AlgoSec Reviews

AlgoSec enables organizations to have end-to-end visibility and control over application connectivity across complex hybrid IT environments spanning data centers, cloud, containers, and legacy systems. This allows organizations to automate analysis of how applications interconnect and depend on each other as well as the underlying infrastructure. 

When new applications are deployed, or existing ones are migrated, AlgoSec can rapidly determine the minimal policy changes required to maintain security and compliance.

While AlgoSec already provides substantial capabilities around managing security policies and compliance, there is an opportunity to further enhance its intelligence to take a more proactive security posture. Specifically, AlgoSec could look to incorporate advanced machine learning techniques to analyze network traffic, application logs, and user behavior to detect anomalies and identify emerging threats. 

Going beyond just mapping the authorized connectivity, AlgoSec could leverage unsupervised ML clustering algorithms and deep learning models to find high-risk anomalies and subtle attacks.

It allows organizations to identify risks, reduce attack surfaces, and streamline policy changes required to deploy or migrate applications safely and quickly. 

With ever-changing infrastructure and threats, keeping security policies optimized is extremely challenging. AlgoSec's continuous monitoring capabilities allow organizations to maintain proper controls and compliance coverage as the application landscape evolves. No longer are security changes made blindly. 

AlgoSec gives organizations the visibility and intelligence needed to make application connectivity changes confidently while managing risk and compliance. Having all these capabilities seamlessly integrated into one platform makes AlgoSec a powerful tool for digital transformation initiatives involving constant application change.

While AlgoSec provides comprehensive visibility and management of security policies across hybrid environments, there is an opportunity to further expand its intelligence capabilities. 

Specifically, AlgoSec could look to incorporate more machine learning to analyze network traffic patterns and application behavior to detect anomalies indicative of emerging threats and policy violations. Going beyond just mapping connections, it can automatically flag high-risk flows and unusual events for further investigation.

I've been using the solution for more than a year.

We've used Cisco Tetration in the past.

The price is not the lowest, however, it is reasonable and offers good ROI.

We also evaluated Tufin.

We hope, in the future, to have more flexible pricing plans.

We primarily use the AlgoSec solution to monitor and interpret the risk status in our firewalls. Seeing the troublesome situations experienced in our firewalls from the same point of view sometimes does not help to solve the problem. However, thanks to AlgoSec, it is of great benefit to observe these risks from a different perspective and to see that they improve in the process. Being able to see and follow these changes makes the work of system administrators and risk analysts much easier.

It is of great benefit to observe the firewall risks from a different perspective and to see that they are improving in the process. When the effects of tightening and improvements are checked regularly, we can better monitor the current risk situation. It is a difficult process to examine the security risks in detail in each of our products and in our firewalls which may be different brands and models. AlgoSec enables us to manage this process in a central way.

AlgoSec can monitor the current status of firewalls. Other vendors mostly focus on working with daily tasks, however, AlgoSec is able to follow the live status and current issues or changes with the help of push technology. It can be easily integrated with different firewall devices (even different brands and models). In this way, it becomes very easy to monitor different risks from a single interface. Thanks to the web-based management screen, it can be easily managed through any end-user operating system.

At the integration point, a manual page could be added to the dashboard where directions about the products are explained in detail. In this way, if the system administrator wants to integrate a new product, they will be able to integrate this product by following these directions, even if they do not have deep knowledge of the product in question. Integrating different products should not require us to have to wait for coordinated work with a product specialist.

I've used the solution for almost four years.

In terms of stability, we have no complaints so far. We didn't face any problems.

This solution works well in mid-size companies. 

Customer service is very good and educated. However, the process to open a ticket sometimes could be harder than necessary since we need to collect some logs from the dashboard and upload them to the related ticket before submitting it.

Positive

I've used the Skybox Security solution as well.

The product offers an almost straightforward setup. It is easy to install and integrate.

I installed the product by myself.

We cannot calculate ROI based on vulnerability or data leak issues.

The cost and licensing are reasonable.

I did not evaluate other options.

The most common use cases include:

• Performing audits on an annual basis with the help of information security
• Remediating risky rules by trusting them or remediating them at the firewall level
• Unused rules and disabled rules are addressed on a regular basis
• All firewall changes are monitored through AlgoSec with the help of change notifications
• Improving compliance and risk management and connections revolving around the network Layer 3
• Locating objects and addressing any issues on a much quicker basis

We were able to improve the security ratings of our firewalls. It helped us with annual audits, change notifications, rule assessments, and visibility in general.

It improved compliance and risk management and connections revolving around the network Layer 3.

We can get all the firewall-related data with a single click and effectively work on synchronizing with all the firewall gateways including the management server.

It helps us with firewall audits on an annual basis with the help of information security.

We remediate risky rules by trusting them or remediating them at the firewall level.

We address the unused rules and disabled rules on a regular basis.

All firewall changes are monitored through AlgoSec with the help of change notifications.

It improved compliance and risk management and connections revolving around the network Layer 3.

It helps locate objects and address any issues on a much quicker basis.

RFEs are kept open for too long. We had requested a couple of features, including the ability to trust implicit rules, and IPT doesn't run on IPSEC-enabled firewalls (Cisco to be specific). We had reported these issues for over four years now and still we do not see any resolution.

There is no visibility for the changes made to the NAT rule policies.

Adding objects or object groups on the firewall also do not generate a change notification.

There is no visibility for changes made to the secondary standby firewall if the firewalls are added as a cluster.

I've used the solution for more than five years.

We did not previously use a different solution.

We did not evaluate other options. 

We use it for planning firewall changes and traffic simulation queries.

We use AFA (AlgoSec Firewall Analyzer) and FireFlow. Our network environment is mostly on-premises.

It has improved the way our organization functions in that, for our change process, we now require all changes to be planned using AlgoSec so that the security team has visibility into the changes and we're aware of any risks. We also are using the covered rules and risky-rule detection to improve our security posture.

We haven't fully implemented the processes, so we haven't measured any reduction in human error as a result of using the solution, but subjectively, it has reduced human error.

It has also helped to simplify the jobs of our security engineers.

The most valuable features for us are the functionality it provides for our two main use cases: planning firewall changes and traffic simulation queries.

We haven't used it yet to prepare for audits and ensure our firewalls are in compliance, but I think it will be very helpful for that. That's one of the main reasons we bought it.

We are using it with a couple of Cisco technologies and we're also sending events out to our Microsoft Sentinel workspace. We have a couple of other security technologies in there as well. AlgoSec integrates well with the Cisco ACI environment and with our Firepowers, our FTDs. There are still some bugs but it generally works well.

The overall visibility it gives us into our network security policies is pretty good but it has some bugs and shortcomings. It doesn't support all features on our firewalls. For instance, planning changes, which include net rules, doesn't work. It didn't integrate so well with the ACI network. It doesn't work with all firewall rules or with net rules on our firewalls.

For about 70 percent of firewall changes it does show us the risks, while for 30 percent of the changes, we can't plan because of these bugs and shortcomings.

I have been using AlgoSec for about a year.

The stability is good.

We've had no problems in terms of scalability.

I'm sure we will continue to add firewalls to it and we want to do more with the FireFlow.

Their technical support is good but it can be slow.

Neutral

The initial setup was straightforward.

We have about 10 engineers using it, and just one person who looks after it, maintenance-wise.

We used their personal services to help us set it up. We had an onboarding package. It wasn't me doing the configuration but it seemed straightforward with their support.

Our experience with them was good overall. We had some frustrations and surprises in the early days with the product not being completely compatible with our environment. But over the last year, they've been fixing the bugs which is making it much more usable. When we started, it had a lot of problems with our environment. We were only able to plan something like 40 percent of the changes, and the traffic simulations weren't working with our network environment. But now, we're up to close to 70 percent.

It took about nine months before it was properly integrated and enough of the bugs had been fixed for it to be helpful.

We are not measuring the effort saved or the errors avoided, but we think it's a good investment.

Initially, it was more expensive, but we managed to negotiate the price. It's about average now.

In addition to the standard fees, we bought the Jumpstart package to help us configure it.

We looked into Tufin. We chose AlgoSec because of its support for Cisco ACI. Tufin was just releasing that and we felt that AlgoSec was a more mature product.

At the moment, it hasn't reduced the time it takes to implement firewall rules in our organization. It's being used to improve the quality of the changes we make and improve visibility. But we haven't fully implemented the FireFlow features. That's our problem, rather than the tool. We just haven't finished implementing it.

We're only using AlgoSec for on-premises, but we do have environments in the cloud and we plan to use it for those in the future. It would help us manage these multiple environments in a single pane of glass, but for the moment we aren't using it in that way. However, we do have a number of firewalls that we have onboarded from acquisitions, so we are not just using it for our data centers. We're using it for smaller acquisitions' firewalls as well to understand the security posture of companies that we are purchasing.

My advice would be to make sure that the solution is completely compatible with whatever infrastructure you have. We should have spent more time evaluating its support for our infrastructure to avoid some of the problems or surprises we had when we implemented it.

We use Firewall Analyzer from AlgoSec. We are mainly using AlgoSec Firewall Analyzer for auditing and analyzing firewall configurations. We have added different vendors inside AlgoSec for analysis. We have added Palo Alto firewalls, Fortinet firewalls, and Cisco firewalls. We are using all of these in our network.

There's an option to collect logs and send them to AlgoSec, but we are not using this option. We have other solutions for this purpose. We have Darktrace, IBM QRadar, etc.

In terms of our network environment, for the on-prem network, we have different security zones. For the data center, we have different DMZs for internal applications. We have different networks in different locations connected to our corporate network. About 90% of our applications are on-prem, and we only have the websites on the cloud.

It's helpful for auditing firewall configuration. If there is any mistake on the configuration side, it helps us to fix it. If there is a complication or there are unused security policies, it suggests removing or double-checking them. It's a good product. It's stable and gives us accurate results.

We have a network with more than 10,000 users. We have a lot of security devices for finance, remote sites, and corporate. AlgoSec is helping us to review and do auditing of the security device configuration. It's helping us to audit and review the configuration for any mistakes for firewalls, web application firewalls, proxies, etc.

When we add a security device, such as a firewall, it analyzes the configuration files for the firewall and gives us a brief of everything, such as security policies, routings, and objects. It lets us know if there is any mistake in the configuration, which is helpful for us. It gives us good visibility of what we have inside our security devices. For example, one of the firewalls that we have has more than 500 security policies. With manual auditing, we cannot analyze or review such a huge configuration. So, we are using AlgoSec Firewall Analyzer for this purpose, and it has saved more than 70% of our time.

It reduces human errors and misconfigurations. It lets us know if there haven't been any traffic hits for a policy for a long time. We can then review the configuration to see why there are no new hits for this. We are reviewing all of this every six months. It makes our work easier. It simplifies the job of security engineers.

Being able to analyze the environment and audit firewall configuration is most valuable. We are working here in the oil sector, and it's a critical environment. Every six months we have auditors coming from the main office and doing auditing for security. We are using AlgoSec Analyzer to help us to do the audit before the auditors come to our office and do the auditing of our security devices. So, it's helping us to do good work and analyze all security devices, including firewalls.

My only concern is related to how they count the number of licenses. We have active and standby devices. If someone adds the standby device by mistake and does an analysis, it consumes two licenses. They need to improve the way they are counting the number of licenses because someone can do analysis on a standby device by mistake. We need a way to fix or solve this issue.

I noticed that some of the oil companies in Kuwait have started to use AlgoSec Analyzer. I see AlgoSec solutions in Kuwait. AlgoSec needs to have sales engineers here. They should have presales or sales consultants so that they can offer solutions to companies in Kuwait.

We have been using AlgoSec for more than four years.

It's a stable solution.

It's scalable. We have 10,000 users accessing services and the internet. We only have two users who are accessing and working with AlgoSec. They are security engineers.

They are cooperative. If we face any issues, we just send an email or open a case through the portal. We can contact them directly. We don't face any issues with their support. I would rate them a 10 out of 10.

Positive

I have not used other tools. We know AlgoSec is a leader in this industry. We haven't faced any issues in the last four years while using the AlgoSec solution. We haven't done any research on other solutions because we haven't faced any issues with AlgoSec.

It's very easy to do the initial setup. It's not a big issue. In about two days, you can configure your device, activate the license, and add security devices. If you have an admin account, you can allow AlgoSec Analyzer to access security devices. 

Its management is not a big issue. Only one person can maintain it.

We have seen an ROI. That's why we got this solution. We knew how we would use it and what would be its benefits. We have seen about 60% or 70% ROI.

We purchase licenses based on the number of security devices in our network.

When I have active and standby firewalls, if I do an analysis of the active firewall and by mistake, I also do an analysis of the secondary or standby firewall, it'll consume two licenses from the total number of licenses I have. So, I need to change the license and make the active firewall secondary. They need to improve how they are counting the number of licenses. We have discussed this with the consultation team of AlgoSec.

I would rate it a 9 out of 10. It's a good product. It's working fine without any issues. We don't face any issues. Our only concern is how they are counting the total number of licenses.

With AlgoSec, I hope to achieve network visibility, application connectivity, and so on, which is the way it was designed.

I am hoping AlgoSec will help solve specific problems by clearing and speeding up change management while providing needed network visibility and simplifying management.

AppViz stands out to me, and I think all of the features are interesting; AppViz is a really cool thing.

My experience with using the best features AlgoSec offers is minimal, but I am most excited to try AppViz.

Based on my initial impressions, I think there's room for improvement, but I haven't encountered anything that stood out as confusing or challenging.

I have not been using AlgoSec for very long.

My experience with customer support has been perfect.

I would rate the customer support a 10.

Positive

I previously used Skybox before considering AlgoSec, but I decided to switch because Skybox ended.

I evaluated other options before choosing AlgoSec, but I don't know the names of them.

My advice for others looking into using AlgoSec is that it's great, so do it.

I choose to rate AlgoSec 10 out of 10 because it is the best solution for our use case.

I was indeed offered a gift card or incentive for this review.

I have no additional thoughts about AlgoSec before we wrap up.

We have four firewalls and two routers in our environment. We also have a business application. At first, it was very difficult to connect to each firewall individually, see my environment as a whole, and determine where traffic was being blocked and who made changes. AlgoSec provides a solution to all of this in a single platform.

Being able to see where traffic is blocked using traffic simulation provides me with great convenience. Additionally, with FireFlow, I can handle this in a single action instead of taking actions on each firewall individually.

Thanks to Algosec, especially with the FireFlow and AppViz modules, I have managed the regulation compliance I need to adhere to through baseline compliance and checked my compliance with it. Without connecting to my firewalls one by one, I was able to handle all my changes with FireFlow in a single-handed manner according to a specific plan. I was able to clearly see the accesses to the application in my environment and the vulnerabilities of the application. The reports section was very useful in tightening up my policies.

Country-specific regulations should be added when required. Doing this on my own with baseline compliance is quite difficult.

Additionally, I would like AlgoSec to provide suggestions such as "this object includes that object" for my objects on the Check Point firewall. For my Fortigate manager, the support of the active change feature is important to me. 

Lastly, the FireFlow interface could be simplified a bit more. I agree that it is user-friendly, but on the other hand, it can be difficult to organize and find certain things.

I have been using AlgoSec for one year. 

We haven't encountered any interruptions while the product is running. It operates very stably.

We can add devices very quickly whenever we need to, with additional licenses.

I received sufficient and useful responses within a maximum of one day.

Positive

Straightforward. We imported the ova file and that's all, then just clicked add devices.

It has been a very useful and suitable investment for us.

The setup is very easy, and while I can't say anything definitive about the pricing in terms of competition, licensing is also quite straightforward.

We have tried Tuffin.

Our primary use of AlgoSec is to ensure the smooth operation of our network infrastructure. 

We are responsible for device onboarding and offboarding, managing access, and overseeing information security. While AlgoSec offers robust security features, we primarily utilize it for network and firewall management. 

It integrates seamlessly with major vendors like Palo Alto, Check Point, and Cisco, although there may be some limitations with other brands. We employ AlgoSec Firewall Analyzer, FireFlow, and AppViz, all of which are deployed on-premises. On average, we have around 15 daily users, including requesters and direct users from various teams.

AlgoSec has significantly enhanced our troubleshooting capabilities. We can quickly pinpoint the causes of routing issues and conduct traffic simulations to identify potential problems. This has streamlined our analysis processes, which is a major advantage.

Moreover, AlgoSec simplifies the work of our security engineers in two key ways. First, it streamlines the approval process for flow requests, with the security team assessing risk and granting approvals. Second, it facilitates audits by providing effortless access to firewall configurations and permitted traffic data, making compliance checks much smoother.

FireFlow, a component of AlgoSec, has been particularly valuable for us. It serves as a centralized platform for managing firewall rule requests, making it easy to understand and implement these requests efficiently. Additionally, Firewall Analyzer helps us identify missing routing information and check firewall status without the need to access individual devices.

AlgoSec has significantly reduced human errors and misconfigurations, especially during firewall implementation. It provides comprehensive information, minimizing the chances of oversight or omission. While it's not flawless, it typically alerts us when something cannot be implemented, ensuring transparency.

The standout features of AlgoSec include FireFlow, which simplifies firewall rule management, and Firewall Analyzer, which enhances visibility by identifying missing routing and firewall data. AlgoSec's flexibility in defining custom risk metrics and generating reports based on them has been highly beneficial.

AlgoSec's scalability has been excellent for our needs. We've made architectural changes, including incorporating remote agents, and scaling up has been straightforward. The integration with Cisco ACI has been somewhat seamless, although it hasn't added significant functionality to AlgoSec's security features.

We've also found AlgoSec invaluable during cloud migrations. It aids in extracting information from old servers to guide migration technicians on what needs to be opened for new servers.

While AlgoSec offers many advantages, there are some areas for improvement. Certain features, like comments in FireFlow, could be made more customizable. Additionally, some features require a learning curve and may necessitate support from AlgoSec, which can be challenging at times.

While AlgoSec offers many advantages, there are some areas for improvement. Certain features, like comments in FireFlow, could be made more customizable. Additionally, some features require a learning curve and may necessitate support from AlgoSec, which can be challenging at times.

I've used the solution for one year.

We didn't use a different solution.

We did not evaluate other options.