AlgoSec Reviews

Our primary use cases for this solution are:

1. Business Security and Automation
2. Faster change management solution
3. Network Security device analyzing and optimization

• AlgoSec helps to analyze the risk, optimize the rules and policies, and improve performance in network security devices such as firewalls.
• It helps to perform the network security changes four times faster than the normal change request process.
  
• It assists in provisioning the application rapidly, which increases the organization's revenue.
• The ASMS (AlgoSec Security Management Solution) is fully focused on business security and automation. It ensures business security and agility.

The features that we have found to be most valuable are:

• Risk Analyzing: Has helped to identify the risks in security network devices in a very short time, which increases and improves security overall.
• Policy optimization and IPT: Has helped to identify the garbage rules and improve the device performance. Also, has assisted in removing any rules causing IPT failure.
• Compliance: Helps prepare for the audit in a short time, and assists with continuous compliance.
• Active push: It is capable of pushing the changes and configuration from AlgoSec itself, which decreases manual errors during implementation and configuration. 

This product could be improved in several ways, including:

• More device support - such as barracuda devices
• An automated rollback process and options in active push. when we do a active push Algosec takes a policy backup for recovery purpose. if we did any change using active push from Algosec and if the customer wanted to rollback the particular configuration, better if Algosec able provide automated rollback process through AFF rather creating a manual a ticket. 
• Software-defined WAN integration and support 
• Application-aware policy identification and optimization - now a days most of NGFW are creating applications (such as Salesforce, Skype for business etc..) aware policies using their application database. normally destination object will be these applications and not the legacy objects that we created in firewall. if Algosec able to understand these application it will be good move for future market. 

We are very impressed with the stability of this solution. The product is very user-friendly and does not cause many technical problems while in operation. Sometimes we might have issues with newly supported device integration and features.

AlgoSec has multiple form factors such as a hardware appliance, VM appliance, and software. The customer can choose the most suitable solution for their environment. Further, AlgoSec has three main components and the customer can purchase them phase by phase, based on their requirements and budget. It can scale up to the total ASMS solution using the same resources.

As per my experience, AlgoSec provides very good customer service and technical support. They are very friendly and their response time and SLA are very impressive.

We did not use another solution before this one.

The initial setup is very straightforward and easy. Further, AlgoSec provides better documentation and self-support services where we can learn, reference, and be empowered.

We are a value-added distributor of AlgoSec and have implemented this solution for many customers in addition to ourselves. Our customers are happy with the implementation.

Our return on investment with this solution is between one and two years.

The setup for this solution is not very costly. The licensing is very easy to set up, with flexible licensing methods such as subscription and perpetual. The pricing itself is also flexible, with it being related to the number of devices and applications.

Before selecting this product, we evaluated Tufin.

This solution is very useful for any type of organization with multiple network security devices such as firewalls, routers, etc, and have the goal of achieving business security and automation.

AlgoSec has main three components that can be purchased in different phases if required. They are:

• AFA: AlgoSec Firewall Analyzer
• AFF: AlgoSec FireFlow
• ABF: AlgoSec BusinessFlow

The AlgoSec Firewall analyzer has helped us to analyze and optimize our firewall by evaluating the rules and services. These include routing, access rules, and restricting both applications and servers.

This solution has helped my client to analyze and assess whether any service or routes are needed for connections that are going to be created. It has also optimized the efficiency of the firewall by evaluating the rule set.

This solution helps us to save time, making the job more efficient for our network engineer.

The features that are most valuable are the interactive topology map and the traffic simulation queries.

The MAP helps us by generating a network topology map and checking the routing table for every device that is connected. The traffic simulation queries help us to check the connection between two objects. This allows us to gather information about the devices pertaining to blocked traffic or services that we need to add.

The MAP has a persistent issue with a firewall that is using a double BVI (Bridge Virtual Interface). In this configuration, it cannot give the correct and proper topology, so the traffic simulation query cannot run properly between the source and destination.

We have used other firewall products and it is very complex to check if any connections are down or blocked. 

As a value-added distributor, we sell the AlgoSec solution primarily to financial institutions and Telcos. This is done through our partner network. The main use case we see is process automation. Customers can manage several firewalls or network devices with a single pane of glass.

Policy optimization, visibility, and a faster change management process has reduced unnecessary times required for manually changing processes. The resources are now utilized more effectively for other areas.

• Risk Analyzing: Short time analysis and accuracy
• Policy Optimization: Removing garbage policy rules and improving the performance of network devices
• Compliance: For Audits in the short term

There is room for improvement in the rollback process.  

What we would like to see in the future is related to support. For integration with newly supported devices, we require a proper support matrix with an escalation process.

In regards to stability, there is no complexity. We have not seen many faults reported by our customers. Faults are rectified quickly. 

AlgoSec facilitates several form factors where customers can choose different options, including both hardware and software. For CloudFlow customers, we now have the SaaS model as well.

The support from the AlgoSec team is prompt and helps to rectify the issues in a timely manner.

We did not use another solution prior to this one.

The initial setup is straightforward for many of our customers. However, when we integrate with some newly supported network devices there is a challenge in getting support from the AlgoSec team.

As the distributor, all of the implementations for our customers was done by our own engineers.

Depending on the customer it takes between twelve months and eighteen months to see ROI.

The pricing is flexible with a low cost setup. 

There is no complexity in the licensing methods.

As a distributor, we took AlgoSec as a complementary product to Fortinet, which was one of our main products.

The AlgoSec Firewall Analyzer was greatly used for firewall analysis, policy tuning, and optimization. The automated change management feature was very useful and integrates seamlessly into the change management process.

This solution helps in maintaining and providing regulatory compliance metrics and to optimize the overall security of the organization. It provides great visibility into your firewall rules, thereby allowing you to eliminate redundant or overlapping rules. It saves time by allowing administrators to test network traffic and pinpoint which rules are being triggered for a particular traffic flow.

The most valuable features to me were the following:

1. Testing network flows and optimizing firewall policies.
2. Obtaining regulatory and compliance metrics for audits.
3. Visualize complex networks using the topology maps.
4. Simple interface and ease of navigation.

The product has a lot of great features already. However, I would like the reporting to be more customizable, as per user and auditing needs.

It is a highly scalable solution as per my experience.

I haven't used any other solutions.

I do not have much information on the pricing, as I wasn't part of the actual procurement process. I was told that the pricing and licensing was comparatively fair.

I did a basic evaluation of FireMon, which had identical features to the AlgoSec Firewall Analyzer.

• Overly permissive rules need more visibility, and we have given the "any to any" access in some cases. 
• Looking for the solution which will provide details and description of the policy, like providing the source and destination addresses that are used from particular rules.

Policy optimisation helped reduce the policy count of the firewall. Therefore, the visibility of firewall policies improved. 

Policy tightening feature: It gives the visibilities of "any to any" rules, which source and destination are used, and the actual traffic from overly permissive rules. Therefore, we are able to tighten the policy of the firewall. 

I would like to suggest that cloud visibility feature is provided in the next release. We would be able to understand how traffic flows from the source to destination.

No.

Yes, Skybox was there, but the GUI and some of the features are missing.

• A systems integrator to implement for clients
• To help them manage their firewalls that were bought from us as well.

It provides the organization by giving us visibility in the process of our clients and automates policy implementations and checks. It gives value to our managed services that we provide.

• Algosec Firewall Analyzer and Algosec FireFlow: They basically give us a full picture of how traffic flows and how we can secure it.
• The product, directly implementing the policies to be enforced by the gateways, makes life easier to the IT.

Based on the conference I just attended, it is improving by Algosec opening their API more. This allows us as a systems integrator to give more value to our clients. We will be able to integrate more things that do not come out of the box.

Stability is fine as it's been in the market for a long time.

Scalability is fine especially as they just released their CloudFlow as well.

No.

AlgoSec helps us be ramped up on our technical expertise on the product.

N/A.

Licensing is simple, and the setup is straightforward.

Yes, Tufin.

• Firewall management, configuration, and risk management functions to ensure the highest security posture
• Automated change notification is a must and is critical in maintaining a safe environment and compliance. 
• Need the ability to review the policy and NAT rule bases
• Lastly, logs from a firewall can be overwhelming and difficult to maintain, so every security department needs the ability to review logs with accuracy.  

AlgoSec provides visibility of policy and NAT firewall rules for rule review and cleanup. It provides risk management status of our firewalls at a glance, and notifies when any change is made to the firewalls. This solution has improved our security posture, lowered our risk and exposure, saved time with cleanup and maintaining the firewalls, and allowed for log review with ease. Finally, AlgoSec has changed how firewall management and changes are conducted, so it has improved our overall process and procedures.

I value all the rich features of AlgoSec equally since it solves many problems with one solution. From the ability to see rules with a few clicks to maintaining or lowering the firewall's security risk score is priceless. And, the support team behind the solution is equally as strong and helpful, making this one of my best implementation decisions and tools in the toolset.

AlgoSec is my favorite tool because it does what it is designed to do and it does it well. The service I've received from their support teams is second to none. They have always successfully answered my questions and solved my problems. So, it is difficult to improve a solid solution but, not everything is perfect. Having executive type reporting capabilities which explain the security posture and scoring to provide to executive management would be a nice feature to add. Reports can be printed, but an executive summary report would be an improvement. 

• The flagship feature used is its correlation of filtering rules (ACL/firewall).
• The audit of changes made in our environment is also very useful in the investigation of failure.

In an environment where onion layer security is strongly implemented, the filter elements can be configured in various places, and the traffic simulator proves, in this case, to be life-saving, whether in diagnostic time or in efficiency.

The AlgoSec solution has allowed us to achieve a clean-up and optimization of our filtering rules across our entire environment. The rules analysis allowed us to delegate the tool for operational purposes for the evaluation of firewall opening and audit requirements.

• The filter rules correlator allows us not only to have a clear view of the blocking points but also the quality of the filtering performed on the various firewalls highlighted by their risk index.
• Another interesting feature of the product is its ability to highlight filtering rules that would mask other more specific rules and thus lead to an optimization of the system.
• AlgoSec also allows us to have a history of changes. This feature is especially useful in the event of an outage or an unwanted change.

Although I'm very satisfied with the product, one of the ways of improving the product could lie, perhaps, in the acceleration of the analysis process and especially in the section — traffic simulation query.

Another improvement would be the support of an orchestration of different firewalls in a heterogeneous environment, mainly at the level of the management of the objects so as to have a homogeneous nomenclature.