AlgoSec Reviews

Firewall rule base management and FCR processing is the main reason we use AlgoSec.

We also use it for troubleshooting purposes and reporting. In that sense, there are three instances that are the main consumers of it. Our infrastructure management uses reporting to get insights, our Network and Security team does all of the FCR processing and troubleshooting of network problems, and our security department that also uses reporting and is part of the approval process for FCRs that are placed in AlgoSec.       

AlgoSec provided a much easier way to process FCRs and get visibility into traffic. With previous vendors, we had to guess what was going on with our traffic and we were not able to act accordingly.

By automating some parts of the work, business pressure is also reduced since we now deliver much faster. I received feedback from our security department that their FCR approval process is also now much easier. The network team is also now able to process FCRs much faster and with more accuracy.

Most of all, Technical Reviews are now top-notch and AlgoSec does part of the job automatically that had been done manually with our previous vendor.

We now process FCRs much faster, which helps us to deliver faster and implement reworks at a quicker rate.

With Business Flow and Firewall Analyzer, it provides much better visibility into traffic and process flows. Visibility into traffic was our main problem in the past since we had no clue what was going on but now, we have all sorts of analyses and reports. This makes our decision process, firewall clean up, and troubleshooting much easier.

All of the search options needed are there but the search menu could be a bit more intuitive. In other words, I can perform any search I want without any problems but combining different search parameters can sometimes be a problem.

Creating more intuitive menus could be helpful, especially for the first-time users.

For example, it would be useful to be able to save searches with complex structure so they can be easily reused with simple change of parameter. Also, "contain" criteria sometimes misses just like ability to search using any value in basic search box, instead of reaching out to Advanced search (it would be great if simple typing IP address, or Project ID in basic search box lists all rules containing such a value).

We have been using AlgoSec in production for about one year. Before that, we used it as a PoC for around six months.

We have had no issues in the past year.

This solution is very scalable.

We used another vendor prior to AlgoSec but we were not satisfied with the "intelligence" of the product when it came to the processing of FCRs.

We also evaluated Skybox.

I have not seen any major issues with AlgoSec and it is better than the previous product we used. I am glad to have it now.

We've been using Algosec as our reference tool to clean our policies from old unused rules and objects and to assess rules that are categorized as risky so that we can fix those risks.

Firewall Analyzer from Algosec is our main tool for Firewall auditing and it makes our external auditors very confident on the way our policies are managed.

Fireflow from Algosec also helps us identifying which firewalls are on the way from source to destination when we need to open flows and it saves us a lot of time. We are still on our path to implement full automation of firewall policy creation with Algosec's Fireflow but the goal is to achieve it soon.

Since we deployed Algosec our Firewall policies which didn't have much maintenance over more than 15 years had their policies reduced to less than half the rules by using Algosec's Firewall Analyzer to remove unused rules, unused objects withing rules, compacting several firewall rules in one rule, etc.

We were also able with Firewall Analyzer to get risk reports of our firewall policies and start tackling them to close them or at least to be aware of its existance.

Firewall Analyzer is amazon in Policy Optimization and we feel we are much more secure since we have this product. If we add a rule that poses a risk we get an alert from Firewall Analyzer which is very important to us.

We are also starting to use Fireflow and our goal is to have the policy creation automated soon. For now we are already able to identify which firewalls are on the path between point A and point B and we are on the path to full automation which will reduce a lot the workload of our team.

The feature we find the most valuable is the Firewall Analyzer for the firewall policy audits and to show external auditors we have a process to identify risks and to tackle them. It's also very important for policy clean maintenance. 

This helps us know which devices are between the source and destination on the flows that we need to open for the business. The audit tools are also very important to us because we can easily have everything that needs to be presented to the security auditors.

We are in the process of implementing FireFlow for full automation which will save us time for more important things we need to to on daily basis that are not creating firewall rules. We aim to achieve the full automation soon.

In our case it would be very important to improve support to Dell switches and also some Juniper switches, which we have a lot of in our company network. This has been our difficulty for the full automation on the Fireflow. If all our network devices were Cisco I'm sure we would have the network map complete very easily and the full automation working with much less effort.

We already asked Algosec for the support of the switches we have that are not natively supported for the future versions and we expect that we are lucky enough for them to be supported on the next releases, although there are some ways of working around non-natively supported switches to complete the network map.

We have been using Algosec solution for more than 5 years now.

We never had issues so far in terms of stability.

The solution is very scalable and allows you to add all the firewalls and devices you need.

It is also scalable on the licensing as you can start by buying only the Firewall Analyzer license with which you can start onboarding all the devices and completing the network diagram so that Algosec's has the whole picture and know all the paths from network A to B.

After that you are ready to start using FireFlow and you can buy the license only when you are ready to start deploying it.

Sometimes it takes more time than expected to have answers for support tickets, but in general the customer service is good.

Positive

Not in our case.

The initial setup has been easy. The only difficult thing was the part in which we needed to onboard non natively supported switches. That part is a bit more complex.

We implemented with a mix of external company and in-house. The external team was helpful and had a good expertise level.

The time we save on our daily operations is very important. We could reduce the team size with this tool as we had a trainee almost fully working on opening flows.

It also allows us to detect risks on firewall rules and fix them, keeping the company network safe.

The price for the solution is not cheap but if you use it fully it will compensate in terms of securitization and in terms of time gained on the daily operations. It is also very helpful if your company is audited on the security part.

We heard about Tufin and Algosec, and after going through the specs we decided to go on a POC with Algosec and ended up buying it as it fitted our needs. We followed our Firewall integrator advice, who also recommended Algosec for our Firewall's park which is basically Fortinet and Check Point.

We recommend trying fully automation in a controlled environment before widely deploying it to the production firewalls. It's important to gain confidence on the product.

We use AlgoSec for firewall policy management.

The most valuable feature of AlgoSec is its firewall analyzer. AlgoSec also has a better interface.

AlgoSec's audit management is not good enough and can be improved. Also, AlgoSec should be made more scalable.

I have been using AlgoSec for around one year.

AlgoSec is a stable solution.

AlgoSec is not a scalable solution. Only I use AlgoSec in our company to do firewall management.

It is moderately easy to set up AlgoSec.

Two staff were involved in AlgoSec's deployment, which took around three hours.

Before choosing AlgoSec, we evaluated Tufin as an option. We chose AlgoSec because it has a better interface.

AlgoSec is a good firewall management tool for organizations with multiple firewall levels. If you only have two or three firewall levels, then AlgoSec is not worth investing in.

Overall, I rate AlgoSec an eight out of ten.

One of the use cases for the solution is when you have many firewalls from different vendors and would like to handle all the configurations from a single pane of glass.

We are an AlgoSec distributor, and another use case that is very important to our customers, especially in the financial sector, is generating compliance reports. AlgoSec has very comprehensive compliance reporting. Most of our customers who use AlgoSec care a lot about compliance reports, whether ISO or PCI or other types of compliance.

AlgoSec saves time by providing an analysis of all the firewall rules. For example, I might find 10 unused rules, or rules without objects or without a subnet. To get that information manually can take time. I might have to go through a firewall and check the rules and it would take at least 10 minutes for 10 rules. And a manual process can result in errors. AlgoSec saves time because it can detect all unused rules and I can just remove them via the AlgoSec platform through FireFlow. Removing those 10 rules manually can take about 20 minutes, but through AlgoSec it takes one or two minutes.

The solution can find all the misconfigurations in firewall rules and it can delete or modify them automatically, with no human action needed. As a result, there will no longer be errors in the firewalls. FireFlow handles the workflow of adding and removing policies. Sometimes, an engineer may not have solid experience when it comes to firewall rules. If he goes to the firewall portal itself and tries to add or remove a policy, this policy may cause errors or potential risk. AlgoSec handles this process instead. It helps eliminate human error.

Also, if you have a network engineer with less experience, he can still go through AlgoSec and submit rules. AlgoSec supports another tier of engineers who approve the policies. This is all done using FireFlow.

We use the AFA (AlgoSec Firewall Analyzer) and FireFlow. AFA is the most popular feature in our region and FireFlow is good for managing workflow.

AlgoSec Firewall Analyzer can detect misconfigurations and unused or permissive rules, as well as rules without logging. Through a single dashboard, I can see all the problematic rules from all the firewalls. It's very simple, with AlgoSec, to get an analysis of all the rules, and that helps with visibility. AlgoSec can do a risk assessment for each policy or rule in the firewall and detect the severity of each rule, whether low, medium, high, or critical. I can get a quick overview of the risk policies that a customer needs to change because, perhaps, there is a rule where the risk is high.

The AlgoSec dashboard is very simple. I can find all the information without any effort. All the tabs are clear and straightforward.

I can apply changes to rules through FireFlow. For example, when I detect many unused rules, I can remove them and, using FireFlow's process, it is very simple to do so.

It is very easy to generate a compliance report for ISO or PCI. It can be done with one click. Some organizations may have a baseline for compliance. The beauty of AlgoSec is that it can adjust compliance according to the corporate needs or environment, when standards vary from one region to another.

When it comes to visibility, the solution can make a network map for all the devices in the network, whether routers or firewalls. I can run queries to detect network policies. For example, if a customer cannot access the corporate stack or the application site, using AlgoSec I can detect which firewall, and which policy inside the firewall, may be fully or partially blocking access. This is a very important feature and most of our customers use network mapping to create visibility into the network.

AlgoSec integrates with most of the leading firewall vendors, but one issue is that AlgoSec doesn't support Sophos and Forcepoint. AlgoSec competitors, like FireMon, support Forcepoint. I have told AlgoSec a number of times that we have many customers that use Forcepoint. I have asked why they don't support integration with Forcepoint. They have said they don't care about Sophos, Forcepoint, and SonicWall. They don't consider those vendors to be leaders in the firewall market and they don't have plans to support them.

I have been using this solution for about two years.

Sometimes a customer's platform is down, but overall AlgoSec is stable.

Support from AlgoSec is good. When I create tickets, they support us and solve all the tickets. There is no delay in support.

One of the things I don't like about AlgoSec is that when a customer has an issue with the platform, it takes time to resolve. Issues often need more than tier-one or tier-two; they're often not easy for the customer to resolve. It requires the AlgoSec team to solve issues with configurations or performance.

For example, AlgoSec upgraded the platform six months ago and it was mandatory for all customers. On my side, it was not easy to perform the upgrade and I had to request support from AlgoSec.

Positive

We have a large setup of multi-vendor firewalls with large in numbers of policies and rules. Handling rules and policy visibility manually are very difficult for clients multi platform firewalls. AlgoSec AFA has eased day-to-day operation, firewalls rules optimization, clean-up for unused policies and reporting, and visibility on policy and rules. All of this improves the firewall performance.

AlgoSec FireFlow workflow change tracking in environment makes it easy to have a central repository also multiple stakeholder approved change management.   

The AFA workflow has helped us to manage firewall rules implementation using multiple stakeholders' approval with an end-to-end lifecycle of change management and tracking. 

Reporting helps us with deliverables, areas of focus for improvement, and much more. Algosec AFA is useful for policy optimization and clean-up and can measure capacity management. 

AFA provides greatly extended support for firewall rule review for risky rules, optimization, and clean-up for unused rules. 

Firewall rule automation for implementation also makes support easy for support firewall administrators.

AlgoSec currently has two useful features: AFA and AFF. 

The AFA workflow helped us to manage firewall rules implementation using multiple stakeholders' approval with an end-to-end lifecycle of change management and tracking. 

Algosec AFA is useful for policy optimization, cleanup, and measuring capacity management. 

AFA provides greatly extended support for firewall rule review for risky rules, optimization, and clean-up for unused rules. Firewall rule automation for implementation also makes support easy for support firewall administrators.

There could be certain improvements such as supporting secure email. We have some cases where the client SMTP /POP email system is discarded, which is very important factor change notifications.

Fireflow workflow rule/change implementation for time-based rules is not currently supported. 

These improvements in upcoming code will definitely help with end-to-end firewall rule implementation. 

NAT rule implementations were in the roadmap. We are expecting this soon. 

Certain optimization of AFA/AFF SMS resources would ease daily operations.

I've used the solution for four years.

While stability is good, further improvement is needed.

The scalability is good.

Technical support is good.

Positive

We did not use a different solution previously.

Some changes in setup are ongoing as we are growing.

I am a vendor partner of AlgoSec.

The licensing is commendable.

We evaluated a few other options before positioning this solution. 

The solution could use improved support.

We started deploying the application in January of this year. Currently, in our contract, we have a license for AlgoSec FireAnalyzer and FireFlow. So, at this moment, we are only working with AlgoSec FireAnalyzer. 

We are using AlgoSec to have a good view of our environment in terms of the risks and compliance and to implement rules. Our environment at this moment is only on-premises. We have servers, routers, firewalls, etc.

The visibility that AlgoSec provides about our environment is very important. Without it, we won't have visibility into various risks to our environment. AlgoSec can show us these risks and allows us to improve and close some rules. It improves the security of the network, and we can protect the data of our customers more efficiently.

It is helpful in improving the security and compliance of our environment. We can optimize our environment by improving the rules that are not used or are duplicated. FireFlow is useful in creating and implementing new rules. It allows us to automate rules implementation and have more control over rules.

Its reports are very important for compliance and understanding and mitigating risks. They show us the rules that are open or that can create risks for our environment. This information is very important for us for optimizing our environment and correcting the policies.

In our environment, we add rules in the firewall based on user logins, but currently, we can't do that with AlgoSec. AlgoSec can't create rules based on user logins. For example, generally, when we create a rule, we put IP Address, Destination IP Address, and Service Port. However, in our environment, we put IP Address, User Login, Destination IP Address, and Service Port, but AlgoSec doesn't support a rule in this format. We opened a ticket regarding this with their support two months ago, and they said that they will be able to add it in the future, but they don't know the timeframe. We are currently in the process of making changes in our environment for such rules, and after two months, we won't be using the rules that are based on user logins. We will make them consistent with the market, and we will use only the IP Address, Destination IP Address, and Service Port for rules. So, it won't be a problem for us, but this can be an improvement for other clients.

It is quite new for us. We starting working with it just a few months ago.

Its stability is good. We never had a problem where we couldn't access the platform. It is always available, and we don't have any problems related to the downtime of this platform.

At the moment, it gives us what we need. Next month, we will add new technologies to AlgoSec.

AlgoSec has a great team. They are professional and have good knowledge of AlgoSec. We have a good relationship with them, and we got good support from them.

We never had a solution like this. It is the first one in our environment.

We started its implementation in January with the help of a partner company. It was very easy to implement, and we didn't have to contact AlgoSec.

We completed the deployment in February. We put it in our environment and started the server. After that, we did the configuration and started to add our devices to AlgoSec.

We implemented it with the help of a partner company in Brazil called Logicalis. When we have any problem, we talk to them, and they are able to help us.

I would recommend this solution because AlgoSec provides a lot of reports and views of your environment. You won't be able to get this view through a firewall manager. For example, the CheckPoint firewall manager won't provide what AlgoSec provides, especially related to the compliance of your environment.

We have implemented Cisco ACI in our environment, and AlgoSec will help us to work with this new technology implemented in our environment. We will integrate AlgoSec and ACI next week.

I would rate AlgoSec a 10 out of 10.

We use:

• FireFlow 
• AFA, AlgoSec Firewall Analyzer
• BusinessFlow

I use AlgoSec to optimize the firewall rules and to analyze the logs of a lot of firewalls, like Palo Alto, Check Point, and Fortinet. 

When a user creates a ticket in AlgoSec, I validate the ticket or don't. It's opened flow in the firewalls also. 

I also use it to implement and push the rules in the equipment. 

I have used it for compliance and analytics. I audit Cisco ASA equipment. I do a compliance report for every piece of equipment. I do some reports and also weigh any risk on each piece of equipment. Some rules use, for example, a critical port. If it shows to be a risk, we'll take action. For example, we can optimize a permissive rule and create new rules to have a more secure flow.

I use FireFlow to help users when they create a ticket in AlgoSec. I help them with information like the IP source, IP destination, and endpoint. 

AlgoSec also helps users choose the right equipment. There are a lot of stages and at every stage, I can choose the equipment. We have a lot of equipment and a lot of firewalls so that we can identify equipment. I also use the map to see the flow from the source IP to the destination IP so we can discover the network. It's essential to have a picture of the flow in terms of the equipment, services, and protocol.

We have critical security policies. With AlgoSec, we can create a security policy to manage critical applications. I have worked in the bank and they have critical applications. We created some security policies for those applications. Controlling the flow is critical for our customers. 

In the beginning, we compared tools like AlgoSec, Tufin, and Skybox. We did some research. There was budget to purchase the resource. We did comparisons and found AlgoSec to be the best solution.  

It's easy to use. It's not very complex. You can do a lot of things with AlgoSec.

AlgoSec should be optimized. There is a lot of RPA and we have scripts in AlgoSec that need recertification. With AlgoSec Firewall Analyzer, we can see lots of objects and lots of rules that tell us we need to clean the equipment. It will give us a solution but it doesn't always work. The solution that it gives us is not always accurate from the scripts.

For example, because we have a workflow, when the user creates his ticket, the ticket was automatically dispatched to different teams. We have a security team and another team to implement and push the rules. The ticket automatically will get sent to the wrong team and then we need to send it back to the user for them to update. 

I have used AlgoSec for two years. I use AlgoSec in French.

I find AlgoSec to be stable. Sometimes there are days that it doesn't work. We connect to AlgoSec via the web. Some days we don't have access to it and we get in touch with the support team to help us. This happens around once a month. 

It is scalable. 

I reach out to support when I have questions. I send emails with my questions. 

The initial setup was not complex. It was easy.

In terms of pricing, it is more expensive than other solutions. It's expensive because we also have the AFA module. 

AlgoSec is better than Skybox and Tufin. We have a lot of AlgoSec licenses. It offers the ability to do optimization and varied tasks.

AlgoSec offers diagrams about different pieces of equipment but Tufin and Skybox don't offer these features. I can also control external IPs. We can see the configuration. All equipment has configuration and AlgoSec enables us to log that traffic. We have control over the flow.

I would rate it an eight out of ten. It's practical and easy to use. Many enterprises use it in France. Anytime we have questions, the support team is responsive.