Try our new research platform with insights from 80,000+ expert users
PeerSpot user
Cyber Security/ Network Intelligence Professional at EliteVAD
Consultant
Download
ALGOSEC - Automate Firewall Security Policy Orchestration

What is most valuable?

  • Granular visibility
  • Risk rules evaluation
  • Saves with manual processes and dependencies

How has it helped my organization?

  • Saves person-hours
  • Security tightening and optimization in minutes
  • Loophole identification which helps with compliance
  • Effective tracking and automation of change management

What needs improvement?

Automated policy push for the Fortinet product family. The Active Change/Automated Policy push feature is already there for all other leading devices such as Cisco, Check Point, Juniper, and Palo Alto, etc.

For how long have I used the solution?

I've used it for two years.

Buyer's Guide
AlgoSec
June 2025
Free Report: AlgoSec Reviews and More
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
DOWNLOAD NOW
857,028 professionals have used our research since 2012.

What was my experience with deployment of the solution?

It's not hard to deploy, and can be run on a virtual environment.

What do I think about the stability of the solution?

It is a robust easy to use platform.

What do I think about the scalability of the solution?

It has highly scalable architecture.

How are customer service and support?

Customer Service:

The customer service team is reliable.

Technical Support:

They have time-zone matched technical/SLA support and local response team available.

How was the initial setup?

It is pretty straightforward and a piece of cake for the network engineers.

What about the implementation team?

Initial implementation is highly recommended to be done through a vendor and/or subject matter expert so you can leverage the best of the features.

What's my experience with pricing, setup cost, and licensing?

AlgoSec is a best of class solution with unique value proposition. Licensing has flexibility perpetual and subscription models, and by identifying your own real needs can achieve savings.

Which other solutions did I evaluate?

As a fair evaluation, other solutions are available in the security policy cleanup area. However, AlgoSec stands apart with a visionary business centric approach – not limiting itself to a mere firewall security cleanup tool. With AlgoSec, we also get an automated security change management/compliance solution. It has the unique and powerful application connectivity auto-discovery and then translates these to firewall rules. This is useful to achieve automation during datacenter migration, etc.

What other advice do I have?

AlgoSec is a business-driven security management solution, a comprehensive and visionary solution which covers what needs to be covered in firewall security visibility, security change management, and application-security connectivity. AlgoSec as a platform fills the gaps between the otherwise disconnected teams - Security, Network and Applications - within an organization.

Disclosure: My company has a business relationship with this vendor other than being a customer: We are value added distributors of the solution and are confident that we have the best choice in helping customers manage security at the speed of business.
Flag as inappropriate
PeerSpot user
PeerSpot user
Technical Consultant at a tech services company with 10,001+ employees
Real User
Download
By leveraging BusinessFlow/FireFlow/ActiveChange we have been able to reduce the time from initial requirements gathering to implementation of complex firewall designs.

What is most valuable?

We were immediately able to leverage the workflow tools in FireFlow with ActiveChange to speed up our deployment of firewall policies.

How has it helped my organization?

By leveraging BusinessFlow/FireFlow/ActiveChange we have been able to reduce the time from initial requirements gathering to implementation of complex firewall designs by approximately 80% without compromising our security posture. 

What needs improvement?

Additional understanding of complex routing in multiple systems.

For how long have I used the solution?

We have had this working in our production environment for about 6 months.

What was my experience with deployment of the solution?

The initial deployment was unsuccessful as the product had not initially support our use of virtual routing instances on Juniper SRX devices however AlgoSec engineering was quick to deploy fixes to allow us to reach our desired outcome. 

What do I think about the stability of the solution?

None.

What do I think about the scalability of the solution?

None.

How is customer service and technical support?

Top notch.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Flag as inappropriate
PeerSpot user
Buyer's Guide
AlgoSec
June 2025
Free Report: AlgoSec Reviews and More
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
DOWNLOAD NOW
857,028 professionals have used our research since 2012.
it_user540387 - PeerSpot reviewer
Information Security Consultant at a tech company with 51-200 employees
Vendor
Download
It detects dangerous rules that affect security. I would like an architecture diagram that combines intelligence from all integrated firewalls.

What is most valuable?

The most valuable features are the risky rules analysis and network diagram representation generated from the firewall perspective.

How has it helped my organization?

It has helped to detect all unauthorized changes made on my firewalls. Also, this product can identify if anyone is creating dangerous rules that can severely affect the security of my organization.

What needs improvement?

One scope of improvement is to create an architecture diagram that combines intelligence from all integrated firewalls.

For how long have I used the solution?

I have used this product for three years.

What do I think about the stability of the solution?

During the early implementation phase, some stability issues were experienced. However, that is somewhat stable now.

What do I think about the scalability of the solution?

We have not encountered any scalability issues yet.

How is customer service and technical support?

I manage the reviews aspect, not maintenance.

How was the initial setup?

We were not part of the implementation team.

Which other solutions did I evaluate?

We evaluated the FireMon solution prior to this product.

What other advice do I have?

Prior planning is required for licensing and appliance handling if the company is looking to introduce new firewalls/security devices. This tool even integrates Cisco products to track changes on core switch or primary routers/VPNs.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Flag as inappropriate
PeerSpot user
PeerSpot user
Security Consultant at Securelink
Consultant
We took advantage of the the system's ability to add intelligence in all stages of a change.

Good and bad experience - A case study of the use of AlgoSec FireFlow.

The Good:

·         Cut turnaround time on firewall rule changes from weeks to days.

·         Improved network visibility via policy discovery, map and traffic simulations.

·         Increased accuracy of firewall changes with improved network security.

·         Highly improved traceability and accountability in the firewall change process.

·         It is easy to customise AlgoSec FireFlow to a quality system.

The Bad:

·         Lots of time was used to build and maintain the topology database (the network map). This is the foundation for the magic to happen.  If the topology is wrong, the path discovery and automatic selection of Firewalls in path / in scope for the change can be incorrect. 

·         A decommissioning feature is missing in FireFlow, separate unused rules can be found and decommissioned via the AlgoSec Analyzer, but the FireFlow product does not have a feature for decommissioning of a complete FireFlow ticket.

·         The system has a so called roll-back feature, but this is implemented very simply just by a restore of the complete configuration. In practice, this feature is not useful. If a FireFlow ticket is implemented, and it is discovered that some of the data in the ticket was  wrong, it is not possible to roll-back the mistakenly implemented firewall rules. The cleanup is a manual task that can be time consuming.

Challenges in this case story:

To reach the goal and have the above highlighted business impact, several challenges were faced during the first year of deployment.

One of the best lessons is that the AlgoSec FireFlow system is only accurate if the network topology is complete and accurate. We would have to spend a lot of time tweaking the network topology to make it accurate.

Another challenge was software bugs. AlgoSec technical assistance center was keen to help fix the software defects, but still it was time consuming at times when software defects were disturbing normal operation.

Results

Firewalls need constantly maintained rule changes and security assessment in order to adapt to the ever changing business and threats. We see our decommissioned business applications, new factories or sites that are build, etc.

This altogether brings a heavy workload on the security department.

Now the firewall maintenance tasks scale with existing staff.

 Firewall rule changes take days and not weeks.

The most significant benefits we achieved were:

·         All firewall rules match exactly the planned action

·         All stages of a change are now accountable in the history/audit trail of the change

·         No time spent on already working change requests

·         Full visibility into the network path of traffic

The intelligence provided by the AlgoSec system, and easy accessible security controls are significant, reducing the time spent in the periodic security assessments carried out.

 in the AlgoSec product:

Over the last couple of years we have had several missing features in the product that prevented us from reaching the full extent of automation from a start. However, most of the missing capabilities are today in the product.

Remaining is a better support for decommissioning of firewall rules and applications. This is high on our wish list.

Challenge

As responsible for the network infrastructure and security on more than 95 firewalls. The network infrastructure and security must follow the same strict regulated quality guidelines as the main business area itself.

The most central aspects of strict regulated quality are:

Traceability: the ability to reconstruct the development history of the products.

Accountability: the ability to resolve who has contributed what to the development and when.

Firewall change management in this environment is time consuming and cumbersome.

Each firewall change took several weeks with high cost. Many firewall rules were build unnecessarily wide due to complexity in network.

Many changes were performed for already working traffic. Human errors in creation of firewall rules put the total security at risk. The validation process was cumbersome and error prone.

Solution

We succeeded in automating the flow in the change process with full traceability and accountability. AlgoSec FireFlow was integrated with the surrounding quality system using the great customisation capabilities, and is now used as the main change management system for all infrastructure changes to Switch, Router and Firewalls in the production network.

We took advantage of the AlgoSec system's ability to add intelligence in all stages of a change.

This raised the accuracy of firewall changes.

Disclosure: My company has a business relationship with this vendor other than being a customer: I have been working as a contractor for the Customer for 2 Years building and using the AlgoSec FireFlow My company originally sold the solution to the Customer, however my role has been operation and maintenance at Customer site each day for the last 2 Years
Flag as inappropriate
PeerSpot user
it_user541044 - PeerSpot reviewer
Works at a tech company with 51-200 employees
Real User
Download
Reduces time and costs of firewall change management, risk mitigation, and compliance audits.

What is most valuable?

  • Intelligent policy tuning helps to reduce risk and improve device performance
  • Traffic simulation query on a specific device

How has it helped my organization?

AlgoSec reduces time and costs of firewall change management, risk mitigation, and compliance audits.

What needs improvement?

AlgoSec should support these features:

  • Expired time should be one of the components of firewall rules, not only source, destination
    For example: Now, in Algosec Fireflow, when creating a change request, there are only 3 component: Source, Destination and Service. I want to have expired date of the traffic
  • Detect duplicate objects in different firewalls
    Now, Algosec can only detect duplicate object within one firewall. I want to detect in different firewalls
    For example: firewall 1 has objet A with IP address 1.1.1.1, firewall 2 has object B with also IP address 1.1.1.1. I want Alogsec to detect this duplication
  • Show IP address of object in a report, query result
    Now, in report, query results, Algosec only displays name of the objects. I want to display IP address of these objects

For how long have I used the solution?

3 years.

What was my experience with deployment of the solution?

No, we haven't encountered any issues.

What do I think about the stability of the solution?

No, AlgoSec is stable.

What do I think about the scalability of the solution?

No, AlgoSec fit our size and is scalable.

How are customer service and technical support?

Customer Service:

Very good.

Technical Support:

Good.

Which solution did I use previously and why did I switch?

No.

How was the initial setup?

The initial setup was simple.

What about the implementation team?

Via a partner, they're very good.

What was our ROI?

We haven't calculated ROI yet, but AlgoSec saves us labor and a lot of time.

Which other solutions did I evaluate?

Tufin, we selected AlgoSec because it provide some useful features that other solution didn't have.

What other advice do I have?

AlgoSec is very helpful for our organization.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Flag as inappropriate
PeerSpot user
it_user541047 - PeerSpot reviewer
Works at a tech company with 51-200 employees
Real User
Download
We like the ​rule optimization and risk analysis. It should support IPS devices.

What is most valuable?

  • Rule optimization
  • Risk analysis

How has it helped my organization?

Saves time and labor cost in optimizing and operating our firewall system.

What needs improvement?

Find duplicate objects in different firewalls.

For how long have I used the solution?

3 years

What was my experience with deployment of the solution?

Mainly with log collection.

What do I think about the stability of the solution?

No issues.

What do I think about the scalability of the solution?

None.

How are customer service and technical support?

Customer Service:

Good.

Technical Support:

Good.

Which solution did I use previously and why did I switch?

No.

How was the initial setup?

Simple to setup.

What about the implementation team?

Via a vendor team. They are good.

What was our ROI?

I don't have the details, but it is effective.

Which other solutions did I evaluate?

No.

What other advice do I have?

It should support IPS devices.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Flag as inappropriate
PeerSpot user
it_user540339 - PeerSpot reviewer
Security Specialist with 1,001-5,000 employees
Vendor
Download
It has improved the way we handle risky rules on firewalls.

What is most valuable?

Policy management.

How has it helped my organization?

It has improved the way we handle risky rules on firewalls.

Security Firewall Policy; Firewall Performance; Firewall Hardening.

What needs improvement?

The Tighten Permissive Rules Function could be better, we need more specific information about source, destination and service on the rule we will handle.

For how long have I used the solution?

About 1 year.

What was my experience with deployment of the solution?

Nope.

What do I think about the stability of the solution?

Nope.

What do I think about the scalability of the solution?

Nope.

How are customer service and technical support?

Customer Service:

They have replied fast to all my concerns.

Technical Support:

Excellent.

Which solution did I use previously and why did I switch?

I used to use Firemon before but switched to AlgoSec because the AlgoSec product and User Interface are more friendly than Firemon.

What about the implementation team?

The AlgoSec vendor in Vietnam is Misoft, I rate them excellent in experience and support.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Flag as inappropriate
PeerSpot user
it_user494103 - PeerSpot reviewer
Information Security Analyst, Team Lead Network Security Assesment at a financial services firm with 1,001-5,000 employees
Vendor
Download
It has helped us manage PCIDSS compliance.

Valuable Features

  • Risk management for the rules
  • Policy optimization suggestions

AlgoSec allows me to understand the inside of the firewall and brings simplicity to very complex firewall setups.

Improvements to My Organization

It has helped us manage PCIDSS compliance and also improved the overall network security.

Room for Improvement

The product has several compliance checks built in for PCIDSS, ISO, SOX, etc., and also a baseline security policy. It would be nice to allow customers to build their own policy, based on the customer’s own customization and business needs.

Use of Solution

I have used it for four years.

Deployment Issues

The application is easy to deploy in an hour and can be done via a user guide.

Customer Service and Technical Support

Support needs are rare. I only require support around twice a year. Upgrades are easily done by the user but when support is required, it is great.

Initial Setup

Initial setup is easy because it is a virtual appliance with its own OS.

Implementation Team

I have expertise in implementation and prefer to do it myself rather than invoke the support contract. I believe it helps me stay knowledgeable and besides, AlgoSec implementation is a breeze.

Pricing, Setup Cost and Licensing

The license is perpetual but support is periodic.

Other Solutions Considered

I tried the ManageEngine firewall analyzer. AlgoSec has a superior firewall policy optimization algorithm.

Other Advice

It’s a good buy for simplifying large networks.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Flag as inappropriate
PeerSpot user
it_user3396 - PeerSpot reviewer
it_user3396Team Lead at Tata Consultancy Services
Top 5Real User
Report as inappropriate

Cool review

Like(0)Reply
Buyer's Guide
Download our free AlgoSec Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2025
DOWNLOAD NOW
Buyer's Guide
Download our free AlgoSec Report and get advice and tips from experienced pros sharing their opinions.
Buyer's Guide
AlgoSec
June 2025
DOWNLOAD NOW
Quick Links
Learn More: Questions: