With a network like ours - more than 100 routing points with around 6 VRF on each - traffic simulation query is one of the most valuable feature on AFA.

For FireFlow, workflow customization and active change are the best features.

In BusinessFlow, the ability to simulate documented flow against configuration by AFA is the best feature to limit differences between documentation and production.

This product allowed us to identify unused rules more easily and doing this simplifies policies in our firewall. We now have documentation of our application with objects sync with real configuration. Our approval in change management has been improve through FireFlow and errors have been reduced through change advised and active change. We also save time by identifying earlier than usual routing issues associated to a change request.

A lot of areas have room for improvement!! This product is still young and in constant development. Interaction with a lot of vendors generates a lot of firewall options (specifically, a timer on services, application control, and so on...). This interaction also generates a lot of bugs in the product. Every new version contains about 10 to 20 bugs for our environment. This is partially explained by the fact it has to understand all of the architecture and specificity associated with all of the supported vendors.

A few of the bugs are:

• Services composed with something else other than TCP or UDP are not well-handled and not working in simulation queries. (For example, AH or ESP or EthernetOverIP.)
• Traffic with same objects in source and destination are not working.
• When NAS is used to store reports, we have had a lot of bugs associated with wrong URL encoding.
• Role assignment with multiple LDAP issues.
• Some file cleanup not working as expected.
• Active change is available for only a few vendors.
• BusinessFlow doesn't offer auditing regarding object management and with a lot of application and managers, it quickly becomes an issue with duplicated objects and so on.
• There are also gaps in access right management.

I have been using it nearly two years.

Every version came with its bug bundle... In two years, we opened 50 cases and about 40 of them escalated to development for resolution. This situation is also explained by complexity of our architecture.

I have not encountered any scalability issues. Each version usually improves performance and the amount of required disk space.

Technical support is 7/10; quick to give a new version solving the issue but long to identify the issue, even when it seems to be identified from the beginning.

For example, more than a month ago, we identified a wrong link associated to NAS configuration. We can clearly see that the wrong link was being generated, pointing from the NAS directly to the NAS repository, instead of a symlink. It took more than a month for support to accept this and to escalate the case to dev. After dev escalation, we are expecting a fix on Monday. So, it took four weeks to acknowledge the issue and two weeks to be fixed by development.

We did not previously use a different solution.

Initial setup is straightforward; some custom options can be tricky to set up, but will not be used by most customers.

Be careful with VRFs. One router with two VRFs consumes two licenses. So a new VRF configured on all routers will double the number of licenses required on routing elements.

We benchmarked Tufin before choosing AlgoSec. We chose AlgoSec over Tufin for its capacity to be more customized and its support for MPLS and VRF.

Offer me a job. ;) I will help you set it up.

More seriously, test it with caution through a POC to be sure that all your architecture specifics are addressed. If not all of them are addressed, ask for a commitment regarding support of missing features and ask for those commitments to be written down before ordering.

* Network map - to see how firewalls and routers are connected.

* Traffic simulation - to emulate traffic through the rule-base and see if you need to open additional ports/services.

* FireFlow - to order new firewall openings.

* Less overhead on the network security department since the user can verify the rules themselves.

* Risk profiles helps find disallowed traffic.

* Policy cleanup feature is really good for removing unused rules, etc.

* More unified UI

Since 2013

AlgoSec AFA provides visibility and enhancement opportunities on the firewalls. You can observe risk trends, regulatory and baseline compliance, as well as live changes and change history.

AlgoSec improved our firewall visibility and related control points.

Needs continuous improvements in all areas since firewall vendors are improving their products and the IT security industry is definitely improving itself.

3 years

Deployment is easy, no issues at all.

No issues so far.

8/10

8/10

No previous solution

Initial setup and deployment was straightforward.

We got help from a partner, 8/10

We evaluated two other vendors in addition to AlgoSec.

The firewall analyzer allows for a quick and consistent method of reviewing your firewalls ruleset for security, compliance, and peace of mind. The ability to review and understand your firewall topology, run reports and have the ability for practitioners and auditors to review our security posture, gives us a sense of calm within this area of security.

Adding AlgoSec as a process into our network, compliance, security, and audit teams allowed for quick turnaround on any issues that arise regarding security rulesets. We often find these issues before they are pointed out to us, which leads to a quicker turnaround from compliance, but more importantly from a security mindset. This tool is used as part of the M&A process to analyze any new companies looking to incorporate our network. It's become one of the indispensable products we can't live without.

I would say cloud is an area for improvement, but AlgoSec in is that market now, too. I do want to see, however, the ability to set up an instance within the cloud instead of having to use physical appliances.

I've had no issues with deployment.

It's been stable for me.

It's able to hit all the devices that I've put it up against and it was able to find rules that put our organization at risk.

The technical support is standard. They do a good job and understand the product.

It's head and shoulders above all the competitors in the field. They're the ones pushing the boundaries of the market.