AlgoSec Reviews

• ABF application centric
• Risk and compliance
• Zone matrix
• Conditional workflow
• IPT
• Active change 

It improved a lot in our flow database. In the past, application owners did not know their application connectivity. AlgoSec helps with this and our users are able to documents their rules.

ABF: It is application-centric. which helps to track changes in the application from day one.

Compliance: It helps to have a zone matrix and capture risks.

ABF needs to be more integration with AFF/AFA. We needs object level permissions and application level recertifications.

No stability issues.

No scalability issues.

We used a different network security policy management tool, but we felt it would not be able to fulfill our requirements and address our previous gap. We were looking for a place where we could keep our rules and also track ownership of each rule in the application.

The initial setup was straightforward.

We implemented through a vendor team, whose expertise level was high.

We are satisfied with our ROI.

We evaluated all of AlgoSec's competitors and chose AlgoSec as it was the best.

The product could be improved by adding additional tools for troubleshooting, not only for the firewall, but for other devices like switch and dynamic routing display. Also, it would be good if it could retrieve all information regarding Cisco Nexus switches and devices.

It would be interesting if the product could automate the switch configuration and create a dynamic map of the entire network.

In the VMware platform, sometimes the application is frozen and we have to reload the machine.

Not at all.

The technical services personnel are very confident and provide good assistance.

No previous solution was used.

The initial setup process is excellent.

The in-house implementation was good for FireFlow.

To down level firewall care so context owners and operations can be more agile in their day-to-day operations. It improves audibility and security by having instant access to firewall configurations. It has the ability to create architectures improving performance, reducing costs and KPIs. 

AlgoSec makes it quite easy to down level firewall auditing, running, and maintenance. This has given the operations team, audit, and security instant  access to firewall configurations.  

The whole platform is extremely useful. I like the auto-mapping features and configuration overview. We use this for many things, but primarily for quick reactions to security events, audit, project management, and quick operational efficiencies. 

A modernized GUI would be a nice feature upgrade. The GUI looks a little outdated. 

There are a lot of updates for the product which have been good. However, it is a pain to always have to upgrade the product. 

No stability issues.

No scalability issues.

Our experience with the support is fair. 

No.

It is pretty easy to set up and run.

We implemented it in-house. 

It has improved our performance in operations, projects, and security. 

It will reduce your operations costs with improved team performance. 

We evaluated FireMon.

Overall, the product is very good for firewall insights. 

Since approximately 2005, I have used AlgoSec in almost all of the companies that I have worked at. AlgoSec Firewall Analyzer (AFA) continues to be my favorite product, as well as the core of other AlgoSec products. My teams use AFA to validate firewall (FW) changes, see hidden and complex rules, identify dangerous combinations of rules across many enterprise firewall situations, and enable a risk-based approach to firewall rules and associated risk management.

AlgoSec is able to provide a consistent view into all of an organization's firewalls, regardless if the management is done by different companies, e.g., Check Point's, Cisco's, and Palo Alto's firewall policies are presented to the security team in a consistent format. This enables risk management decisions to be made without detailed understanding or experience in various underlying firewall technologies or management systems.

AFA is the best feature. It shows consistent information regardless of the underlying platform. Unused rules, hidden rules, and dangerous combinations of rules are easily found and tracked by using AlgoSec.

• I would like to see continued expansion to other firewall versions, platforms, and vendors. 
• I would also like to see continued work on the roadmap.

ABF and compliance modules.

AlgoSec contributes more in the security space for our company, especially in automatically finding the high risk and medium risk rules instead of manually reviewing over a few thousand rules. 

Also, ABF is a wonderful module where you can keep the footprint for your firewall rules up-to-date, like CMDB.

ABF is a key module for us, which we are using like an application center where we can keep our firewall rules for each application up-to-date. 

The compliance module is one of the best features which can help anyone to perform security review with predefined security matrix configurations. The compliance module can save a lot of time for security reviews and provide full visibility of the risk required in firewall change requests.

ABF is not very mature compare to AFA and AFF, but the module and concepts are quite good. I would suggest more concentration on ABF, especially on object and application permissions. 

We used a different Network Security Policy Management Solutions (NSPM) tool, but we felt that it would not be able to fulfill our requirements and address the gap which we had before.

We were looking for a place where we could keep our rules and also track ownership of each rule in the application.

I personally feel that the cost is quite expensive. AlgoSec is charging for each function, e.g., Active change, Application ABF license, etc. 

It is worth spending the cost for visibility on security. Of course, security is not cheap.

We evaluated three marketing leaders in the NSMP industry. However, we are not interested in highlighting anyone here.

To be able to monitor all firewalls under one umbrella. It makes it easy for customer to get their reports.

• Reports run easily to my management.
• Searching on IP address to find out the firewalls.
• Streamline tickets

Reports and baseline are the most important feature for auditors. Auditors can get PDF or CSV reports without having to give them access to firewalls.

Having the ability to patch an issue as oppose to upgrading the entire suite.

Once you upgrade to latest version, it is stable.

No issues.

Needs better technical support and quicker response times.

Setup is easy. Just run the script and all seems fine.

In-house with some help from Professional Services, who are knowledgeable and helpful.

Pricing is okay and the licensing can be a little tricky with the initial setup.

We evaluated other options. FireMon and Tufin were on the list but AlgoSec won out. It is better.

AlgoSec may be little pricier with its licenses, but it is probably better than any of other competitors.

Our primary use case started as policy optimization in a multi-vendor firewall environment. Now, our primary use case is giving access to firewall policies for development teams and infrastructure specialists. We are receiving better change requests based on actual requirements and less requests for access which already exists.

Over time, firewall vendors have added features, such as rule counters, that AlgoSec traditionally has offered. However, AlgoSec continues to add capabilities that firewall vendors simply cannot provide. We have reduced the attack surface of risky rules, improved our compliance scores, and streamlined our firewall change flow all thanks to AlgoSec Firewall Analyzer.

The ease of use and "one click" reports are very manager friendly. The policy browser is a fast, efficient way to find existing access, especially when granted via membership of a group or subnet. The ability to painlessly click through and navigate group objects ("what's in this object?") to filter.

The Flash to HTML5 rewrite has been bumpy. However, as a security professional, I appreciate the improvement in the product.

I am optimistic about possibly moving beyond AFA to other products.

R&D patches to address issues that I have encountered have been timely and effective.

Firewall and Compliance.  We use the product to support the firewall review process and risk of over 400 firewalls

We are able to quickly review 100's of firewalls and stay compliant.  The product has been invaluable to our information security department

Policy review and compliance.  We are now using the AlgoSec FireFlow feature to help us automate the firewall ACL submission process and implementation of firewall rules.

Product has improved quite a bite in the years we have been using the product. We look forward to completing the AlgoSec Fireflow implementation and piloting the Business flow product.  AlgoSec continues to improve their product every year.