IT Central Station is now PeerSpot: Here's why
ChristopherWalsh - PeerSpot reviewer
Vice President Head of Information Security at CorpBanca
Video Review
Real User
Top 20
Gives us the ability to dig down into details and work at a level above the skills that we already have
Pros and Cons
  • "The most valuable is helping us determine where our rules are too permissive. Based on previous human review of our rules, they are very cursory. We know why we do something, but we don't get into the details of whether the rule is nice and tight. What Firewall Analyzer lets us do is understand the risks presented by our rules. The tool does a calculation of all the traffic that could be allowed and we can match that to whether it should be allowed."
  • "We are using AlgoSec directly against our Cisco Firepower. At first, AlgoSec didn't work with Firepower. It didn't know how to read the logs. So, improvement has been made. Now, the feature that was available on the older generation firewall is available on the current one, but this is a problem which has already been dealt with."

What is our primary use case?

Our primary purpose right now is Firewall AlgoSec Analyzer so we can ensure that our rules are nice and tight. We also use the configuration report to make sure that the firewall configuration is nice and tight. 

We are starting to use modeling. AlgoSec Firewall Analyzer enables us to input details about what we would like to do to see what firewall changes would be required, if any. Also, if we are having problems with getting an application running across the network, then we can use that to establish what firewall rules might be giving us problems.

As a small branch office focused on wholesale banking, we have a very flat network that we are trying to improve upon. Over the course of last year, everything has been flat and accessible. Now, we are breaking into VLAN segmentation. That is where Firewall Analyzer will really come into good use, because it will help us to limit the traffic to only what is necessary. 

We have some cloud. Our core banking is with a different organization, which is in the cloud. We also have a couple of other treasury cloud applications in the cloud. However, a fair amount of our network is within our data center and office. So, we have a hybrid model.

How has it helped my organization?

We are very simple. The benefit of AlgoSec Firewall Analyzer right now is to give us skills that we don't already have with our people. Also, when we get into our periodic reviews, AlgoSec enables us to do it without adding additional staff. Something that we are not able to do because that is controlled in the Chilean head office. So, we need to make the best use of the best tools to secure our environment with a minimal number of people.

AlgoSec reduced the time it takes to implement firewall rules in our organization. Before, our firewall rule review was always done manually. When we installed the appliance and ran the report, we quickly found half a dozen areas where we were more exposed than we needed to be. The manual process used to go on for weeks. The AlgoSec process right now, as we develop and become better with it, takes only a matter of two or three days. We can have a good solid review, then we can get into very specific details about any rule or configuration with the objective of ensuring least privilege. Only the things that are needed to support business activities are allowed.

We are a regulated industry: financial services. We are obliged to at least annually review our firewall rules for risk. Are they too permissive? Are they not needed? Because we have this tool, we can now do that once a quarter. Before, we only did it once a year. 

We are a small branch of a much larger organization in Latin America. The rules that were set up allow free flow of information back and forth, i.e., network connections. Right now, with ransomware being what it is, we are starting to review those rules because they are too permissive. Another way that AlgoSec is helping us, internally, is working with our head office to make sure that they are treated with least privilege. Something that is not normal. Something that didn't happen, "Just because."

I have been with this organization for about two years. All the wide-openness of the network communications was just a bad event waiting to happen. AlgoSec Firewall Analyzer has given us the great ability to dig down into the details and work at a level above the skills that we already have, making sure that we are in a process. It started months ago and will continue for seven more months. That network traffic in and out of our perimeter is the least that it should be.

We work with multiple security vendors. For just IT alone, we have three primary vendors and a couple others that pitch in when needed. AlgoSec Firewall Analyzer helps us to make sure that we allow only what they need and that we keep them to the internal assets. They are external third-parties. We have high assurance that they are only able to access network assets that are part of the contract. Another vendor manages our firewall. The reason we have them do it is because we don't have the expertise amongst our people. So, the addition of the AlgoSec Firewall Analyzer enables us to have the intelligence of what is good and what is less than good. Thus, we can help keep that third-party on the rails, that they are doing good things for us, and we have the evidence to prove it.

We are getting into using AlgoSec to implement and manage micro-segmentation initiatives. One of our audit concerns was the flat network, and we started to work based on what we already know to create a test segment. However, AlgoSec is helping us to validate the traffic that will be allowed into that new segment, restricted to only that which we need. No sense in creating an isolated network if bad things can still flow back and forth between test and production. So, AlgoSec is a tool that is helping us make sure that we have all the isolation that we need. But, because of the syslog counters, we can also tell over time whether we did a good job in the first place and whether the remaining rules that we configured to be nice and tight are still needed for business purposes.

What is most valuable?

The most valuable is helping us determine where our rules are too permissive. Based on previous human review of our rules, they are very cursory. We know why we do something, but we don't get into the details of whether the rule is nice and tight. What Firewall Analyzer lets us do is understand the risks presented by our rules. The tool does a calculation of all the traffic that could be allowed and we can match that to whether it should be allowed. Another thing that we have recently started to do, but only about 100 days ago, is collect syslog events from the firewall that now tell us whether the rules that might be well-configured are actually being used by people or traffic. Our next step will be to start eliminating well-formed rules that just aren't needed.

The overall visibility that AlgoSec gives me into our network security policies is perfect. We think about separation of duties. As the information security officer, I shouldn't be logging into the firewall and playing around. What AlgoSec does is give me the ability to see everything about the firewall: its rules, configurations, and usage patterns. It gives me all the visibility that I need to make sure that we are doing what we should do to keep it tight. There is no perimeter anymore. We have to be very careful what we are letting in and out, and Firewall Analyzer helps us to do that.

Another very useful feature of the AlgoSec Firewall Analyzer is it will alert us to changes in firewall rules and configuration. So, we have a third-party who manages our firewall. AlgoSec gives us notification, if they go in and make changes either to the configuration or rules, so we can keep track and make sure that only authorized changes are occurring.

What needs improvement?

We are using AlgoSec directly against our Cisco Firepower. At first, AlgoSec didn't work with Firepower. It didn't know how to read the logs. So, improvement has been made. Now, the feature that was available on the older generation firewall is available on the current one, but this is a problem which has already been dealt with.

For how long have I used the solution?

I became familiar with AlgoSec Firewall Analyzer way back in 2004. I was trying to do some independent consulting, and part of that is a good firewall review. So, I started to look for tools. That is when I had my first discussion with AlgoSec. Since then, I have used it a couple at different organizations, including the one where I work now. It has been quite helpful with making sure that our firewall configuration is all that it should be.

What do I think about the stability of the solution?

It is set and forget. I don't have a lot of Linux or Unix experience, at least not in the last 20 years. So, that has been removed from me. The appliance comes and we connect to the command line. Anything I need to do is menu-driven. So, it is easily maintained by people whose skill set changed from hands-on to management quite awhile ago.

What do I think about the scalability of the solution?

Scalability is not something that I have had to concern myself with right now.

Currently, we have five people who use it to either tune the rules or find out answers to questions about the network and flows.

How are customer service and support?

We have a customer success manager, Matt, who is terrific, very responsive, and always there for us when we need it, providing quick answers. This also applies to the support desk if we raise a ticket. I did have a problem after we installed the A32 version, where I was getting some errors in the email. The engineers got into the code and found some code that needed to be corrected. I don't remember exactly what the problem was, but it took less than two hours to find and correct it. So, the support has been superb.

Which solution did I use previously and why did I switch?

At this bank, it replaced the manual solution, where if you were not a Tier 3 Network Engineer, then you were probably not going to be able to get into the details and nuances of any of the rules and configurations. So, they get glossed over. The firewall review done manually is more of a sanity check. "Do we need the rule at all?" is really the question that gets asked, not whether the rule is done correctly to support privilege and least access.

How was the initial setup?

The setup was quite easy. 

if I were to take out the fits and starts that were our responsibility, the installation was less than four hours. Then, the upgrade was done because we went from version A30 to A32. That took about an hour and a half. It was very simple and straightforward. Now, when I need to do regular releases, i.e., patches, I can do them myself. It is menu-driven. It's pretty easy.

What about the implementation team?

AlgoSec's support was there for us. We worked with them. They did all the heavy-lifting. It was easy to schedule as well as very flexible, as we got our act together. Organization is important. 

One staff member would have been sufficient for deployment and upgrades, but I made sure that our IT staff population representation was there so they understood the tool, where it was going, and how it would be used. However, it easily could have been done with only one person on our end.

What was our ROI?

In the end, I did a calculation. When I think about the number of people, when we did the manual way, who had to be involved, and how long did it go? Did we risk being out of compliance with regulations? There is a big cost to that. It is cheaper operationally to work with AlgoSec than to try to do this manually.

AlgoSec has absolutely helped to simplify the job of our security engineers. It gives us a level of expertise that we didn't have within our own staff. AlgoSec showed us that what our staff could do wasn't good enough. So, it is a force multiplier. It enables us to have the expertise that we don't have, but it also gives us the cycles, e.g., the actual ability to extract the rules, evaluate them, and then assemble them into a form that we can present to auditors and regulators, if needed. This greatly helps us. As a tool that has so many features, there are certainly more that we can grow into, but the ones that we are using right now have been of a substantial value to us. This is even being commented by our auditors from one review period into another.

The staff enjoy it. There is always that dynamic between security and IT. IT has projects to do and serve the business. Security isn't quite seen in that same light. So, they enjoy it because they don't have to spend the time to go through the rules, trying to reverse-engineer what is going on, and it takes care of a lot of the documentation for them. It keeps them in the zone that they are used to working with the correspondence that belongs to the rule, allowing them to understand the details. This has helped us understand ourselves better, how we operate on the network layer, and saved us the time of actually doing the rules. So, we are much better with our compliance, audits, and regulatory requirements, but we are also better in our security. Two things that an ISO always has to be concerned with - compliance and actual security. This tool acts like another person on staff, increasing our ability to be very fine-tuned on rules. We will be using it for a while to come.

What's my experience with pricing, setup cost, and licensing?

I am a fan of AlgoSec for its pricing. As a small branch, getting any amount of money, is very difficult. Less than a thousand dollars, that will take some effort for two reasons:

  1. Asking for money.
  2. It wasn't in the budget. 

The price came in where we really didn't even need to have much of a discussion. That was very good. There are also options regarding what you want to pay for. It wasn't really pushed on me that I have to get all of it or else I can't be an AlgoSec customer. 

There are training and support levels that come in beyond the product itself, and we did subscribe to the training. We also have the support. The pricing has been very approachable, and that is why we have it here.

Which other solutions did I evaluate?

I have looked at other options along the way, like Skybox. AlgoSec came to the market before the alternatives did. When I become aware of it and something is good, I stick with it. Why change? 

I went to the Gartner page and looked at who the competitors were. I looked at customer reviews and things like that. However, because I have had such a good experience with AlgoSec Firewall Analyzer, I continue to use it. I have found no reason to go with any of the other alternatives.

Our local policy is that I have to be able to compare at least three products when I go to management to ask for money. I did exactly that. I took three alternatives and brought them to our management team. I explained the whys and wherefores for why I was promoting AlgoSec. Now, we have it here in our environment.

What other advice do I have?

I would recommend, "Do it," in regards to implementing AlgoSec. I wouldn't have been with it since 2004 if it wasn't among the best tools. I have tools in vulnerability scanning and SIEM/SOC as well as tools for authentication. There are a lot of tools. As a security guy, I have been doing this since 1997. When you find a product that delivers, you stick with it, and AlgoSec is that type of product.

I have been so pleased with the tool. It sounds cliché, but I haven't gotten to a point yet where the tool hasn't provided for me. This is why I always come back to it. For an organization as small as ours, it gives us a tool that is affordable, easy to implement, and the expertise that we were lacking.

When I need it, it is there. If I have a question about an endpoint or protocol, I am trying to resolve audit points about what ports are listening and why, or I have to figure out how to isolate something more than it already is, AlgoSec is the tool that I go to first to get information and answer some of these questions. In most cases, all the details and rules are all right there. It has been great.

I have seen the capability for AlgoSec to enable us to manage multiple or dispersed environments in a single pane of glass. Because I am such a supporter and have seen the value that AlgoSec can bring to more than one organization, I invited the CSO office in Chile to attend a work session with us so they can start to see everything that AlgoSec might do for them. I knew that it was on their task list, and they have a need to get into the same area. The potential is there that our head office will begin to use the tool, having seen how it has been helping us in just our local office. They need it more because they do have a broader array of firewalls, connections, and things like that. So, I'm looking forward to that.

I know for a fact we are not getting all the value out of the appliance that we can. I know for a fact we are getting more value out of the appliance than we intended when we licensed it. Those are good things. The visualization of our network is helping me. There are diagrams that can be drilled into which help me. When you are small, going over to IT all the time and asking questions isn't always the best thing. It is disruptive. Then, I have to worry whether I got the right answer or not. AlgoSec removes those things. I see what is happening and I know that it is based on the facts. There are five of us using it. I am sure that we use it every week, probably not every day to answer questions, and we are running monthly reports, which are automated, so we have a good history. So, we have the opportunity at any point to identify problems and resolve them.

What we have learned from using AlgoSec Firewall Analyzer: We didn't understand our risk with our firewall. It is good that we relied on a credible third-party, but what we saw was rules could be better configured. These are our protection to the outside world between the bad world outside and inside, between our head office and us. I worked for a Wall Street firm, and we didn't trust anybody. It is a big deal now with zero trust. This tool will help us to get there, dialing things down.

For the AlgoSec experience (the company, product, support, and people), I want to give it 10 (out of 10). Nobody trusts that, but they have been very good to me. The boss who didn't like spending money is very happy with the results. I brought it back to him and showed him what we have been able to do past our manual efforts, and it resonates with him. It makes sense to him. He reads the paper. He sees how quickly ransomware can spread across a network. One of the things that we can do to help protect against that is make sure that we have good segmentation and only the endpoints which really need to talk to each other are allowed to do so.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Client Manager - TE Services at NTT Security
Real User
Top 20
Good for managing firewall rules, offers extended support, and great for policy optimization
Pros and Cons
  • "Reporting helps us with deliverables, areas of focus for improvement, and much more."
  • "There could be certain improvements such as supporting secure email."

What is our primary use case?

We have a large setup of multi-vendor firewalls with large in numbers of policies and rules. Handling rules and policy visibility manually are very difficult for clients multi platform firewalls. AlgoSec AFA has eased day-to-day operation, firewalls rules optimization, clean-up for unused policies and reporting, and visibility on policy and rules. All of this improves the firewall performance.

AlgoSec FireFlow workflow change tracking in environment makes it easy to have a central repository also multiple stakeholder approved change management.   

How has it helped my organization?

The AFA workflow has helped us to manage firewall rules implementation using multiple stakeholders' approval with an end-to-end lifecycle of change management and tracking. 

Reporting helps us with deliverables, areas of focus for improvement, and much more. Algosec AFA is useful for policy optimization and clean-up and can measure capacity management. 

AFA provides greatly extended support for firewall rule review for risky rules, optimization, and clean-up for unused rules. 

Firewall rule automation for implementation also makes support easy for support firewall administrators.

What is most valuable?

AlgoSec currently has two useful features: AFA and AFF. 

The AFA workflow helped us to manage firewall rules implementation using multiple stakeholders' approval with an end-to-end lifecycle of change management and tracking. 

Algosec AFA is useful for policy optimization, cleanup, and measuring capacity management. 

AFA provides greatly extended support for firewall rule review for risky rules, optimization, and clean-up for unused rules. Firewall rule automation for implementation also makes support easy for support firewall administrators.

What needs improvement?

There could be certain improvements such as supporting secure email. We have some cases where the client SMTP /POP email system is discarded, which is very important factor change notifications.

Fireflow workflow rule/change implementation for time-based rules is not currently supported. 

These improvements in upcoming code will definitely help with end-to-end firewall rule implementation. 

NAT rule implementations were in the roadmap. We are expecting this soon. 

Certain optimization of AFA/AFF SMS resources would ease daily operations.

Buyer's Guide
AlgoSec
August 2022
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: August 2022.
620,987 professionals have used our research since 2012.

For how long have I used the solution?

I've used the solution for four years.

What do I think about the stability of the solution?

While stability is good, further improvement is needed.

What do I think about the scalability of the solution?

The scalability is good.

How are customer service and support?

Technical support is good.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did not use a different solution previously.

How was the initial setup?

Some changes in setup are ongoing as we are growing.

What about the implementation team?

I am a vendor partner of AlgoSec.

What's my experience with pricing, setup cost, and licensing?

The licensing is commendable.

Which other solutions did I evaluate?

We evaluated a few other options before positioning this solution. 

What other advice do I have?

The solution could use improved support.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Ilya_Kondratyev - PeerSpot reviewer
Deputy Information Security Department Director at AMT Group
Real User
Flexible, improves firewall efficiency, and highly customizable
Pros and Cons
  • "AlgoSec ASMS brings a holistic view of network firewall policy and automates firewall security management in very large-sized environments."
  • "The initial setup can be complex for beginners."

What is our primary use case?

Many of our customers have big networks with several different vendors of telecom and firewall equipment. This means that network management overhead is significant and manual firewall rule modification is slow and error-prone.

Many firewalls have a bunch of redundant and often unused rules and that decrease overall network performance. The AlgoSec ASMS solution gives customers a very powerful tool for taking control over their firewall policies and to speed up their network security operations and incident response.

How has it helped my organization?

AlgoSec ASMS brings a holistic view of network firewall policy and automates firewall security management in very large-sized environments. Additionally, it speeds up the changes in firewall rules with a vendor-agnostic approach. As a result, the security and accuracy of firewall rules are increased.

Another very helpful feature of the AlgoSec ASMS solution is the ability to automate the mapping between applications and IT systems traffic requirements, and firewall rule base in couple with security risks analysis and compliance.

What is most valuable?

The AlgoSec solution consists of several modules and each of them improves the environment in a specific area. The Firewall analyzer produces a holistic view of the network topology with knowledge of firewall policies, security risks, and compliance.

The Fireflow module automates the change management process and is tightly integrated with the Firewall Analyzer to achieve compliance with minimal exposure.

The AppViz module allows for mapping applications and IT systems, their traffic with vulnerabilities, and firewall rules and policies.

What needs improvement?

The initial setup can be complex for beginners.

For how long have I used the solution?

We started to offer AlgoSec ASMS solution to our Customers in 2015.

What do I think about the scalability of the solution?

Scalability is good if you choose the right sizing of hardware and design.

Which solution did I use previously and why did I switch?

We have had several projects with other firewall management solutions, and our customers choose AlgoSec because it's very flexible.

How was the initial setup?

The setup is easy when you know what to do. The solution has many options to customize and tune.

What about the implementation team?

Our company engineers implemented the solution.

Which other solutions did I evaluate?

We have evaluated Tufin and Skybox.

What other advice do I have?

For many customers in Russia, the support of local firewall and network vendors' equipment is very important and they will be happy to get that from AlgoSec.

In Russia, there are several common firewall and VPN solutions that are widly deployed over the country. Sometimes, the use of these products is required by regulation, whereas other times, customers prefer using Russian devices to lower foreign vendor dependency risks. It also ensures that no foreign sanctions will break their network and security operations.

Having the support of these devices is very important for our customers.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: My Company is a System Integrator with broad and deep experince in netwroking and security areas, We are in partnership with Algosec and have successfuly implemented several projects for our Customers with Algosec products.
PeerSpot user
Buyer's Guide
AlgoSec
August 2022
Learn what your peers think about AlgoSec. Get advice and tips from experienced pros sharing their opinions. Updated: August 2022.
620,987 professionals have used our research since 2012.
Stephen L. - PeerSpot reviewer
Project Engineer at a tech vendor with 51-200 employees
User
Great risk reduction and policy optimization capabilities with the ability to streamline communications
Pros and Cons
  • "Proactively assess the impact of network changes to ensure security and continuous compliance."
  • "The FireFlow's out-of-the-box workflow configuration/customization wizard could be improved to be more user-friendly and have a shorter learning curve."

What is our primary use case?

My main use case is as a firewall analyzer module where it can be further broken down as follow: 

1) Network topology visualization: visualizes a network traffic path during troubleshooting

2) Policy optimization: uses optimization and clean-up recommendations to perform annual housekeeping of the firewall

3) PCI DSS compliance: follow the out-of-the-box checklist to prepare for a PCI DSS audit

4) Risk reduction: uses the recommendation of the risky rules to address all the critical and high-risk rules

5) Monitor changes:  monitor for firewall-config changes in real-time via email alerts

How has it helped my organization?

The solution has improved our organization in multiple ways. We can:

  • Easily understand and provision application connectivity to accelerate application delivery and minimize outages
  • Process firewall changes 4x faster, and eliminate misconfigurations and rework
  • Proactively assess the impact of network changes to ensure security and continuous compliance
  • Simplify and automate internal and regulatory firewall audits, and reduce time and costs
  • Streamline communication across the application, network and security teams
  • Deliver a tighter security policy that provides better protection against cyber-attacks

What is most valuable?

The product is great for:

1) Network topology visualization: reduces network troubleshooting effort which contributes to quickly restoring network or application outage.

2) Policy optimization: reduce/consolidate the number of rules created prior to the existence of AlgoSec Firewall Analyzer in order to free up hundreds of rule capacity before reaching the max rule limit of the firewall.

3) PCI DSS compliance: helps to highlight the area which firewall admin need to take note and address in a streamlined and structured manner.

4) Risk reduction: helps to quickly identify the risk that exists in existing rules and provide useful recommendations that help the firewall admin to remediate with ease.

5) Monitor changes: helps firewall admin to comply with security requirements of providing real-time security alert whenever a change is made, with detailed info on what was the value before and after.

What needs improvement?

The FireFlow's out-of-the-box workflow configuration/customization wizard could be improved to be more user-friendly and have a shorter learning curve. The current configuration wizard is quite complex and complicated, which will result in the need to engage with an AlgoSec professional services team to perform even the simplest workflow adjustment.

I had tried AlgoSec's direct competitor's workflow configuration wizard and found it to suit most organization requirements even though the customization capability may not be as advanced as AlgoSec.

For how long have I used the solution?

I've used the solution for six years. 

How was the initial setup?

The setup is fairly straightforward.

Which other solutions did I evaluate?

We did also consider Tufin.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Value-added reseller
Flag as inappropriate
PeerSpot user
Network Engineer at a tech services company with 1,001-5,000 employees
Real User
It has worked very well for our compliance needs
Pros and Cons
  • "The solution provides us with full visibility into the risk involved in firewall change requests. This is very important for us because we are regulated according to the FDA. It shows us which changes have been made and why. So, it has worked very well for our compliance needs."
  • "I would rate the support as six or seven out of 10."

What is our primary use case?

We use FireFlow, AppViz, and AppChange. We use them mainly to visualize our firewalls.

We have three data centers, but we are also providing the public cloud as well.

How has it helped my organization?

We implemented it to get a better, clearer view. It has supported us very well.

The solution provides us with full visibility into the risk involved in firewall change requests. This is very important for us because we are regulated according to the FDA. It shows us which changes have been made and why. So, it has worked very well for our compliance needs.

AlgoSec is a tool that really supports our work in compliance and our customers' requirements, fulfilling their FDA requirements.

Our security has been stronger due to AlgoSec. We don't have human errors.

What is most valuable?

The most valuable feature is its ease of use.

It provides a very good, clear view. I really love the product. 

Overall, it gives a better overview of our firewalls. This is a tool that we cannot live without because it is easy to view and maintain.

For how long have I used the solution?

I have been using this solution for four years.

What do I think about the stability of the solution?

Overall, the stability is good. It supports our work. We are happy and our customers are happy.

What do I think about the scalability of the solution?

It has very good scalability.

How are customer service and support?

The technical support is fast and very good. I would rate the support as six or seven out of 10.

How would you rate customer service and support?

Neutral

What was our ROI?

We have seen ROI on time. AlgoSec has reduced the time it takes to implement firewall rules in our organization. It used to take around an hour, and we can now implement them in 20 minutes.

It is a good investment due to the losses that a customer will have if they are not aligning with the FDA. That would be in the millions, so it is a good investment from our side and the customer's side.

What's my experience with pricing, setup cost, and licensing?

Quality has a price. 

Which other solutions did I evaluate?

We have tried other vendors. This is the best solution that we came up with due to our requirements and demands.

What other advice do I have?

It is good for integrating with leading security vendors.

I would rate the solution as eight out of 10. If you have requirements with very strict alignment for firewall rule processes, then I would really recommend this product.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Frederico Da Costa - PeerSpot reviewer
IT Operations Coordinator at Sicredi
Real User
Reduces the time needed to implement rule changes and integrates well with multiple vendors' products
Pros and Cons
  • "It also provides very good visibility into the risk involved in firewall change requests and that is very important to us."

    What is our primary use case?

    We use AlgoSec AFA (AlgoSec Firewall Analyzer). We use the solution to configure the firewall rules automatically. 

    We have two data centers where we use Check Point and Palo Alto and about 30 percent of our operation is on AWS and about another 30 percent is on Azure.

    How has it helped my organization?

    Before AlgoSec, an analyst had to configure the rules one by one but now, when rules are needed, they are configured automatically.

    Another benefit is that it has reduced the time it takes to implement firewall rules. That's why we bought it. We used to have two or three people just configuring rules and now we only have one. It has saved us two FTEs. I'm also completing requests faster. Before, I used to take three, four, or even five days to do one request, but now it's half a day or less.

    It helps us maintain compliance very well because everything is automated, meaning that everything should be right. When there are humans doing things, there can be mistakes.

    Another reason we chose AlgoSec was that it integrates well with multiple solutions. We have Check Point and Palo Alto, and it's better using AlgoSec to automate things.

    What is most valuable?

    Rule configuration is the most valuable feature.

    It also provides very good visibility into the risk involved in firewall change requests and that is very important to us.

    For how long have I used the solution?

    I've been using AlsoSec for about a year or a little bit more.

    What do I think about the stability of the solution?

    The stability of the solution is good. I never have problems with it.

    How are customer service and support?

    Their tech support is okay.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    This is our first automation solution. We went with AlgoSec after asking partners and other companies and everybody said, "Use AlgoSec."

    How was the initial setup?

    Deploying it is easy. We spent some time on it because, in the beginning, we didn't have a lot of guys to work on AlgoSec. But when we designated one guy to do it, it took him about two weeks or three weeks.

    What was our ROI?

    It's worth the cost. But it's not just the cost. I'm faster than I was and that's what matters to me.

    What's my experience with pricing, setup cost, and licensing?

    The pricing could be better.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    L3 Security Engineer at NTT Security
    Real User
    Great policy optimization, makes management easier, and offers good reporting
    Pros and Cons
    • "AlgoSec Firewall Analyser improves the firewall rules dramatically by identifying rules and objects that are not needed and consolidates rules and rule re-ordering."
    • "The risky rules reporting should have more information available in the risky rules report - especially when you export the data into a .CSV format. .CSV format being a text-based visualization, some information and formatting cause the reports to lose meaning and only become just another character in the file since it cannot port over some properties (like severity represented by colors)."

    What is our primary use case?

    I am part of the team providing managed security solutions and we have a number of clients that have a lot of network and security devices in their environment.

    We use AlgoSec primarily to provide solutions to our clients in terms of how we can help tighten their security and optimize network performance.

    AlgoSec Firewall Analyser makes this easily possible and with the help of AlgoSec's readily available reports, we are able to provide to all our clients the security and compliance report.

    How has it helped my organization?

    Before AlgoSec, our firewall rules got pretty big over time and it came to the point where it was barely manageable. Duplicate rules and objects were everywhere and there was nothing we could do about it. Performing a manual clean-up was a nightmare and near to impossible.

    AlgoSec Firewall Analyser improves the firewall rules dramatically by identifying rules and objects that are not needed and consolidates rules and rule re-ordering.

    It also helped our team to optimize performance and further secure the network by identifying risky rules.

    What is most valuable?

    I always find the policy optimization by identifying duplicate objects, shadowed rules, and unused objects pretty useful. By eliminating all these duplicate objects, unused rules, and unused objects, firewalls and other security devices will use fewer resources to process certain tasks/requests.

    This will benefit both the security engineer managing the security devices and the client as they will spend less time in dealing with optimization and therefore can focus more on other important matters.

    What needs improvement?

    AlgoSec firewall analyzer is already an awesome product but there are still some areas that definitely need improving.

    For instance, the risky rules reporting should have more information available in the risky rules report - especially when you export the data into a .CSV format. .CSV format being a text-based visualization, some information and formatting cause the reports to lose meaning and only become just another character in the file since it cannot port over some properties (like severity represented by colors).

    For how long have I used the solution?

    I've used the solution for more than ten years.

    Which solution did I use previously and why did I switch?

    We did not use a different solution previously.

    What's my experience with pricing, setup cost, and licensing?

    The setup is pretty easy and the cost is really worth it.

    Which other solutions did I evaluate?

    We did not evaluate other options. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Business Development Manager at Vibs
    User
    Detects malicious activity, has great audit reports, and provides monitoring via a single console
    Pros and Cons
    • "Detection of malicious activities and malware is much better than other options."
    • "The blacklisting and whitelisting of IP addresses should be improved. There are many false positives."

    What is our primary use case?

    One of our customers was using basic firewalls and the VPN, however, much of the policies were not applied - hence there were a lot of loopholes and hence a lot of spam and malicious activities were going on in their organization. Employees were able to use blocked sites, IT managers were not able to address the issue on their own. 

    The client replaced existing solutions with AlgoSec. AlgoSec has given better visibility and better performance. IT managers who [reviously could not find loopholes were able to address them. 

    How has it helped my organization?

    Detection of loopholes and pinpointing troubleshooting areas were the key value additions that AlgoSec has provided. Its response time is fast. 

    Detection of malicious activities and malware is much better than other options. 

    Previously, the company was dependent on third-party solutions for audit reports. AlgoSec now provides an instant audit report. 

    It has improved the management of all the firewalls (which are both cloud and on-prem) via a single console. The integration with the routers and other IT products is seamless.

    What is most valuable?

    The most valuable aspect of the product is the automatic application connectivity. The second best feature would be detection and response and analysis of the data. Applying security policies over the network is easy. AlgoSec instantly provides audit reports which is a most useful feature in this organization. 

    Integration of the next-gen firewall, cloud firewall, routers, and load balancers is seamless and a very useful feature.

    The solution offers unified and risks analytics reports features. 

    AlgoSec helps IT managers automate firewall management across all hybrid environments.

    What needs improvement?

    The blacklisting and whitelisting of IP addresses should be improved. There are many false positives.

    The cloud migration process should be more streamlined for my customer-facing issues.

    The price should be less. The customers who have just started using the AlgoSec firewall management tool, as of now, have not faced any major issues apart from some small debugging. 

    Improvement can be done in many areas. For example, it would be great if AlgoSec could integrate with an endpoint solution and directly integrate with firewall and endpoint solutions to bring much more visibility.  

    Disclosure: My company has a business relationship with this vendor other than being a customer: We are System Integrator
    Flag as inappropriate
    PeerSpot user
    Technical Architect at a manufacturing company with 10,001+ employees
    Real User
    Top 20
    Provides valuable security ratings and security rules analysis

    What is our primary use case?

    We use AlgoSec to integrate firewalls. I'm a senior network security engineer and we are customers of AlgoSec.

    What is most valuable?

    Security ratings and security rules analysis are two valuable features. In general, it's a very good and stable solution. 

    What needs improvement?

    I believe the customization of dashboards should be simplified and more user-friendly. Customization inside the domain level needs to be improved.

    What do I think about the stability of the solution?

    The solution is stable although there are occasionally issues with patches, but they are generally resolved quickly. The solution is extensively and regularly used for compliance reports. 

    What do I think about the scalability of the solution?

    The solution is scalable. We have close to 30 firewall admins.

    How are customer service and support?

    The technical support is good. The only drawback is that the product is not very user-friendly and it's too expensive to contact support each time we have a problem. 

    How was the initial setup?

    The initial setup was carried out using professional support and the company was happy with the integrator. We moved our ticketing up to AlgoSec using FireFlow. I wasn't around but I think it took some time.

    What's my experience with pricing, setup cost, and licensing?

    The license was initially renewed every three years but it's now done on an annual basis. I'm not aware of any additional costs. 

    What other advice do I have?

    I rate this solution eight out of 10. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Download our free AlgoSec Report and get advice and tips from experienced pros sharing their opinions.
    Updated: August 2022
    Buyer's Guide
    Download our free AlgoSec Report and get advice and tips from experienced pros sharing their opinions.