AlgoSec Reviews

AlgoSec was used as a firewall setting, but we had issues with change management, approvals, and the workflow to deploy firewall rules. The tool covers the technology and intelligence, but we had a lot of manual work to convince sponsors and correlated areas that used AlgoSec or needed to open a firewall rule.

AlgoSec has a feature that provides intelligence on which rules are correct. It was crucial in helping us understand which rules were important and which ones could be turned off or removed, simplifying the structure. It helps prioritize actions and performance needs. The performance boost we had was huge. We were considering buying new firewall structures, but with AlgoSec, we just organized the rules and avoided spending more money on the environment. 

We faced internal challenges with our services and the process. If we had a closer approach from AlgoSec with instructions on how to build or change the management process, how to improve our environment, it would have been better. The big problem was more about the approval and request roles, and bureaucratic side of things.

I left the company a couple of years ago. I bought AlgoSec in 2022, and after a few months, I left the company and joined a different one that already had AlgoSec infrastructure in place.

The technical support was really technical and had a more technological view of the problem. Here in Brazil, we have a lot of discussions, conversations, and meetings, so the technology didn't resolve the problem we had like that. 

Positive

I wouldn't recommend AlgoSec for environments with fewer than 500 rules or without multiple offices, as the solution is quite complex to deploy and engage teams. It's more suitable for larger enterprises with complex environments. If you have a complex environment, AlgoSec is a good choice, but for smaller or medium-sized companies with fewer firewalls, it's easier to manage with the console provided by the vendor. If your site has complexities and you deal with multiple firewall vendors, AlgoSec simplifies management. However, if you only have one vendor, it's better to avoid adding more consoles. For environments with multiple vendors and many rules, AlgoSec or any firewall management tool would help.

Overall, I would rate AlgoSec ten out of ten, considering the complexities of the companies I've worked with. The tool needs to be managed by expert teams who understand both the technology and the change process.

I use AlgoSec as a firewall analyzer. It helps review the changes made on the firewalls and determine who executed those changes. The tool automates predefined reports about non-used network objects, which is technically challenging for manual review.

By implementing AlgoSec, we've reduced the time and effort it takes to review firewall changes and audit logs. Before AlgoSec, we used to review each firewall manually, but now, the tool automates this process which saves us time.

The most valuable feature of AlgoSec is its ability to generate comprehensive reports. As a firewall analyzer, it's very useful for reviewing and collecting information at a single point. The tool also helps generate reports automatically, which is beneficial for us.

The graphical user interface in AlgoSec needs improvement. Sometimes it gets stuck, requiring multiple refreshes. Additionally, system integration with more products can be enhanced, like integrating the Blue Coat web filtering products.

I have been using AlgoSec since 2020.

The product is stable and reliable for our needs.

While we haven't tested it extensively, it has the capability to scale. We currently use it to manage eleven firewalls and nine routers. It has the ability to expand by adding more CPUs and memory.

Technical support is decent, although it can take time for them to handle more complex cases. The first level of support may lack the knowledge to solve advanced issues swiftly.

Positive

Before using AlgoSec, we manually reviewed and audited changes and reports.

The initial setup was easy for adding firewalls, despite some challenges when deploying the second module of AlgoSec.

The implementation was conducted by working with the vendor through remote sessions.

The return on investment is evident in the reduced time and effort for reviewing and auditing firewall changes.

I am not involved with pricing details since I mainly handle the technical aspects. However, the value from reduced time and effort justifies its cost.

I would recommend AlgoSec for enterprise environments that make frequent changes. Smaller environments with infrequent changes may not benefit as much.

The most common use cases include:

• Performing audits on an annual basis with the help of information security
• Remediating risky rules by trusting them or remediating them at the firewall level
• Unused rules and disabled rules are addressed on a regular basis
• All firewall changes are monitored through AlgoSec with the help of change notifications
• Improving compliance and risk management and connections revolving around the network Layer 3
• Locating objects and addressing any issues on a much quicker basis

We were able to improve the security ratings of our firewalls. It helped us with annual audits, change notifications, rule assessments, and visibility in general.

It improved compliance and risk management and connections revolving around the network Layer 3.

We can get all the firewall-related data with a single click and effectively work on synchronizing with all the firewall gateways including the management server.

It helps us with firewall audits on an annual basis with the help of information security.

We remediate risky rules by trusting them or remediating them at the firewall level.

We address the unused rules and disabled rules on a regular basis.

All firewall changes are monitored through AlgoSec with the help of change notifications.

It improved compliance and risk management and connections revolving around the network Layer 3.

It helps locate objects and address any issues on a much quicker basis.

RFEs are kept open for too long. We had requested a couple of features, including the ability to trust implicit rules, and IPT doesn't run on IPSEC-enabled firewalls (Cisco to be specific). We had reported these issues for over four years now and still we do not see any resolution.

There is no visibility for the changes made to the NAT rule policies.

Adding objects or object groups on the firewall also do not generate a change notification.

There is no visibility for changes made to the secondary standby firewall if the firewalls are added as a cluster.

I've used the solution for more than five years.

We did not previously use a different solution.

We did not evaluate other options. 

AlgoSec enables organizations to have end-to-end visibility and control over application connectivity across complex hybrid IT environments spanning data centers, cloud, containers, and legacy systems. This allows organizations to automate analysis of how applications interconnect and depend on each other as well as the underlying infrastructure. 

When new applications are deployed, or existing ones are migrated, AlgoSec can rapidly determine the minimal policy changes required to maintain security and compliance.

While AlgoSec already provides substantial capabilities around managing security policies and compliance, there is an opportunity to further enhance its intelligence to take a more proactive security posture. Specifically, AlgoSec could look to incorporate advanced machine learning techniques to analyze network traffic, application logs, and user behavior to detect anomalies and identify emerging threats. 

Going beyond just mapping the authorized connectivity, AlgoSec could leverage unsupervised ML clustering algorithms and deep learning models to find high-risk anomalies and subtle attacks.

It allows organizations to identify risks, reduce attack surfaces, and streamline policy changes required to deploy or migrate applications safely and quickly. 

With ever-changing infrastructure and threats, keeping security policies optimized is extremely challenging. AlgoSec's continuous monitoring capabilities allow organizations to maintain proper controls and compliance coverage as the application landscape evolves. No longer are security changes made blindly. 

AlgoSec gives organizations the visibility and intelligence needed to make application connectivity changes confidently while managing risk and compliance. Having all these capabilities seamlessly integrated into one platform makes AlgoSec a powerful tool for digital transformation initiatives involving constant application change.

While AlgoSec provides comprehensive visibility and management of security policies across hybrid environments, there is an opportunity to further expand its intelligence capabilities. 

Specifically, AlgoSec could look to incorporate more machine learning to analyze network traffic patterns and application behavior to detect anomalies indicative of emerging threats and policy violations. Going beyond just mapping connections, it can automatically flag high-risk flows and unusual events for further investigation.

I've been using the solution for more than a year.

We've used Cisco Tetration in the past.

The price is not the lowest, however, it is reasonable and offers good ROI.

We also evaluated Tufin.

We hope, in the future, to have more flexible pricing plans.

We use the solution for rule optimization. We had almost 100+ firewalls in our network. AlgoSec helps us to manage the firewalls more effectively.

AlgoSec made our work simple in managing the multivendor firewall rule. Audit-ready reporting is an awesome feature.

The most valuable aspects of the solution include policy optimization, rule cleanup, and network discovery.

They need to do some improvements in multi-vendor firewall policy migration. They need improvements in network discovery. The solution could fix some bugs in the A32. Fireflow needs to be a little more user-friendly.

I've used the solution for the past four years.

The scalability is good.

We previously used Firemon. AlgoSec has more functionality and is user-friendly to manage our firewall more effectively.

The initial setup is good.

The ROI is good.

AlgoSec provided the best price and the team helped effectively with the support and A32 migration.

We did look into Tufin.

The solution is the best in the market.

As an administrator, I ensure the platform works as well as possible. We are responsible for everything on the platform, such as onboarding and offboarding devices and managing the information on there, access, etc. AlgoSec has a good security component, but we primarily use it as a network and firewall appliance. It communicates with firewall and router vendors and integrates well with major vendors, such as Palo Alto, Check Point, and Cisco. However, it has some limitations with other vendors. It depends on the brand, but all the vendors we use work well with AlgoSec. 

We use AlgoSec Firewall Analyzer, FireFlow, and AppViz. All of our AlgoSec devices are on-prem. We average about 15 users daily, at least. We divide AlgoSec users into requesters and actual users. Requesters have limited access to only FireFlow, where they can make a request. We have about 100 requesters and 20 direct users from the network, security, and other teams. 

AlgoSec made troubleshooting much more manageable. For example, we can quickly determine the cause of routing issues and do traffic simulations to discover if something is open. It helps us perform analysis faster. That's one of the significant advantages. 

AlgoSec simplifies the work of security engineers in two ways. First, it simplifies approvals. Every time a flow is requested, it goes to security for approval. The security team assesses the risk of each request and makes a decision based on that. Second, it made audits easier because analyzing firewalls and permitted traffic is effortless. All these little aspects don't seem like much, but they add up. We have lots of audits. The risk metrics help us to identify specific risks as long as we can define solid risk metrics. If that doesn't work, you can also use the API to gather much of that information.

FireFlow provides multiple ways to create tickets involving numerous teams. Our existing ticketing solutions are not as easily configurable. They have some more restrictions. AlgoSec is a significant improvement. It has considerably reduced the time we spend implementing firewall rules. For example, we had previously implemented some rules manually and others via FireFlow. We started to use FireFlow for all of them. Because even if the network review on FireFlow isn't as accurate, it's still a net reduction compared to the time it would take to implement everything manually. It's worth it to spend a little more time analyzing everything. We can select the firewall and let FireFlow take care of everything. It's not comparable because we can press a few buttons, and everything is done.

AlgoSec reduced human error and misconfigurations, especially in terms of firewall implementation. AlgoSec doesn't make many mistakes. Implementation errors are rare. For example, let's say that we are trying to analyze something. Creating things by hand requires us to look at a file with 25 lines. It's easy to forget something, but AlgoSec doesn't forget anything. 

AlgoSec provides us with all the information, and we have to check to see if it's working correctly. Of course, it's not perfect. Sometimes there's some routing missing. When it doesn't implement something, AlgoSec usually informs people it's not going to. 

My company is a massive enterprise with several DCs globally and various types of environments. In addition to those DCs, they also have several subsidiaries, so it's a giant network. We work on incorporating all these environments into a single pane of glass using AlgoSec. Previously, every DC had its own AlgoSec, but we're currently merging them all into a single global AlgoSec because it's best to have everything in one place managed by the same people. It will enable us to control and standardize everything. It's also better in terms of visibility. 

We have integrated AlgoSec with Cisco ACI, but I wouldn't say it adds much. ACI is replacing our previous architecture, which was also Cisco. It's mostly the same. The way AlgoSec collects information hasn't changed much. ACI is good at organization, but it doesn't add much to AlgoSec's security functions. AlgoSec comes in handy during cloud migration. 

When migrating to the cloud, we typically extract information from old servers and provide that to the migration technicians so they know what they need to open for the new server. If the migration goes well, we aren't usually too involved with it. Afterward, if they find issues, we can help detect them and understand why something is missing.

FireFlow is great. In a company that gets a large volume of requests to open firewall rules, it's helpful to have one place that summarizes the requests, enabling you to clearly understand why they need to be implemented and also implement them. Firewall Analyzer can help you identify missing routing or check information on the firewall without the need to log into a firewall or router to check the routing. We have all that access in three clicks.

AlgoSec provides excellent visibility. We can easily see our devices, how they're connected, and what information is on them. AlgoSec allows you to define your own risk metrics based on a set of rules. It gives you a report based on that, so it's highly customizable. 

A few features could be more customizable. For example, one of our issues is related to the comments. When using FireFlow and ActiveChange, the comments by AlgoSec can be changed, but they always have the FireFlow number first. That's mandatory. It can be a bit bothersome because that's sometimes not exactly what we want. The templates we use have some scripts running in the background that aren't easy to change or remake. 

These options could be improved. Some features take time to learn and understand. It would be hard to figure out without AlgoSec support. Every bug or every problem we encounter is challenging to understand and fix without them. We try to solve our own issues, but sometimes we can't, and we need AlgoSec support. 

I've been using AlgoSec for a year and a half.

I think the solution is pretty stable. There has rarely been an instance when we needed to reboot to fix something. It has happened, but it's uncommon. Overall, I would say it's highly stable.

The scalability is excellent. We are changing the architecture, including the remote agent. It has been easy to scale like this. 

I rate AlgoSec support a six out of ten. Our experience has been inconsistent. Sometimes, support is fast and clean; other times, not so much. Occasionally, they take a while to respond or provide an inadequate workaround instead of a solution. It also depends on the support we purchase because AlgoSec has different levels. The premium levels have 24-hour support. 

Neutral

I wasn't involved in the initial setup, but we had a migration in which we changed the server where it was hosted and changed the architecture a bit. It was pretty simple. We had the support of AlgoSec engineers, so it went smoothly and quickly. We have two platform administrators and a third person who is the product owner. He helps us a lot, especially with the bureaucracy and everything, but we can primarily manage the solution well with two people. 

We've seen a return on investment. We continue to use AlgoSec a bit more each day. We're not investing more in AlgoSec monetarily, but we're investing time into learning its features so we can use it to the fullest extent.

It comes down to the amount of work AlgoSec reduces. The volume of flow implemented monthly would be challenging to handle manually. It would take much longer to analyze and execute. Not counting security, one guy using FireFlow is enough to implement requests these days. One member of the network team and one person from security can implement all the requests within our SLAs. I'm unsure how many people we would need to do that manually. It would probably take five times as many people to do the same work. That's not even counting all the security and troubleshooting benefits AlgoSec provides. 

I know AlgoSec can be expensive. I've heard from some of the platform users who worked at other companies that wanted to use AlgoSec, but it wasn't within their budget. Large enterprises can use it if they have a huge network with several devices. It's worth the cost if they spend a lot of time auditing and dealing with security concerns. It pays off in the long run.

You must pay for the basic AlgoSec license and the number of devices onboarded. There are licenses per firewall and network device. I believe you also must pay extra for firewalls with ActiveChange. I don't know the precise figures because I don't work with them, but I think they change. 

I rate AlgoSec a nine out of ten. It makes life easier. Without AlgoSec, you need to deal with one or two layers of extra work, doing tasks manually and logging into devices to run commands. It simplifies a lot of daily work. I've grown accustomed to the ease of use, so it'll be hard to adapt if I get a new job at a place without it. 

The solution is excellent, but you need to customize it for your own purpose. Before I joined this company, the previous administrators worked closely with AlgoSec support to build the platform to their specifications. They were the ones that customized what we needed. After that, everything is straightforward. There are a few tweaks here and there, and everything is good to go. The biggest hurdle is getting started. It's good to work with support. If not, we'll constantly be dealing with modifications, bugs, errors, and stuff that doesn't work. Getting the platform right in the beginning makes it a lot easier.

We have four firewalls and two routers in our environment. We also have a business application. At first, it was very difficult to connect to each firewall individually, see my environment as a whole, and determine where traffic was being blocked and who made changes. AlgoSec provides a solution to all of this in a single platform.

Being able to see where traffic is blocked using traffic simulation provides me with great convenience. Additionally, with FireFlow, I can handle this in a single action instead of taking actions on each firewall individually.

Thanks to Algosec, especially with the FireFlow and AppViz modules, I have managed the regulation compliance I need to adhere to through baseline compliance and checked my compliance with it. Without connecting to my firewalls one by one, I was able to handle all my changes with FireFlow in a single-handed manner according to a specific plan. I was able to clearly see the accesses to the application in my environment and the vulnerabilities of the application. The reports section was very useful in tightening up my policies.

Country-specific regulations should be added when required. Doing this on my own with baseline compliance is quite difficult.

Additionally, I would like AlgoSec to provide suggestions such as "this object includes that object" for my objects on the Check Point firewall. For my Fortigate manager, the support of the active change feature is important to me. 

Lastly, the FireFlow interface could be simplified a bit more. I agree that it is user-friendly, but on the other hand, it can be difficult to organize and find certain things.

I have been using AlgoSec for one year. 

We haven't encountered any interruptions while the product is running. It operates very stably.

We can add devices very quickly whenever we need to, with additional licenses.

I received sufficient and useful responses within a maximum of one day.

Positive

Straightforward. We imported the ova file and that's all, then just clicked add devices.

It has been a very useful and suitable investment for us.

The setup is very easy, and while I can't say anything definitive about the pricing in terms of competition, licensing is also quite straightforward.

We have tried Tuffin.

Our primary use of AlgoSec is to ensure the smooth operation of our network infrastructure. 

We are responsible for device onboarding and offboarding, managing access, and overseeing information security. While AlgoSec offers robust security features, we primarily utilize it for network and firewall management. 

It integrates seamlessly with major vendors like Palo Alto, Check Point, and Cisco, although there may be some limitations with other brands. We employ AlgoSec Firewall Analyzer, FireFlow, and AppViz, all of which are deployed on-premises. On average, we have around 15 daily users, including requesters and direct users from various teams.

AlgoSec has significantly enhanced our troubleshooting capabilities. We can quickly pinpoint the causes of routing issues and conduct traffic simulations to identify potential problems. This has streamlined our analysis processes, which is a major advantage.

Moreover, AlgoSec simplifies the work of our security engineers in two key ways. First, it streamlines the approval process for flow requests, with the security team assessing risk and granting approvals. Second, it facilitates audits by providing effortless access to firewall configurations and permitted traffic data, making compliance checks much smoother.

FireFlow, a component of AlgoSec, has been particularly valuable for us. It serves as a centralized platform for managing firewall rule requests, making it easy to understand and implement these requests efficiently. Additionally, Firewall Analyzer helps us identify missing routing information and check firewall status without the need to access individual devices.

AlgoSec has significantly reduced human errors and misconfigurations, especially during firewall implementation. It provides comprehensive information, minimizing the chances of oversight or omission. While it's not flawless, it typically alerts us when something cannot be implemented, ensuring transparency.

The standout features of AlgoSec include FireFlow, which simplifies firewall rule management, and Firewall Analyzer, which enhances visibility by identifying missing routing and firewall data. AlgoSec's flexibility in defining custom risk metrics and generating reports based on them has been highly beneficial.

AlgoSec's scalability has been excellent for our needs. We've made architectural changes, including incorporating remote agents, and scaling up has been straightforward. The integration with Cisco ACI has been somewhat seamless, although it hasn't added significant functionality to AlgoSec's security features.

We've also found AlgoSec invaluable during cloud migrations. It aids in extracting information from old servers to guide migration technicians on what needs to be opened for new servers.

While AlgoSec offers many advantages, there are some areas for improvement. Certain features, like comments in FireFlow, could be made more customizable. Additionally, some features require a learning curve and may necessitate support from AlgoSec, which can be challenging at times.

While AlgoSec offers many advantages, there are some areas for improvement. Certain features, like comments in FireFlow, could be made more customizable. Additionally, some features require a learning curve and may necessitate support from AlgoSec, which can be challenging at times.

I've used the solution for one year.

We didn't use a different solution.

We did not evaluate other options.