AlgoSec Reviews

I use AlgoSec as a firewall analyzer. It helps review the changes made on the firewalls and determine who executed those changes. The tool automates predefined reports about non-used network objects, which is technically challenging for manual review.

By implementing AlgoSec, we've reduced the time and effort it takes to review firewall changes and audit logs. Before AlgoSec, we used to review each firewall manually, but now, the tool automates this process which saves us time.

The most valuable feature of AlgoSec is its ability to generate comprehensive reports. As a firewall analyzer, it's very useful for reviewing and collecting information at a single point. The tool also helps generate reports automatically, which is beneficial for us.

The graphical user interface in AlgoSec needs improvement. Sometimes it gets stuck, requiring multiple refreshes. Additionally, system integration with more products can be enhanced, like integrating the Blue Coat web filtering products.

I have been using AlgoSec since 2020.

The product is stable and reliable for our needs.

While we haven't tested it extensively, it has the capability to scale. We currently use it to manage eleven firewalls and nine routers. It has the ability to expand by adding more CPUs and memory.

Technical support is decent, although it can take time for them to handle more complex cases. The first level of support may lack the knowledge to solve advanced issues swiftly.

Positive

Before using AlgoSec, we manually reviewed and audited changes and reports.

The initial setup was easy for adding firewalls, despite some challenges when deploying the second module of AlgoSec.

The implementation was conducted by working with the vendor through remote sessions.

The return on investment is evident in the reduced time and effort for reviewing and auditing firewall changes.

I am not involved with pricing details since I mainly handle the technical aspects. However, the value from reduced time and effort justifies its cost.

I would recommend AlgoSec for enterprise environments that make frequent changes. Smaller environments with infrequent changes may not benefit as much.

AlgoSec enables organizations to have end-to-end visibility and control over application connectivity across complex hybrid IT environments spanning data centers, cloud, containers, and legacy systems. This allows organizations to automate analysis of how applications interconnect and depend on each other as well as the underlying infrastructure. 

When new applications are deployed, or existing ones are migrated, AlgoSec can rapidly determine the minimal policy changes required to maintain security and compliance.

While AlgoSec already provides substantial capabilities around managing security policies and compliance, there is an opportunity to further enhance its intelligence to take a more proactive security posture. Specifically, AlgoSec could look to incorporate advanced machine learning techniques to analyze network traffic, application logs, and user behavior to detect anomalies and identify emerging threats. 

Going beyond just mapping the authorized connectivity, AlgoSec could leverage unsupervised ML clustering algorithms and deep learning models to find high-risk anomalies and subtle attacks.

It allows organizations to identify risks, reduce attack surfaces, and streamline policy changes required to deploy or migrate applications safely and quickly. 

With ever-changing infrastructure and threats, keeping security policies optimized is extremely challenging. AlgoSec's continuous monitoring capabilities allow organizations to maintain proper controls and compliance coverage as the application landscape evolves. No longer are security changes made blindly. 

AlgoSec gives organizations the visibility and intelligence needed to make application connectivity changes confidently while managing risk and compliance. Having all these capabilities seamlessly integrated into one platform makes AlgoSec a powerful tool for digital transformation initiatives involving constant application change.

While AlgoSec provides comprehensive visibility and management of security policies across hybrid environments, there is an opportunity to further expand its intelligence capabilities. 

Specifically, AlgoSec could look to incorporate more machine learning to analyze network traffic patterns and application behavior to detect anomalies indicative of emerging threats and policy violations. Going beyond just mapping connections, it can automatically flag high-risk flows and unusual events for further investigation.

I've been using the solution for more than a year.

We've used Cisco Tetration in the past.

The price is not the lowest, however, it is reasonable and offers good ROI.

We also evaluated Tufin.

We hope, in the future, to have more flexible pricing plans.

As an administrator, I ensure the platform works as well as possible. We are responsible for everything on the platform, such as onboarding and offboarding devices and managing the information on there, access, etc. AlgoSec has a good security component, but we primarily use it as a network and firewall appliance. It communicates with firewall and router vendors and integrates well with major vendors, such as Palo Alto, Check Point, and Cisco. However, it has some limitations with other vendors. It depends on the brand, but all the vendors we use work well with AlgoSec. 

We use AlgoSec Firewall Analyzer, FireFlow, and AppViz. All of our AlgoSec devices are on-prem. We average about 15 users daily, at least. We divide AlgoSec users into requesters and actual users. Requesters have limited access to only FireFlow, where they can make a request. We have about 100 requesters and 20 direct users from the network, security, and other teams. 

AlgoSec made troubleshooting much more manageable. For example, we can quickly determine the cause of routing issues and do traffic simulations to discover if something is open. It helps us perform analysis faster. That's one of the significant advantages. 

AlgoSec simplifies the work of security engineers in two ways. First, it simplifies approvals. Every time a flow is requested, it goes to security for approval. The security team assesses the risk of each request and makes a decision based on that. Second, it made audits easier because analyzing firewalls and permitted traffic is effortless. All these little aspects don't seem like much, but they add up. We have lots of audits. The risk metrics help us to identify specific risks as long as we can define solid risk metrics. If that doesn't work, you can also use the API to gather much of that information.

FireFlow provides multiple ways to create tickets involving numerous teams. Our existing ticketing solutions are not as easily configurable. They have some more restrictions. AlgoSec is a significant improvement. It has considerably reduced the time we spend implementing firewall rules. For example, we had previously implemented some rules manually and others via FireFlow. We started to use FireFlow for all of them. Because even if the network review on FireFlow isn't as accurate, it's still a net reduction compared to the time it would take to implement everything manually. It's worth it to spend a little more time analyzing everything. We can select the firewall and let FireFlow take care of everything. It's not comparable because we can press a few buttons, and everything is done.

AlgoSec reduced human error and misconfigurations, especially in terms of firewall implementation. AlgoSec doesn't make many mistakes. Implementation errors are rare. For example, let's say that we are trying to analyze something. Creating things by hand requires us to look at a file with 25 lines. It's easy to forget something, but AlgoSec doesn't forget anything. 

AlgoSec provides us with all the information, and we have to check to see if it's working correctly. Of course, it's not perfect. Sometimes there's some routing missing. When it doesn't implement something, AlgoSec usually informs people it's not going to. 

My company is a massive enterprise with several DCs globally and various types of environments. In addition to those DCs, they also have several subsidiaries, so it's a giant network. We work on incorporating all these environments into a single pane of glass using AlgoSec. Previously, every DC had its own AlgoSec, but we're currently merging them all into a single global AlgoSec because it's best to have everything in one place managed by the same people. It will enable us to control and standardize everything. It's also better in terms of visibility. 

We have integrated AlgoSec with Cisco ACI, but I wouldn't say it adds much. ACI is replacing our previous architecture, which was also Cisco. It's mostly the same. The way AlgoSec collects information hasn't changed much. ACI is good at organization, but it doesn't add much to AlgoSec's security functions. AlgoSec comes in handy during cloud migration. 

When migrating to the cloud, we typically extract information from old servers and provide that to the migration technicians so they know what they need to open for the new server. If the migration goes well, we aren't usually too involved with it. Afterward, if they find issues, we can help detect them and understand why something is missing.

FireFlow is great. In a company that gets a large volume of requests to open firewall rules, it's helpful to have one place that summarizes the requests, enabling you to clearly understand why they need to be implemented and also implement them. Firewall Analyzer can help you identify missing routing or check information on the firewall without the need to log into a firewall or router to check the routing. We have all that access in three clicks.

AlgoSec provides excellent visibility. We can easily see our devices, how they're connected, and what information is on them. AlgoSec allows you to define your own risk metrics based on a set of rules. It gives you a report based on that, so it's highly customizable. 

A few features could be more customizable. For example, one of our issues is related to the comments. When using FireFlow and ActiveChange, the comments by AlgoSec can be changed, but they always have the FireFlow number first. That's mandatory. It can be a bit bothersome because that's sometimes not exactly what we want. The templates we use have some scripts running in the background that aren't easy to change or remake. 

These options could be improved. Some features take time to learn and understand. It would be hard to figure out without AlgoSec support. Every bug or every problem we encounter is challenging to understand and fix without them. We try to solve our own issues, but sometimes we can't, and we need AlgoSec support. 

I've been using AlgoSec for a year and a half.

I think the solution is pretty stable. There has rarely been an instance when we needed to reboot to fix something. It has happened, but it's uncommon. Overall, I would say it's highly stable.

The scalability is excellent. We are changing the architecture, including the remote agent. It has been easy to scale like this. 

I rate AlgoSec support a six out of ten. Our experience has been inconsistent. Sometimes, support is fast and clean; other times, not so much. Occasionally, they take a while to respond or provide an inadequate workaround instead of a solution. It also depends on the support we purchase because AlgoSec has different levels. The premium levels have 24-hour support. 

Neutral

I wasn't involved in the initial setup, but we had a migration in which we changed the server where it was hosted and changed the architecture a bit. It was pretty simple. We had the support of AlgoSec engineers, so it went smoothly and quickly. We have two platform administrators and a third person who is the product owner. He helps us a lot, especially with the bureaucracy and everything, but we can primarily manage the solution well with two people. 

We've seen a return on investment. We continue to use AlgoSec a bit more each day. We're not investing more in AlgoSec monetarily, but we're investing time into learning its features so we can use it to the fullest extent.

It comes down to the amount of work AlgoSec reduces. The volume of flow implemented monthly would be challenging to handle manually. It would take much longer to analyze and execute. Not counting security, one guy using FireFlow is enough to implement requests these days. One member of the network team and one person from security can implement all the requests within our SLAs. I'm unsure how many people we would need to do that manually. It would probably take five times as many people to do the same work. That's not even counting all the security and troubleshooting benefits AlgoSec provides. 

I know AlgoSec can be expensive. I've heard from some of the platform users who worked at other companies that wanted to use AlgoSec, but it wasn't within their budget. Large enterprises can use it if they have a huge network with several devices. It's worth the cost if they spend a lot of time auditing and dealing with security concerns. It pays off in the long run.

You must pay for the basic AlgoSec license and the number of devices onboarded. There are licenses per firewall and network device. I believe you also must pay extra for firewalls with ActiveChange. I don't know the precise figures because I don't work with them, but I think they change. 

I rate AlgoSec a nine out of ten. It makes life easier. Without AlgoSec, you need to deal with one or two layers of extra work, doing tasks manually and logging into devices to run commands. It simplifies a lot of daily work. I've grown accustomed to the ease of use, so it'll be hard to adapt if I get a new job at a place without it. 

The solution is excellent, but you need to customize it for your own purpose. Before I joined this company, the previous administrators worked closely with AlgoSec support to build the platform to their specifications. They were the ones that customized what we needed. After that, everything is straightforward. There are a few tweaks here and there, and everything is good to go. The biggest hurdle is getting started. It's good to work with support. If not, we'll constantly be dealing with modifications, bugs, errors, and stuff that doesn't work. Getting the platform right in the beginning makes it a lot easier.

We have four firewalls and two routers in our environment. We also have a business application. At first, it was very difficult to connect to each firewall individually, see my environment as a whole, and determine where traffic was being blocked and who made changes. AlgoSec provides a solution to all of this in a single platform.

Being able to see where traffic is blocked using traffic simulation provides me with great convenience. Additionally, with FireFlow, I can handle this in a single action instead of taking actions on each firewall individually.

Thanks to Algosec, especially with the FireFlow and AppViz modules, I have managed the regulation compliance I need to adhere to through baseline compliance and checked my compliance with it. Without connecting to my firewalls one by one, I was able to handle all my changes with FireFlow in a single-handed manner according to a specific plan. I was able to clearly see the accesses to the application in my environment and the vulnerabilities of the application. The reports section was very useful in tightening up my policies.

Country-specific regulations should be added when required. Doing this on my own with baseline compliance is quite difficult.

Additionally, I would like AlgoSec to provide suggestions such as "this object includes that object" for my objects on the Check Point firewall. For my Fortigate manager, the support of the active change feature is important to me. 

Lastly, the FireFlow interface could be simplified a bit more. I agree that it is user-friendly, but on the other hand, it can be difficult to organize and find certain things.

I have been using AlgoSec for one year. 

We haven't encountered any interruptions while the product is running. It operates very stably.

We can add devices very quickly whenever we need to, with additional licenses.

I received sufficient and useful responses within a maximum of one day.

Positive

Straightforward. We imported the ova file and that's all, then just clicked add devices.

It has been a very useful and suitable investment for us.

The setup is very easy, and while I can't say anything definitive about the pricing in terms of competition, licensing is also quite straightforward.

We have tried Tuffin.

Our primary use of AlgoSec is to ensure the smooth operation of our network infrastructure. 

We are responsible for device onboarding and offboarding, managing access, and overseeing information security. While AlgoSec offers robust security features, we primarily utilize it for network and firewall management. 

It integrates seamlessly with major vendors like Palo Alto, Check Point, and Cisco, although there may be some limitations with other brands. We employ AlgoSec Firewall Analyzer, FireFlow, and AppViz, all of which are deployed on-premises. On average, we have around 15 daily users, including requesters and direct users from various teams.

AlgoSec has significantly enhanced our troubleshooting capabilities. We can quickly pinpoint the causes of routing issues and conduct traffic simulations to identify potential problems. This has streamlined our analysis processes, which is a major advantage.

Moreover, AlgoSec simplifies the work of our security engineers in two key ways. First, it streamlines the approval process for flow requests, with the security team assessing risk and granting approvals. Second, it facilitates audits by providing effortless access to firewall configurations and permitted traffic data, making compliance checks much smoother.

FireFlow, a component of AlgoSec, has been particularly valuable for us. It serves as a centralized platform for managing firewall rule requests, making it easy to understand and implement these requests efficiently. Additionally, Firewall Analyzer helps us identify missing routing information and check firewall status without the need to access individual devices.

AlgoSec has significantly reduced human errors and misconfigurations, especially during firewall implementation. It provides comprehensive information, minimizing the chances of oversight or omission. While it's not flawless, it typically alerts us when something cannot be implemented, ensuring transparency.

The standout features of AlgoSec include FireFlow, which simplifies firewall rule management, and Firewall Analyzer, which enhances visibility by identifying missing routing and firewall data. AlgoSec's flexibility in defining custom risk metrics and generating reports based on them has been highly beneficial.

AlgoSec's scalability has been excellent for our needs. We've made architectural changes, including incorporating remote agents, and scaling up has been straightforward. The integration with Cisco ACI has been somewhat seamless, although it hasn't added significant functionality to AlgoSec's security features.

We've also found AlgoSec invaluable during cloud migrations. It aids in extracting information from old servers to guide migration technicians on what needs to be opened for new servers.

While AlgoSec offers many advantages, there are some areas for improvement. Certain features, like comments in FireFlow, could be made more customizable. Additionally, some features require a learning curve and may necessitate support from AlgoSec, which can be challenging at times.

While AlgoSec offers many advantages, there are some areas for improvement. Certain features, like comments in FireFlow, could be made more customizable. Additionally, some features require a learning curve and may necessitate support from AlgoSec, which can be challenging at times.

I've used the solution for one year.

We didn't use a different solution.

We did not evaluate other options. 

Our team operates within the support division, assisting customers who primarily utilize AlgoSec through on-premises deployments. They rely on this solution to analyze and manage firewall policies, enhance their security measures, and receive recommendations for optimizing their firewalls.

Specifically, we utilize the AlgoSec Firewall Analyzer component of the solution. Recently, we conducted a proof of concept (POC) of AppViz for a customer who utilizes FireFlow. This POC was successful, and it is likely that some of our other customers may express interest in implementing AppViz within the coming year.

Implementing firewall rules within our organization has been significantly expedited thanks to AlgoSec. 

This product plays a crucial role in preparing us for audits and ensuring firewall compliance. With its assistance, we are able to assess security and firewall rating points, offering valuable advice to our customers regarding the optimization of their firewall and security rules.

One of the key benefits of AlgoSec is its ability to simplify the tasks of our security engineers. By providing essential guidance to administrators responsible for managing firewalls, streamlines their responsibilities and enhances their efficiency in carrying out their duties.

The Firewall Analyzer component of the solution offers remarkable compatibility and proves to be highly valuable and easily manageable.

Our customers have found the Intelligent Policy Tuner to be incredibly helpful, and during the proof of concept (POC), it emerged as a significant selling point for our clients. They expressed great interest in utilizing this feature.

Setting the log options to "extensive" provides us with excellent visibility into our network security policies. This extensive logging enables us to generate detailed reports and receive change notifications, thereby enhancing our overall visibility.

AlgoSec plays a crucial role in providing comprehensive visibility into the risks associated with firewall change requests. This feature proves especially important when presenting security reports to upper management.

The solution's automation capabilities significantly contribute to reducing human error and misconfigurations. If the tool detects a drop in security and firewall policy points, it promptly notifies administrators via email about potential misconfigurations. This proactive approach allows us to promptly address and rectify any issues, ensuring that the security and policy points are restored.

Introducing greater flexibility in editing alerts would be a highly appreciated improvement.

The solution currently faces visibility and compatibility challenges when it comes to Palo Alto firewalls, making it difficult to generate reports. Since the reports heavily rely on logging, the product encounters obstacles with Palo Alto's logging system. Enhancing compatibility with Palo Alto firewall reports is crucial for seamless reporting.

A notable customer demand is the implementation of a user-based policy within AlgoSec. This feature would enable the solution to provide advice on user policy rules while also ensuring compatibility with identity awareness functionalities. Meeting this customer requirement would be highly beneficial.

We primarily use the AlgoSec solution to monitor and interpret the risk status in our firewalls. Seeing the troublesome situations experienced in our firewalls from the same point of view sometimes does not help to solve the problem. However, thanks to AlgoSec, it is of great benefit to observe these risks from a different perspective and to see that they improve in the process. Being able to see and follow these changes makes the work of system administrators and risk analysts much easier.

It is of great benefit to observe the firewall risks from a different perspective and to see that they are improving in the process. When the effects of tightening and improvements are checked regularly, we can better monitor the current risk situation. It is a difficult process to examine the security risks in detail in each of our products and in our firewalls which may be different brands and models. AlgoSec enables us to manage this process in a central way.

AlgoSec can monitor the current status of firewalls. Other vendors mostly focus on working with daily tasks, however, AlgoSec is able to follow the live status and current issues or changes with the help of push technology. It can be easily integrated with different firewall devices (even different brands and models). In this way, it becomes very easy to monitor different risks from a single interface. Thanks to the web-based management screen, it can be easily managed through any end-user operating system.

At the integration point, a manual page could be added to the dashboard where directions about the products are explained in detail. In this way, if the system administrator wants to integrate a new product, they will be able to integrate this product by following these directions, even if they do not have deep knowledge of the product in question. Integrating different products should not require us to have to wait for coordinated work with a product specialist.

I've used the solution for almost four years.

In terms of stability, we have no complaints so far. We didn't face any problems.

This solution works well in mid-size companies. 

Customer service is very good and educated. However, the process to open a ticket sometimes could be harder than necessary since we need to collect some logs from the dashboard and upload them to the related ticket before submitting it.

Positive

I've used the Skybox Security solution as well.

The product offers an almost straightforward setup. It is easy to install and integrate.

I installed the product by myself.

We cannot calculate ROI based on vulnerability or data leak issues.

The cost and licensing are reasonable.

I did not evaluate other options.

We use app flow, Firewall Analyzer, and FireFlow. We use AlgoSec to gain visibility on firewall rules and for gap-cleaning projects to clean up the firewalls. We also use the solution as a firewall assurance tool to stay clean, have an optimized set of firewalls, and then automate firewall rules deployed from start to finish.

We have on-prem data centers and 180 sites all over the world.

Additionally, we use cloud services, infrastructure as a service, platform as a service, and software as a service. The majority of it is standardized on Cisco networking with Fortinet security solutions, except for the data centers, which are Check Point.

The purpose is to gain visibility into firewall rules. We used it to go through a gap-cleaning project to clean up the firewalls. We also use the solution as a firewall assurance tool to stay clean and to have optimized firewall rules. In addition, we use the solution to automate firewall rule deployment from start to finish, so we have a complete change process in FireFlow and can automatically deploy the firewalls on appliances. For that, we also built a connection with BMC Remedy because that's the main tool used for change management.

AlgoSec has improved our organization through a safer firewall rule base and better time-to-market IT services provided to the rest of the organization. Those are the two main improvements. In general, AlgoSec has provided a better security posture.

Customizability is AlgoSec's best feature. You can customize everything and build anything you like, and that's a feature we missed in competitors' solutions.

AlgoSec is not a tool where people with little knowledge of security or IT can find their way around. AlgoSec has a less user-friendly interface compared to competitors, but it is comparatively more customizable. As such, the interface is more on the complex side.

I have been using AlgoSec for four years.

AlgoSec is a stable solution. There are bugs, but those do not affect the system's stability. We have not had any unplanned downtime since we started.

We use the solution 24x7 to record cyber rules, with about 50 changes per week.

The solution is scalable and we have approximately 50 users.

The initial deployment was complex because we were integrating with ITIL systems since we had integrated with BMC Remedy. The integration with Check Point was complex because we were on the wrong version. We had to go through various administrative processes to update Check Point. If AlgoSec was more flexible in the ways one could integrate and the versions one could integrate it with, that would help.

A team of ten people handled the deployment, including testers, and they took approximately three months. The end-to-end deployment took just over two years. We did not migrate from a previous solution.

We have seen a return on investment only with efficiency gains and improved security posture. That might transfer to a monetary value, but we haven't assessed that.

I find the price too expensive. It looks a bit like SAP, so it does have standard functionality out of the box, but you will spend a lot of money if you want to customize it. However, the price is not as extreme as SAP or Oracle, but the actual implementation does turn out to be expensive. 

We finally chose AlgoSec over Skybox for its customizability, the options for integration, and the workflows. Though Skybox was much more user-friendly, it was weaker when it came to integration options and customizability.

In our organization, we work with multiple security vendors, and integrating with leading vendors for the most part is easy, but there are some exceptions. The solution made integration with the majority of devices really easy, but it was really cumbersome with some devices.

The solution has massively reduced human error through automation by about 95%.

As far as multiple environments are concerned, we have a private cloud, which is just a data center hosted by an external party. We have a public cloud, multiple vendors, and multiple regions. We also have decentralized data centers throughout the world.

We're investigating combining the solution with Cisco ACI.

The cost versus the achieved business goals is in balance.

I recommend that new users do a proof-of-concept before choosing AlgoSec. I would rate the solution an eight out of ten.