AlgoSec Reviews

We use the solution for change control of policies on firewalls, for service desk integrations, and for the service desk rules of network users.

We use the firewall management solution. Our environment is on-premises only. Our company works with financial institutions and they require everything to be on-premises.

There is no question that AlgoSec has reduced the time it takes to implement firewall rules. That is also true because some of our clients use firewalls from various vendors and AlgoSec allows them to implement firewall rules on those firewalls simultaneously, even though they are from different vendors. Even so, when we receive a request for a rule exception, no one controls how long this exception is valid. As a result, these exceptions are valid for a long time and accumulate one by one. With the help of AlgoSec, it is very easy to eliminate this problem. A timer is set for a given firewall rule and, when the timer runs out, a security engineer is notified that the rule is set to expire at the specified time.

In addition, large deployment cases face a large problem due to the number of firewall rules, which can slow down the performance of a firewall and overload the firewall memory. This happens in part because of duplicate rules and rules that conflict with one another. With the help of AlgoSec, we reduce the number of rules, on average, by 30 to 35 percent. AlgoSec cleans duplicate rules and conflicting rules, freeing up memory.

At least two of our clients, when using AlgoSec extensively, have seen a reduction of at least 1.5 to two times what it would take them to implement firewall rules, by reusing predefined templates within AlgoSec. In addition, they find it extremely helpful that AlgoSec checks them for compliance. Before AlgoSec, they had to manually justify compliance of every single firewall rule, when being audited for compliance. They had to explain why it was created, which client and/or service was behind that rule, et cetera. In comparison, AlgoSec does the compliance check on each and every firewall rule making sure it is always compliant with the latest requirements and one can quickly create a report to prove it.

When it comes to preparing for audits and ensuring firewalls are in compliance, about 60 percent of our clients are financial institutions, like banks and insurance companies. They have to adhere to the strict compliance rules and AlgoSec allows us to ensure that the firewalls are in compliance with the normative requirements. IT departments are able to create PCI and DFS reports via AlgoSec that are acceptable for such audits.

In terms of working with multiple security vendors, we usually integrate AlgoSec with other service desk vendors, like ServiceNow and controllers like Cisco ACI. AlgoSec has resources on their website where we can find documentation about integrations with various systems. It was fairly easy to integrate AlgoSec with ServiceNow and Cisco ACI. Their API is understandable and very well described.

The major value, at least here in Ukraine, when integrating AlgoSec with Cisco ACI is that we see most of our clients prefer DSN systems, like Cisco ACI, for data processing. ACI contracts are treated similarly to firewall rules, i.e. permission is required for access. Some of our clients use over 400 such contracts for data processing. Implementing access rules for these systems is not easy. With the help of AlgoSec we can create a rule and AlgoSec checks it for compliance, for duplicate rules, and rule conflicts. That very much simplifies the implementation and deployment of contracts in ACI.

AlgoSec helps tremendously when it comes to reducing human errors, especially when the environment includes firewalls from disparate vendors. In that situation, the probability of human error is very high. It is difficult for me to approximate by what percent it has reduced human error but the reduction is very significant.

In addition, it has helped to simplify the job of security engineers. I’m very sure of that because, otherwise, our clients wouldn’t buy more AlgoSec user licenses.

For us, as well as for our customers, firewall management and change management are the most important features.

We see a very high demand for using containers and Dockers and therefore there is a need for managing access control to these platforms. I checked AlgoSec’s roadmap and, for now, there are no plans for developing these features.

We have worked with AlgoSec for two to three years, implementing the solution for our clients.

Everything works great. We have not seen any significant bugs.

Our deployments of AlgoSec are not large so we haven’t faced a scalability issue. The maximum AlgoSec deployment we’ve done is for about 100 endpoints and that is not a problem for AlgoSec.

We have never needed to use AlgoSec support.

To deploy AlgoSec properly it is important to understand the client's environment. To that end, we have a questionnaire that we send to our clients and that helps clarify what the client's requirements are. It also provides information on the architecture of their environments. Once we receive the questionnaire, we go over the project specifications with them to make sure they didn’t miss anything, such as integrations with other systems. 

Next, we usually do a PoC to test AlgoSec in their environment and that is when we calibrate the solution to the client’s specs and do the necessary customizations. Then we purchase the licenses and roll out AlgoSec into the client's production environment. We also provide technical support for the client for at least a year to make sure that they become familiar with the solution.

The amount of time it takes to deploy always depends on the complexity of the client’s requirements. For example, for firewall management setup without integration with other systems like a service desk or reporting systems, deployment generally takes up to one month. If we need to integrate AlgoSec with solutions like a service desk, then the deployment can take up to four months because there are major changes to the whole business process and these changes require planning, documentation, implementation, and training of end-users.

There are usually three people involved on our side: a salesperson and two engineers, with the latter actually implementing AlgoSec.

I can’t say that this is a cheap system. It's affordable for large enterprises and, in some cases, for mid-sized companies. For the majority of other companies, this solution is out of their price range.

I have hands-on experience with Tuffin and both of these products (Tuffin and AlgoSec) are equal in terms of functionality. In terms of main differences, it comes down to a personal preference.

My advice is to do a PoC. Many would simply read reviews about the solution, watch demos, and request price quotes. At that point they would note that it is not a cheap solution and stop there. That is why I strongly recommend doing a PoC. Only through using the solution can you see how easy it is to manage and implement security rules. It becomes very clear that you’ll see a return on investment in terms of the time saved by your security engineers.

Another recommendation would be to evaluate similar solutions to AlgoSec, especially for companies that are planning the implementation of DSN systems, like Cisco ACI. This is because it involves labor-intensive rules implementation, and with the help of AlgoSec it can be drastically simplified.

The overall visibility the solution provides into network security policies is not applicable to us because our clients are using AlgoSec for firewall only, for edge connectivity of their networks to the internet. We only have one client that used AlgoSec to control rules on the internal firewall, which is deployed into their data center.

We are using this product mainly for firewall and network management. It detects any firewall and network changes that are done manually and not within the change control time window. Finding out the traffic is blocked or not using BusinessFlow is really good.

It didn't improve in my organization. There is a lack of documentation when communicating between the AlgoSec appliance and the other appliance. When we raised these concerns to their support, they were not able to help us with the issues.

We loved the automatic policy or network topology change features in the AlgoSec appliance. It detects the changes and alerts when someone is trying to make changes in the firewalls or network devices during abnormal change-time windows.

It detects if the requested network and ports are getting blocked by the network or firewalls by a simple query, which helps to identify the network blocking firewalls in the topology.

1. AlgoSec support needs improvement, and support needs training to better understand customer issues. ( Support team repeatedly fails to understand the customer issues, Response to the support ticket based on the severity is very poor, support team responses to severity 1 or 2 tickets are very very slow. Customer support representative need training on how to handle severity 1 or 2 tickets)
2. Integration with other appliances needs improvement. ( AlgoSec integration with other ticketing systems like Service Manager / Service now is not good, It needs to have better integration with ticketing systems like Service Now and Atlassian JIRA)  
3. Documentation needs improvement. ( There is lack of documentation integration with other ticketing systems like HP service manager, Rest APIs, SOAP)
4. There are limited sets of Python API calls, so they need to add more features in the API.
5. The FireFlow template does not allow the user to perform external actions like sending an email or triggering a specific action. It needs improvement there.

AlgoSec support is very, very poor. Their support engineers do not even understand the problem or the severity of cases. AlgoSec is pretty bad with handling hardware appliance failure.

This is the first solution we used.

My advice is to please make sure that you evaluate other competitive products before choosing this solution.

The price is high but the support is extremely poor, so keep that in mind before choosing this product.

We evaluated FireMon before choosing this solution.

We use it for global firewall rules management to ensure global policies are applied to all regional firewalls, provide auditing and compliance.

• Central firewall management
• Security policy change management
• Firewall auditing
• Compliance
• Firewall policy optimization

AlgoSec FireFlow:

• Eliminates mistakes and optimizes firewall rules.
• Firewall rule compliance with global security policies.
• Eliminates redundant and unused firewall rules.
• Reporting.
  

• It needs better API integration with its third-party firewall management.
• It needs support for its cloud-based solution.

No stability issues.

No scalability issues.

We have had no complaints about their support.

We did not previously use a different solution.

It is somewhat complex to initially setup.

We implemented it in-house.

Not applicable.

Not applicable.

Not applicable.

To down level firewall care so context owners and operations can be more agile in their day-to-day operations. It improves audibility and security by having instant access to firewall configurations. It has the ability to create architectures improving performance, reducing costs and KPIs. 

AlgoSec makes it quite easy to down level firewall auditing, running, and maintenance. This has given the operations team, audit, and security instant  access to firewall configurations.  

The whole platform is extremely useful. I like the auto-mapping features and configuration overview. We use this for many things, but primarily for quick reactions to security events, audit, project management, and quick operational efficiencies. 

A modernized GUI would be a nice feature upgrade. The GUI looks a little outdated. 

There are a lot of updates for the product which have been good. However, it is a pain to always have to upgrade the product. 

No stability issues.

No scalability issues.

Our experience with the support is fair. 

No.

It is pretty easy to set up and run.

We implemented it in-house. 

It has improved our performance in operations, projects, and security. 

It will reduce your operations costs with improved team performance. 

We evaluated FireMon.

Overall, the product is very good for firewall insights. 

We use AlgoSec for firewall policy management.

The most valuable feature of AlgoSec is its firewall analyzer. AlgoSec also has a better interface.

AlgoSec's audit management is not good enough and can be improved. Also, AlgoSec should be made more scalable.

I have been using AlgoSec for around one year.

AlgoSec is a stable solution.

AlgoSec is not a scalable solution. Only I use AlgoSec in our company to do firewall management.

It is moderately easy to set up AlgoSec.

Two staff were involved in AlgoSec's deployment, which took around three hours.

Before choosing AlgoSec, we evaluated Tufin as an option. We chose AlgoSec because it has a better interface.

AlgoSec is a good firewall management tool for organizations with multiple firewall levels. If you only have two or three firewall levels, then AlgoSec is not worth investing in.

Overall, I rate AlgoSec an eight out of ten.

I work at a multi-vendor firewall environment. AlgoSec is primarily used to see what firewall policies are in place, as well as PCI compliance levels.

AlgoSec has helped us save time by having one central location to view firewall policies, especially when crossing multiple vendors.

The PCI compliance feature has been helpful in preparing for audits. The Firewall Analyzer has been very helpful.

We are still waiting to implement FireFlow, and getting it into place will hopefully speed up our implementation time and help with policy standardization. There have been some difficulties in getting this portion set up in our environment.

No stability issues.

No scalability issues.

Our primary use case started as policy optimization in a multi-vendor firewall environment. Now, our primary use case is giving access to firewall policies for development teams and infrastructure specialists. We are receiving better change requests based on actual requirements and less requests for access which already exists.

Over time, firewall vendors have added features, such as rule counters, that AlgoSec traditionally has offered. However, AlgoSec continues to add capabilities that firewall vendors simply cannot provide. We have reduced the attack surface of risky rules, improved our compliance scores, and streamlined our firewall change flow all thanks to AlgoSec Firewall Analyzer.

The ease of use and "one click" reports are very manager friendly. The policy browser is a fast, efficient way to find existing access, especially when granted via membership of a group or subnet. The ability to painlessly click through and navigate group objects ("what's in this object?") to filter.

The Flash to HTML5 rewrite has been bumpy. However, as a security professional, I appreciate the improvement in the product.

I am optimistic about possibly moving beyond AFA to other products.

R&D patches to address issues that I have encountered have been timely and effective.

The primary use of this solution is to extract Risky Rules reports obtained from our Firewalls, check the rules, and proceed with changes on the Firewall as needed. In these reports, we also see the traffic being applied for different rules.

The traffic used for different Firewall rules can be obtained and then, we have a clear idea of the use for different rules. If some service or protocol is more often used or not, we can see.

We use the FireFlow tool to create the rule to be validated and applied in the appropriate Firewall. FireFlow can install the rule automatically.

This solution has improved our Security in our Firewalls. This has helped to restrict rules, delete rules that are too permissive, and create a configuration that complies with our security policy.

The reports are very useful for determining whether our Firewalls are compliant with our security rules and directives.

The feature that I've found most valuable is the risk classifications for different rules. The number of different risky rules that we have for each Firewall is determined automatically. 

The traffic used or not for every service is very useful to check if some service is needed or not. In cases where it is not used, we can delete or disable it.

The FireFlow tool is very useful with the automatic installation of rules into Firewalls. It detects the router and applies the new rules, which saves us time in manual configuration.

There are sometimes issues with the Risky Rules reports where the number of hits is registering zero, but we know that this is incorrect because we have checked the rules and see that they are indeed registering traffic.

Sometimes the Trust setting on Firewall rules is changing to trusted by itself.

I have been using AlgoSec for more than one year.

I have very good impressions of AlgoSec stability.

The scalability is very good.

I did not use another solution prior to this one.

I did not evaluate other options before choosing AlgoSec.

Overall, I think this tool is very useful and we think that it's difficult to improve.