AlgoSec Reviews

With a network like ours - more than 100 routing points with around 6 VRF on each - traffic simulation query is one of the most valuable feature on AFA.

For FireFlow, workflow customization and active change are the best features.

In BusinessFlow, the ability to simulate documented flow against configuration by AFA is the best feature to limit differences between documentation and production.

This product allowed us to identify unused rules more easily and doing this simplifies policies in our firewall. We now have documentation of our application with objects sync with real configuration. Our approval in change management has been improve through FireFlow and errors have been reduced through change advised and active change. We also save time by identifying earlier than usual routing issues associated to a change request.

A lot of areas have room for improvement!! This product is still young and in constant development. Interaction with a lot of vendors generates a lot of firewall options (specifically, a timer on services, application control, and so on...). This interaction also generates a lot of bugs in the product. Every new version contains about 10 to 20 bugs for our environment. This is partially explained by the fact it has to understand all of the architecture and specificity associated with all of the supported vendors.

A few of the bugs are:

• Services composed with something else other than TCP or UDP are not well-handled and not working in simulation queries. (For example, AH or ESP or EthernetOverIP.)
• Traffic with same objects in source and destination are not working.
• When NAS is used to store reports, we have had a lot of bugs associated with wrong URL encoding.
• Role assignment with multiple LDAP issues.
• Some file cleanup not working as expected.
• Active change is available for only a few vendors.
• BusinessFlow doesn't offer auditing regarding object management and with a lot of application and managers, it quickly becomes an issue with duplicated objects and so on.
• There are also gaps in access right management.

I have been using it nearly two years.

Every version came with its bug bundle... In two years, we opened 50 cases and about 40 of them escalated to development for resolution. This situation is also explained by complexity of our architecture.

I have not encountered any scalability issues. Each version usually improves performance and the amount of required disk space.

Technical support is 7/10; quick to give a new version solving the issue but long to identify the issue, even when it seems to be identified from the beginning.

For example, more than a month ago, we identified a wrong link associated to NAS configuration. We can clearly see that the wrong link was being generated, pointing from the NAS directly to the NAS repository, instead of a symlink. It took more than a month for support to accept this and to escalate the case to dev. After dev escalation, we are expecting a fix on Monday. So, it took four weeks to acknowledge the issue and two weeks to be fixed by development.

We did not previously use a different solution.

Initial setup is straightforward; some custom options can be tricky to set up, but will not be used by most customers.

Be careful with VRFs. One router with two VRFs consumes two licenses. So a new VRF configured on all routers will double the number of licenses required on routing elements.

We benchmarked Tufin before choosing AlgoSec. We chose AlgoSec over Tufin for its capacity to be more customized and its support for MPLS and VRF.

Offer me a job. ;) I will help you set it up.

More seriously, test it with caution through a POC to be sure that all your architecture specifics are addressed. If not all of them are addressed, ask for a commitment regarding support of missing features and ask for those commitments to be written down before ordering.

* Network map - to see how firewalls and routers are connected.

* Traffic simulation - to emulate traffic through the rule-base and see if you need to open additional ports/services.

* FireFlow - to order new firewall openings.

* Less overhead on the network security department since the user can verify the rules themselves.

* Risk profiles helps find disallowed traffic.

* Policy cleanup feature is really good for removing unused rules, etc.

* More unified UI

Since 2013

AlgoSec AFA provides visibility and enhancement opportunities on the firewalls. You can observe risk trends, regulatory and baseline compliance, as well as live changes and change history.

AlgoSec improved our firewall visibility and related control points.

Needs continuous improvements in all areas since firewall vendors are improving their products and the IT security industry is definitely improving itself.

3 years

Deployment is easy, no issues at all.

No issues so far.

8/10

8/10

No previous solution

Initial setup and deployment was straightforward.

We got help from a partner, 8/10

We evaluated two other vendors in addition to AlgoSec.

The firewall analyzer allows for a quick and consistent method of reviewing your firewalls ruleset for security, compliance, and peace of mind. The ability to review and understand your firewall topology, run reports and have the ability for practitioners and auditors to review our security posture, gives us a sense of calm within this area of security.

Adding AlgoSec as a process into our network, compliance, security, and audit teams allowed for quick turnaround on any issues that arise regarding security rulesets. We often find these issues before they are pointed out to us, which leads to a quicker turnaround from compliance, but more importantly from a security mindset. This tool is used as part of the M&A process to analyze any new companies looking to incorporate our network. It's become one of the indispensable products we can't live without.

I would say cloud is an area for improvement, but AlgoSec in is that market now, too. I do want to see, however, the ability to set up an instance within the cloud instead of having to use physical appliances.

I've had no issues with deployment.

It's been stable for me.

It's able to hit all the devices that I've put it up against and it was able to find rules that put our organization at risk.

The technical support is standard. They do a good job and understand the product.

It's head and shoulders above all the competitors in the field. They're the ones pushing the boundaries of the market.

• It can identify the policy rules in the firewall that have a high risk and could have an impact on network infrastructure.
• It suggests solutions to these issues, and provide compliance reports by standardizing PCI-DSS, ISO 27001, SOX and more.
• It can monitor policy changes, and who made those changes.
• It generates a topology of the network when it has scanned the network.
• Using the network mapping, it identifies bottlenecks.

We have improved the performance of the firewall to handle requests and responses to/from clients as reduces the number of policies that are needed when the network is exposed to high risk.

They need to improve auditing of IP tables, as only monitoring them does not reduce their vulnerabilities.

I used it for nine to ten months.

No issues encountered.

It is quite stable for 24-hour network monitoring.

There is no problem in the process of scanning and monitoring firewalls, and IP tables in
considerable quantities.

8/10 as they were quite fast in responding to my issues.

10/10 as the technical support provide assistance if there is a problem via both email and telephone.

I have not used a different solution previously.

The initial set up is a bit complicated, because you have to open special ports in the firewall, and give open access to be able to read the configuration topology mapping in the firewall. This means that the process of scanning and monitoring AlgoSec can run smoothly.
Unlike the case with the initial setup for monitoring IP tables, you must use the root access serve (sudo su) so that the process of scanning and monitoring AFA could run smoothly.

We implemented this in-house.

The advantage is that it can really optimise configuring firewall policy rules, and can
reduce the configuration that is vulnerable. It can provide solutions to make policy rules more simple and efficient.

If you want to conduct an audit of firewall and want to optimize the configuration, you can try and use AlgoSec.

I didn't evaluate other options.

Be patient and careful when doing the initial configuration of the firewall with AFA, but after the process is completed, everything has to run smoothly.

An example screenshot of network mapping results from AFA. Network mapping can
be useful also to detect if there is a connection network traffic is interrupted and can assist in documenting the topology that is owned.

The following screenshot shows an example of the policy rules that need to optimized, so you can improve the performance of firewall and its security level.

The following screenshot shows the result of scanning AFA reports that compliance with ISO 27001.

It provides us with a trail of changes. It also has an optimization advisor.

The audits for the firewalls are now straightforward.

The regulatory compliance rules.

I've been using it since March 2015, and I'm responsible for the deployment and administration of it.

No issues encountered.

No issues encountered.

No issues encountered.

It's very good, nothing to complain about.

It's excellent, their support is fast and very competent.

I didn't use a similar solution previously.

It was straightforward.

We used a vendor team who covered all the aspects, and requirements, of the product.

No other options were evaluated.

• Audit reports
• Firewall rule optimization

There are hundreds of firewall administrators, and each one of them creates rules. Optimizing these rules and being able to make them more logical is a key feature of AlgoSec.

The reporting features need to be improved.

I've used it for one year.

We did encounter an issue with integrating it with the firewall, but we then found that the firewall was the culprit not AlgoSec.

No issues encountered.

We need to carefully plan scaling AlgoSec.

7/10.

9/10.

This is my first implementation.

There were guides available, and the more you read, the easier it becomes.

I am am a vendor. I work at Dimension Data as a network engineer who deploys these solutions.

We also looked at Tufin.

It's a very flexible product, and you can make the most from the available features on the box.

• Firewall analyzer
• Change management system

• Change management system
• 3D view of your firewall configuration
• Tool intelligence, highly useful for information security
• Design point-of-view

I've used it for two years.

I wasn't involved in the deployment; I just use it as a firewall engineer.

Sometimes due to server database size, the disk gets exhausted and then there is slowness over the internet.

I haven't been involved with contacting AlgoSec.

I haven't been involved with contacting AlgoSec.

I haven't used any other solution.

I was not the one who made the decision, but I have been supporting for customer.

• The AFA provides some good nifty features which ultimately yields better optimization of firewall policies.
• It helps in the clean up and optimization of our monitored firewall.
• Under the optimization report, one can generate various parameter reports such as unused rules, unattached objects, etc.
• Reviewing and taking proper actions for the better performance of the firewall.
• It helps to identify and mitigate risky firewall and network access rules.
• Using the network mapping, it identifies bottlenecks.
  

It has helped us better manage the rules and policies of the firewall.

It needs to improve in all areas.

I have used it for two years,

No issues encountered.

No issues encountered.

No issues encountered.

7/10

9/10

There was no previous solution in place.

It was straightforward on an appliance.

I helped implement it as part of a vendor team.

It's a bit expensive.

No other products were evaluated.

No other products were evaluated.

• Firewall analyzer
• Fireflow

It has made implementing regulatory requirements like PCI DSS and ISO easier. It makes me more security aware.

It would be nice to have it integrate with the existing change management portal.

I've used it for one year.

No issues encountered.

No issues encountered.

No issues encountered.

It's good.

It's good.

I used Cisco Security Monitoring Analysis and Response System before it was retired.

It was straightforward.

We implemented it through a vendor, TransMarket.

I think the product is too expensive.

No other options were evaluated.

It is a good product but I think it is expensive.