AlgoSec Reviews

I mainly use AFA and FireFlow. The majority of the network is internal. We have a very limited footprint in the cloud right now. But what we do have in the cloud is private. Being a financial institution, everything is very secure. So we don't have anything in the public cloud.

We're primarily using AlgoSec for firewall management and change validation. So we use it for monitoring all the firewall changes and security ratings. Any kind of firewall change is monitored and we have our own process that we use AlgoSec for to validate that changes are implemented according to the requests and go through all of the change approval processes.

We are using it for the firewall change auditing process for our department. They are one of the leaders that we found in this area. There is a very limited group of vendors that provide this kind of functionality and we've gone through the majority of them. AlgoSec still stands out as the leader, in our opinion.

We primarily use AFA for the change management portion of it. But the security ratings also are used by our security group to ensure compliance and validate that nothing is being configured that is not in our best interest.

The overall visibility AlgoSec gives into our network security policies has been very good. We are happy with the way the application works. It is very intuitive and easy to use. I would give that a very high rating.

AlgoSec provides full visibility into the risk involved in firewall change requests as well. It definitely allows us to drill down to the level where we can see the actual policy rule that's affecting the risk ratings. If there are any changes in ratings, it'll show you exactly how to determine what's changed in the network that will affect it. It's been very clear and intuitive as far as that.

I don't know if it has reduced the time it takes to implement firewall rules in our company. We don't use it for implementing changes because our network is very in-depth and we're very particular with our security on that, that we do manually make all of our firewall changes. So we're not using the automated functionality of AlgoSec to do that for us. But I think that's more because of the restrictions that we have in our own network.

AlgoSec is very good when it comes to preparing for audits and ensuring our firewalls are in compliance. The security ratings are a major factor in that lately, as well as being able to show the configurations and how they affect the risk ratings. Whenever we do need to address any issues, it's very clear to show us exactly what the effects of the ratings are, as tied into the firewall policies.

We work with multiple security vendors. I'm not on the security team any longer. I went from network group to security and then back again. But our security group does work with AlgoSec and they use it very intimately for different functions.

Some of the auditing functionality needs improvement. Our major focus is the firewall validation process and tracking and verifying that changes are implemented correctly. We are actually doing parts of the auditing process manually. And getting any one of the vendors to bring out a good auditing process has been very difficult. AlgoSec does a good job of showing us the changes, but we're doing a manual process to actually audit it and do documentation that we can provide to our auditors that shows we're validating everything, and on top of it, that nothing gets implemented without being caught. Part of that could be improved upon.

I have been using AlgoSec since 2016, so it's been around five and a half years. 

The stability has been great. We had a minor bug with the latest version and development. I did work with support to get that ironed out. They resolved it so right now, it looks to be very stable. And we are looking to put that into production shortly.

The scalability seems very good. I haven't seen any restrictions if we were to bring in other hardware or other devices in terms of how to scale it out, either size-wise or vendor-wise.

We have our network group, which we use AlgoSec for, for investigating the risks, configuration issues and things like that. The security group uses it for risk ratings and compliance verification. Then we have a separate group, which is a different group of security that uses it for the firewall validation process. They're the ones that use it on a daily basis to investigate any firewall changes and tie those back to the original request and validate that they were implemented properly.

The support has been very good. They're very responsive, very quick to get back to you, and very helpful. They bring in developers very quickly and easily to get into the details. Our last issue we had seemed to be very unusual, and with their support, they brought in the actual developers that were working on this software and resolved it very quickly.

We used a couple of different solutions and they all have their problems. We thought we had a good solution at one point until we found out that it wasn't working properly. When you trust in an application like this and you believe in the numbers that it's giving you, you go with that as gospel until you find out that it's wrong. That vendor's support was just not on the level that we wanted. We were getting no response from them for a long time. So we finally gave up on them until we went to AlgoSec, and it was a much better solution for us.

The initial setup is very straightforward. It is very easy to integrate network devices into AlgoSec and manage them. It's even getting easier with the latest version. We integrated Palo Alto devices into AlgoSec and it is very simple to bring it in. We have a development server that we're testing out the latest version on, and that came in in minutes. It brought it all in automatically.

The earlier versions of AlgoSec, especially when they came out originally, would not integrate properly with Panorama. So at that point, we had to integrate AlgoSec to actually reach out to every firewall individually for configurations and change status. The current releases are now integrating directly into Panorama. It's just basically one connection into Panorama and it pulls in all of the configurations from there. It's much more simplified.

I don't really get involved in ROI. But I definitely think it's valuable to us and I think it is a good solution for us.

I don't get into the pricing aspect of it that much. But from my beliefs of it, I believe it is very cost-efficient compared to other vendors. Their licensing is very straightforward and they're easy to work with.

There were three main players at the time, we went through proof of concepts with each of them, and AlgoSec was definitely the strongest vendor in that group and we don't regret it at all. I think it is a good solution.

The other vendors were promising a lot more than they were actually delivering on when it came time to actually putting it onto our network and evaluating it. We were finding that things that they were telling us that they supported and were part of their packages were not actually functional at the time. So we did not go forward with them because of that. AlgoSec actually had everything working properly. It was very easy to set up and use and it did what they promised.

Their sales engineers have really been very helpful and very good at working with us. I have nothing bad to say about them. They were excellent and I have a good relationship with them. If I ever need anything, I'll reach out to either our sales executive or our SE anytime and they respond immediately to us.

I would say the biggest thing we've learned with it is how much information it does give you. It is a nice platform. It definitely drills in a lot of layers of security and efficiencies that you can do. We're not using it to its full potential for cleaning up policy rules. As most companies are now, they are short-staffed and overworked. But it definitely can be used a lot more than we are using it for. Overall, it's a great solution and I have not seen another vendor in this marketplace that does any better than this.

I would rate AlgoSec a nine out of ten. We would like to see the auditing functionality improved. But that would be the only shortcoming at this point. I do think that they are top of the marketplace for this.

We use AlgoSec Firewall Analyzer and FireFlow. 

Our primary infrastructure is all on-premise. We tend to leverage only SaaS components of the public cloud. We have over ninety sites including branch offices and Data Centers.

We have over on hundred firewalls and we are a PCI compliant organization. So, we use it for all of our change control around all of our firewall ACL deployments, as well as our risk profiling. We use Fireflow for the change management and audit control. The IT security department uses it for ACL reviews and ACL change requests.

Specifically, with FireFlow, we've managed to integrate that into our overall change advisory and request for change control process: requests flow through a ticket, through AlgoSec Fireflow, through our IT security department for approvals. We've taken advantage of all that. We generally do not have any out-of-band changes and those that happen are logged, tracked and reported on.

The Active Change component has helped reduce human error and given people more confidence the ACL changes have been applied as they requested.

AlgoSec has helped to simplify the job of our security auditors. Primarily, from an audit perspective, it's much faster than it ever was because they can review the ACLs all in one tool now, as opposed to asking for plain text CSV dumps of firewall rules. They can also respond a lot faster now to requests for ACLs as to whether or not they're valid or required because they can review the traffic simulator.

AlgoSec enables us to manage our dispersed environments in a single pane of glass for the firewalls. Seeing all of those firewalls in one view, we no longer need to use things like the Cisco ASDM for day-to-day ACL management. 

AlgoSec gives us a high level of confidence that our ACLs and our risk components are actually in line with our expectations. Because we run a lot of our firewalls as an internal change control boundary, we rely on them heavily to segregate security zones. It gives us a high level of confidence that things like third-party networks that ride on the backbone are segregated and appropriately defined.

The features I find the most valuable are the:

• Duplicate objects
• Unused rules
• Duplicate rules.

The traffic simulation has been really valuable, especially with other business units that aren't familiar with the firewalls but are looking to see whether or not traffic they're using or going to be putting on the network through projects is going to be impacted.

The overall visibility that AlgoSec gives into our network security policies is high. Our firewalls are our primary control boundary on the LAN. They give us the most amount of visibility we can get at that layer without microsegmentation.

AlgoSec provides us with full visibility into the risk involved in firewall change requests. That feature is important to us because we're a heavily risk-averse organization when it comes to IT control and changes, It allows us to verify, for the most part, that the controls that IT security is putting in place are being maintained and tracked at the security boundaries.

It has reduced the time it takes to implement firewall rules. We can sometimes do 20 to 30 ACL either adds, removes, or changes in a week. In some cases those changes are now down to minutes. Prior to AlgoSec, we would have to do all the manual verification which meant potentially logging into every related firewall, checking every ACL, and making sure that we got the placement correct.

We have a fairly complex routing environment that AlgoSec struggled with. The initial period when we were doing an installation with their support desk was fairly challenging.

I have been using AlgoSec for about a year and a half to two years.

We have not had any issues with stability.

So far, we haven't had any issues with scalability. We're at 100+ firewalls, all of them logging directly to the product without issue, and we're using it daily.

We've had a mixed experience with their support. It's swung the gamut from someone who will just reference their own publicly available knowledge base right up to someone going directly to the developers. That process has felt inconsistent. I never know which one I'm getting.

We were not previously using another solution. We chose AlgoSec because we knew that we were going to be managing ACLs globally at a rapid rate going forward and we needed a solution for that.

For our implementation strategy, we used their JumpStart process where they actually had an AlgoSec representative come to us and get us through the implementation. That resource was here for about a week. By the end of the week, it was up and running enough for us to complete the more organization specific components of the implementation.

We had three staff involved in the deployment and there's typically a team of about five of us involved in the daily maintenance and operations. We were all part of the JumpStart. 

About a dozen people now use the tool regularly and that number continues to increase.

For us, on the network team specifically, we're a small team relative to the number of devices that we manage. Having so many firewall rule changes come in on a regular basis, we were likely going to lose a body if not two, just to managing ACL adds and changes.

Initially, the licensing was a little bit unclear. We run a of our firewalls with high availability solutions and how licenses got presented and accounted for was unclear. Overall though, the licensing is pretty straightforward.

The licensing and support cost is fairly significant, likely out of reach for any small and most medium sized businesses without a significant security requirement.

We looked at Tufin and FireMon. At the time, FireMon was cloud-based and we had a policy that didn't allow us to use it.

We had met with AlgoSec a couple of times over the years at Cisco Live. We were familiar with their platform.

My advice would be to be ready to find out the things you probably didn't know. For us, there were a lot of rules that were implemented that weren't being used, a lot of objects that were duplicates.  We were unknowingly hoarding all kinds of configuration data that was no longer relevant.

Overall, I would rate AlgoSec a solid eight out of 10.

AlgoSec is a very helpful product in carrying out security operations effectively.

It has a user-friendly interface, and we don't encounter any problems during or after installing updates.

We can get quick support from the manufacturer in case of problems.

The ability to automate policy analysis, optimize configurations, and visualize security risks allows organizations to mitigate threats and reduce the risk of security breaches proactively. 

By providing visibility into security risks, compliance gaps, and application connectivity requirements, AlgoSec helps organizations strengthen their security posture.

This product has had many benefits in improving my security posture by fixing many vulnerabilities.

Lack of sufficient resources or expertise to leverage AlgoSec's capabilities to their full potential might hinder the expected improvements.

The ability to automate policy analysis, optimize configurations, and visualize security risks allows organizations to mitigate threats and reduce the risk of security breaches proactively. AlgoSec's reporting and compliance features help organizations meet regulatory requirements more effectively.

AlgoSec offers a centralized platform for managing complex network security policies across heterogeneous environments. This feature enables users to visualize, analyze, and manage policies from a single interface, enhancing efficiency and reducing errors associated with manual policy management. 

AlgoSec's ability to integrate with various security and networking solutions enhances its overall value. Integration with firewalls, cloud platforms, SIEM tools, and other security devices ensures a cohesive security ecosystem and enables better threat response and mitigation.

Enhancements that allow for more automated policy management, change workflows, and orchestration can significantly streamline network security operations. 

Advanced analytics and reporting capabilities that provide deeper insights into network traffic, security policy effectiveness, compliance, and risk management can be beneficial. 

Features that allow security policies to be defined and managed based on specific applications' needs would be ideal.

I've been using the solution for two years. 

One of the use cases for the solution is when you have many firewalls from different vendors and would like to handle all the configurations from a single pane of glass.

We are an AlgoSec distributor, and another use case that is very important to our customers, especially in the financial sector, is generating compliance reports. AlgoSec has very comprehensive compliance reporting. Most of our customers who use AlgoSec care a lot about compliance reports, whether ISO or PCI or other types of compliance.

AlgoSec saves time by providing an analysis of all the firewall rules. For example, I might find 10 unused rules, or rules without objects or without a subnet. To get that information manually can take time. I might have to go through a firewall and check the rules and it would take at least 10 minutes for 10 rules. And a manual process can result in errors. AlgoSec saves time because it can detect all unused rules and I can just remove them via the AlgoSec platform through FireFlow. Removing those 10 rules manually can take about 20 minutes, but through AlgoSec it takes one or two minutes.

The solution can find all the misconfigurations in firewall rules and it can delete or modify them automatically, with no human action needed. As a result, there will no longer be errors in the firewalls. FireFlow handles the workflow of adding and removing policies. Sometimes, an engineer may not have solid experience when it comes to firewall rules. If he goes to the firewall portal itself and tries to add or remove a policy, this policy may cause errors or potential risk. AlgoSec handles this process instead. It helps eliminate human error.

Also, if you have a network engineer with less experience, he can still go through AlgoSec and submit rules. AlgoSec supports another tier of engineers who approve the policies. This is all done using FireFlow.

We use the AFA (AlgoSec Firewall Analyzer) and FireFlow. AFA is the most popular feature in our region and FireFlow is good for managing workflow.

AlgoSec Firewall Analyzer can detect misconfigurations and unused or permissive rules, as well as rules without logging. Through a single dashboard, I can see all the problematic rules from all the firewalls. It's very simple, with AlgoSec, to get an analysis of all the rules, and that helps with visibility. AlgoSec can do a risk assessment for each policy or rule in the firewall and detect the severity of each rule, whether low, medium, high, or critical. I can get a quick overview of the risk policies that a customer needs to change because, perhaps, there is a rule where the risk is high.

The AlgoSec dashboard is very simple. I can find all the information without any effort. All the tabs are clear and straightforward.

I can apply changes to rules through FireFlow. For example, when I detect many unused rules, I can remove them and, using FireFlow's process, it is very simple to do so.

It is very easy to generate a compliance report for ISO or PCI. It can be done with one click. Some organizations may have a baseline for compliance. The beauty of AlgoSec is that it can adjust compliance according to the corporate needs or environment, when standards vary from one region to another.

When it comes to visibility, the solution can make a network map for all the devices in the network, whether routers or firewalls. I can run queries to detect network policies. For example, if a customer cannot access the corporate stack or the application site, using AlgoSec I can detect which firewall, and which policy inside the firewall, may be fully or partially blocking access. This is a very important feature and most of our customers use network mapping to create visibility into the network.

AlgoSec integrates with most of the leading firewall vendors, but one issue is that AlgoSec doesn't support Sophos and Forcepoint. AlgoSec competitors, like FireMon, support Forcepoint. I have told AlgoSec a number of times that we have many customers that use Forcepoint. I have asked why they don't support integration with Forcepoint. They have said they don't care about Sophos, Forcepoint, and SonicWall. They don't consider those vendors to be leaders in the firewall market and they don't have plans to support them.

I have been using this solution for about two years.

Sometimes a customer's platform is down, but overall AlgoSec is stable.

Support from AlgoSec is good. When I create tickets, they support us and solve all the tickets. There is no delay in support.

One of the things I don't like about AlgoSec is that when a customer has an issue with the platform, it takes time to resolve. Issues often need more than tier-one or tier-two; they're often not easy for the customer to resolve. It requires the AlgoSec team to solve issues with configurations or performance.

For example, AlgoSec upgraded the platform six months ago and it was mandatory for all customers. On my side, it was not easy to perform the upgrade and I had to request support from AlgoSec.

Positive

We use AlgoSec to integrate firewalls. I'm a senior network security engineer and we are customers of AlgoSec.

Security ratings and security rules analysis are two valuable features. In general, it's a very good and stable solution. 

I believe the customization of dashboards should be simplified and more user-friendly. Customization inside the domain level needs to be improved.

The solution is stable although there are occasionally issues with patches, but they are generally resolved quickly. The solution is extensively and regularly used for compliance reports. 

The solution is scalable. We have close to 30 firewall admins.

The technical support is good. The only drawback is that the product is not very user-friendly and it's too expensive to contact support each time we have a problem. 

The initial setup was carried out using professional support and the company was happy with the integrator. We moved our ticketing up to AlgoSec using FireFlow. I wasn't around but I think it took some time.

The license was initially renewed every three years but it's now done on an annual basis. I'm not aware of any additional costs. 

I rate this solution eight out of 10. 

My main use case is as a firewall analyzer module where it can be further broken down as follow: 

1) Network topology visualization: visualizes a network traffic path during troubleshooting

2) Policy optimization: uses optimization and clean-up recommendations to perform annual housekeeping of the firewall

3) PCI DSS compliance: follow the out-of-the-box checklist to prepare for a PCI DSS audit

4) Risk reduction: uses the recommendation of the risky rules to address all the critical and high-risk rules

5) Monitor changes:  monitor for firewall-config changes in real-time via email alerts

The solution has improved our organization in multiple ways. We can:

• Easily understand and provision application connectivity to accelerate application delivery and minimize outages

• Process firewall changes 4x faster, and eliminate misconfigurations and rework

• Proactively assess the impact of network changes to ensure security and continuous compliance

• Simplify and automate internal and regulatory firewall audits, and reduce time and costs

• Streamline communication across the application, network and security teams

• Deliver a tighter security policy that provides better protection against cyber-attacks

The product is great for:

1) Network topology visualization: reduces network troubleshooting effort which contributes to quickly restoring network or application outage.

2) Policy optimization: reduce/consolidate the number of rules created prior to the existence of AlgoSec Firewall Analyzer in order to free up hundreds of rule capacity before reaching the max rule limit of the firewall.

3) PCI DSS compliance: helps to highlight the area which firewall admin need to take note and address in a streamlined and structured manner.

4) Risk reduction: helps to quickly identify the risk that exists in existing rules and provide useful recommendations that help the firewall admin to remediate with ease.

5) Monitor changes: helps firewall admin to comply with security requirements of providing real-time security alert whenever a change is made, with detailed info on what was the value before and after.

The FireFlow's out-of-the-box workflow configuration/customization wizard could be improved to be more user-friendly and have a shorter learning curve. The current configuration wizard is quite complex and complicated, which will result in the need to engage with an AlgoSec professional services team to perform even the simplest workflow adjustment.

I had tried AlgoSec's direct competitor's workflow configuration wizard and found it to suit most organization requirements even though the customization capability may not be as advanced as AlgoSec.

I've used the solution for six years. 

The setup is fairly straightforward.

We did also consider Tufin.

We have a large setup of multi-vendor firewalls with large in numbers of policies and rules. Handling rules and policy visibility manually are very difficult for clients multi platform firewalls. AlgoSec AFA has eased day-to-day operation, firewalls rules optimization, clean-up for unused policies and reporting, and visibility on policy and rules. All of this improves the firewall performance.

AlgoSec FireFlow workflow change tracking in environment makes it easy to have a central repository also multiple stakeholder approved change management.   

The AFA workflow has helped us to manage firewall rules implementation using multiple stakeholders' approval with an end-to-end lifecycle of change management and tracking. 

Reporting helps us with deliverables, areas of focus for improvement, and much more. Algosec AFA is useful for policy optimization and clean-up and can measure capacity management. 

AFA provides greatly extended support for firewall rule review for risky rules, optimization, and clean-up for unused rules. 

Firewall rule automation for implementation also makes support easy for support firewall administrators.

AlgoSec currently has two useful features: AFA and AFF. 

The AFA workflow helped us to manage firewall rules implementation using multiple stakeholders' approval with an end-to-end lifecycle of change management and tracking. 

Algosec AFA is useful for policy optimization, cleanup, and measuring capacity management. 

AFA provides greatly extended support for firewall rule review for risky rules, optimization, and clean-up for unused rules. Firewall rule automation for implementation also makes support easy for support firewall administrators.

There could be certain improvements such as supporting secure email. We have some cases where the client SMTP /POP email system is discarded, which is very important factor change notifications.

Fireflow workflow rule/change implementation for time-based rules is not currently supported. 

These improvements in upcoming code will definitely help with end-to-end firewall rule implementation. 

NAT rule implementations were in the roadmap. We are expecting this soon. 

Certain optimization of AFA/AFF SMS resources would ease daily operations.

I've used the solution for four years.

While stability is good, further improvement is needed.

The scalability is good.

Technical support is good.

Positive

We did not use a different solution previously.

Some changes in setup are ongoing as we are growing.

I am a vendor partner of AlgoSec.

The licensing is commendable.

We evaluated a few other options before positioning this solution. 

The solution could use improved support.

We planned to start with AlgoSec Firewall Analyzer and later procured FireFlow as well.

We deployed Fireflow as we have been migrating the Infrastructure to SaaS, increasing in multi-vendor engagements on multiple Network and Security layers and handling requests from roaming users ends.

AlgoBot has been enabled to few users to validate their requirements and requests on their own, which has helped them to understand their current access and to create requests that are very accurate and relevant.

With respect to the environment, it's distributed with various network and security solutions, with multiple zones and a maintenance team.

Over the period of two years, we integrated the AlgoSec Firewall Analyzer and FireFlow on multiple solutions including next-generation firewalls, web security, proxies, and other network devices.

On the improvement part, we enabled the common set of policies across firewalls and proxies. This tool helped us eliminate the requirement to have L3 engineer in our other data centers and our Tier 1 and 2 engineers utilize the solution well from the configuration and maintenance areas.

We simply pass over three to four external agency audits on various particulars which we spent more time on before onboarding the solution.

One of the most valuable parts for us is to achieve the compliance standards without ample strain and burden. Defined templates assisted us to make effective on following the internal processes and the industry standard.

It enhanced the complete workflow system within six months of deployment. We eventually onboarded by integrating with multiple solutions.

We performed regular audits internally to standardize and to pass the external audits effortlessly.

In simple words, this process empowered us to define a metrics among our industry and set the development goals clearly.

Support tickets and engineer assignments are one of the few concerns we are facing these days. Initially, they were hard to co-ordinate with the technical support team and the AlgoSec management team helped us to follow the defined Service Level Agreements.

We needed to directly communicate with the integrated solution TAC Teams, let say of Palo Alto or Checkpoint, and we needed to co-ordinate jointly for addressing an issue.

The AlgoSec support team came on a joint call to address the issue on time without saying "this is not my cup of tea" and by then we were happy about the support. This happened during one of our major migrations.

Our management is expecting us to set up a CXO/CISO dashboard from AlgoSec. It would be great for us if the AlgoSec team could assist in setting up the new benchmark.

We have been using this solution for more than two years.

Over the period of two years, we have seen multiple enhancements being made available inside the product. One of the new requirements is on containers/Docker/Kubernetes where AlgoSec really needs to focus. I am not sure about the availability of the latest support release, however, these are booming technologies and we require solutions like AlgoSec to support them.

Earlier it was good. Possibly due to the pandemic, we faced a couple of challenges in getting the support on time. That said, now it's getting better.

Neutral

Earlier we used to manage everything with our internal and vendor team, where lots of coordination was required. It was a long time-consuming process of gathering requirements and defining the best possible solution.

Since few of the solutions were being managed by outsourced team, it was challenging to make the solutions ready to integrate with AlgoSec during the deployment phase.

Some delays happened due to the lack of support by the external party. There were some delays due to upgrading products to make everything compatible with AlgoSec Analyzer and FireFlow.

Initially, we found this as a complex deployment. Later, it was easier than anticipated. We referred to the technical documents and AlgoPedia portal to understand more and deployed successfully within the proposed timelines.

Our in-house team took care of almost everything and the AlgoSec team did the governance.

We'd like the solution to share the complete Infrastructure details along with the business use cases with AlgoSec SE to evaluate and propose the best fit deployments and licensing.

Pricing-wise, AlgoSec still needs to support the customers.

We evaluated Skybox and Tuffin as well. Our internal team showed interest in AlgoSec right away, however, Skybox was a real challenge to differentiate.

Technical documentation and readily available solution blogs helped us to deploy the solution in a better way

AlgoPedia helped us in many ways - including sharing information on the new vulnerabilities, management of appliances, and maintaining the workflows (by providing enough insights to explore and understand).