AlgoSec Reviews

We help deploy solutions to customers around Africa and Nigeria. We deploy it, then we also provide local support to our customers. We do PoCs, deploy solutions, and provide support whenever we have the opportunity to provide solutions which solve problems of one or two customers.

Most of our clients just want to stick with AFA. Most times, we just work around AFA and do a lot of things with it. We are quite conversant with AFA's portfolio.

AlgoSec provides our customers with full visibility into the risk involved in firewall change requests. Most of our customers are in the financial industry. AlgoSec can analyze existing policies that you have set up on your devices, gauging the risk. For example, with PCI requirements, there needs to be a description for each firewall rule change as to why it was made. Therefore, if a change was made by one of our clients, who was unable to put a description or comment against that rule, then automatically I would need to flag that.

ActiveChange integrates with your change workflow and ticketing system. For example, a change request is made to open port 8080. Then, if the guy who was supposed to implement that change mistakenly opened port 80, then ActiveChange will say, "What was approved was 8080, but what you actually opened was 80." That actually helps to fix human errors. It helps to check everything that is being done. You can go through the analysis and see changes that were made, and AlgoSec is able to alert you immediately. Whenever there is a change, notifications are sent to the administrators because it gives you that real-time alerting and change. 

The most valuable features are:

• Compliance reporting
• Their immediate support team
• Maps: You can trace the traffic and what firewall is blocking what connections, services, and websites.
  

You don't need to be tech-oriented to work with AlgoSec.

One of the beautiful things about AlgoSec is that it gives you templates. There are quite a number of compliance templates, depending on the industry that you are in. For example:

• The ISO number system
• The information security - ISMS management system
• PCI DSS
• FISMA Compliance. 

For our clients, they especially have to maintain ISMS and PCI DSS, as these are the two compliance regulations that they have to maintain. You can run analysis or reporting based on the templates. Within minutes, you get into the report, can see your compliance status, and what exactly you need to fix. You can clearly see what parts of the requirements you are not meeting and where you are falling short within standards. It is very clear and visible. We can customize all of this with the reporting, however the client wants it. This is one of the critical parts for most of our clients.

In late December or early January, we were trying to add another solution, but it wasn't working because there was no support for the version that we were running at that point. After they released the hotfix, that took care of this issue. That particular device was then supported. So, it has been very stable and working fine since then.

I have been using it for about three years now.

The stability is excellent.

There have been some recent updates and hotfixes that have been released. These have taken care of a number of things, which include support for some particular firewalls.

The scalability is good. We have had to scale for some of our clients who have about 10 firewalls or 10 network devices, and they wanted to have more. All we had to do was acquire more licenses, then we just scaled. It is quite seamless.

I have worked with AlgoSec for about three years. Before COVID-19 struck, the technical support used to be 10 of 10. You would make a support call, someone would join you on a session, and you would get help almost instantly. Since COVID-19, a number of the technical support team members have been working from home or remotely. So, we haven't gotten to support people right when we need them. Sometimes, it takes a couple of hours or even days for us to get that instant support that we used to get. I think they are working on it. The last time that I had a support session with them, which was about two months back, I saw some relative improvements.

We have been using the OVA file on a virtual box. Once we slam it on the VM, it is quite straightforward. Once you are done with that, then you define the IPs.

We have had quite a number of our prospective clients have come to us, and say, "Hey guys, we want AlgoSec," but one of their turn-offs has been the pricing. I would like it if AlgoSec would review their pricing and come down on it. The solution is quite amazing and versatile, so we would really appreciate it if the pricing could be reviewed for Nigeria because we definitely would get more sales if that happened. 

In Nigeria, quite a number of industries have been hit hard by COVID-19 and we are not a high income generating country, so a lot of people want to cut costs. When it comes to the security, companies would rather settle for less and take a step back because of the cost. They might even put infrastructures off. However, if the pricing is reasonable and affordable for people in this part of the world, then our company will definitely see more sales.

AlgoSec is 10 out of 10 compared to FireMon. Compared to any other solution that does firewall analysis and policy management, AlgoSec deserves 10 out 10 because of:

• Its simplicity: Virtually everything about AlgoSec is straightforward.
• Versatility, as far as the reporting and alerting.
• Support, which is quite amazing.

If you are looking for a tool that will provide you clear visibility into all the changes in your network and help people prepare well with compliance, then AlgoSec is the tool for you. Don't think twice - AlgoSec is the tool for any company that wants clear analysis into their network and policy management.

Anybody can use AlgoSec once they take all the training.

Compared with other tools on the market, the solution is 10 out of 10.

I have been implementing AlgoSec for different end customers. None of the environments are on the cloud, they're on-premise applications. Some of them have been planned, but a majority of them are for virtual instances. I have implemented four or five end-customers and also supported them with AlgoSec.

I deploy and maintain AlgoSec for customers for test purposes. I use it before doing anything on the customer's premises. For testing purposes, I have used it in my own environment also, but the majority of the time I'm using it in the customers' environment.

I have integrated AlgoSec with Check Point, Palo Alto, some older Cisco versions like WSN, Fortinet firewalls, and Cisco ASA.

The features that I like are the monitoring and the alerts. It provides real-time monitoring, or at least close to real-time. I think that is important. I like its way of organizing, also. It is pretty clear. I also like their reporting structure - the way we can use AlgoSec to clear a rule base, like covering and hiding rules. For example, if the customer is concerned about different standards, like ISO or PZI levels, we can all do the same compliance from AlgoSec. We can even track the change monitoring and mitigate their risks with it. You can customize the workflows based on their environment. I find those features interesting in AlgoSec.

The visibility is pretty clear from top to bottom, even interconnected maps and zones.

We can always customize the standard risk profiles. But even within the standard one, before doing any changes, when you go with the flow, they always inform you. Before implementing the change, you get the visibility there. You get the visibility with risks.

This is important because the places that I have worked have different departments for risk handling. So whenever we go through the flows before implementing, that part goes through the risk department and gets their approval first. With AlgoSec you get to know the risk profile before implementing the change. That way you get to know the risks that you are taking with that particular change. So it's important.

It has helped to reduce the time that it takes to implement firewall rules. In some places where I work, they fill a form and send it to a particular manager. For example, if an end-user fills it and he sends it to his manager, then it gets his approval and he sends it to the risk department, and gets their approval, and sends it back to the person who implements. There's a chain that takes a longer period of time and even their paper costs. That gets reduced when they use a workflow from AlgoSec. They always get automatic notifications when the change moves on to the next level so they know exactly which stage the change is in.

It is helping to reduce those policy changes by more than 50%.

You can face audits in two ways. You can either do it from AlgoSec. I have used it like that for periodic audits. You can always plan it. Either you can go from one of your rules, clean up your rule base and improve the standards of your risks and all the other areas in the AlgoSec reports. Or else, you can go for a PCR level report and you can prepare it stage-by-stage and commit up to a certain standard. I have used both methods. You can also do reports for the particular changes and check how much your environment is improved after you follow the report and do the particular change that they suggest. For example, reordering or combining your rules or removing some of the unused objects. Then you can run a report and see how much it gets improved. So in terms of auditing, which they can run every six or eight months, or once in a year, you can always turn on your audit before it comes to that level. You can always prepare for your audit by scheduling reports.

It's pretty easy when it comes to integrating with the leading vendors. If you want to integrate, they have proper documentation. Their documentation is very good. I have to give them credit for that. You can always follow it. Integrations are pretty easy and much easier than with some of the similar competitive products that I have used. I don't want to mention names, but AlgoSec is much easier because of their proper documentation. For example, when you are integrating a particular device or application, you know the things that you need to do because they have the proper documentation before doing it. It takes less time to integrate compared to some of the other products in the field.

I have come up with two cases of misconfigurations in some rules. One of them is with change requests when you have a single object and you just have to amend it to the particular rule but not to other specific rules. The other thing is what rule it's covering. It's not a misconfiguration, actually, and you can amend it. I have come up with some situations like that. Before coming back to my stage, it is always clear from the other risks and level of approval. So I did come up with that kind of a scenario but it's not actually a misconfiguration.

AlgoSec has helped to simplify the job of security engineers because you can always monitor your risks and know that your particular configurations are up-to-date, so it reduces the effort of the security engineers. You can always get top to bottom. For example, if you talk about the rule base of a particular firewall and access to some particular things, you can always get a clean one with the required security. So rather than going here and there, they can always use this tool to do the automation and their decision-making.

I haven't yet configured with Cisco ACI, but in the next one and a half months, I'll be integrating it with an ACI structure.

I expect the value of bringing AlgoSec and ACI together will be good. It'll be like an extension. If you integrate AlgoSec, it's not like a single point. If you connect it with the ACI fabric it will be challenging. I haven't really experienced it in full, because I am still in the designing phase and I haven't done the full implementation, but I feel like it'll be interesting and challenging. Since I have not experienced it or yet done the implementation combining these two, I cannot fully say how it will be. It's a question mark. But I'm expecting it to be a little bit challenging because the visibility differs.

AlgoSec needs improvement with its support level.

I know that they have 3D architecture like SMB and enterprise on top of that. Some people consider this as a noncritical device. But because it's not as critical as a firewall, some people think that the support level does not need to be equal to a firewall level of support. But if some people are monitoring and managing firewalls through AlgoSec, the level of support should be equal to a firewall level. It shouldn't be dragging over two or three days. I know that they have three levels of support, but at the very first level, I believe you should be able to directly contact the tech and get a solution as soon as possible.

The only problem I have with AlgoSec is just its level of support, not with the product. Not with the organization or the documentation or anything else, but if I need any additional support, the only problem is the time it takes to get it.

I've been using AlgoSec for two and a half to almost three years now.

I use AlgoSec Firewall Analyzer and FireFlow.

It is generally stable. As I mentioned, the only problem the customers are worried about is the technical response time from AlgoSec. If you have to contact tech support the project will get delayed. The customers are comparing it because, for example, in their environment they have Palo or Check Point, and their support levels are much higher. With them, when you open a ticket, after a few minutes you can check and get the opinion from the tech or check if an engineer is available. If it's a critical issue, you can always talk to him within hours and fix the issue. So they always compare that level to AlgoSec's support level. That's the only issue that we have to explain to them. The customer's opinion is this is a non-critical device because this is not a firewall. But we manage firewalls so that kind of level of support should be given.

In terms of scalability, the maximum that I have tried with AlgoSec is six clusters. Its scalability is good. The way that we can work with it is good because with every device you can see everything on the same dashboard. If you want to check the monitoring, you can always select the device to see. You can check the status by clicking the device. It's the same structure. The scalability is good but I have only worked with a maximum of six clusters so I can't tell you exactly when it comes to a high number of hours, if it is good or bad, but for the six that I have worked with, it's good.

We do have plans to increase usage of AlgoSec. I have explained to some of the customers about the application integrations, the visibilities, and the rule-based optimizations by using this feature. In terms of features, I am expecting that they'll amend that component to their environment. Since we are a system integrating company, when we propose a solution for a particular customer, we always propose to do firewalls. Therefore, we always add AlgoSec. When we are proposing it, we always submit AlgoSec automatically.

I did not find the initial set up very complex. It's advanced, but not complex. Their documentation for implementation is very good.

It really depends on the customer. Some places, when you go for a POC or a deployment, we can always plan and tell them that if they are integrating these kinds of things, these are the levels of provisions that we need. These are the things that they need to do from their end. 

The POC for some customers goes three or four days because of their delays. But with some customers it goes fairly quickly, like a day and a half or two days. For one customer it took five days because they had a procedure where you have to fill a form and send it before creating your user for AlgoSec when it's with the firewall integrations. Because of that, it took a little bit longer. So depending on that I give it three to five maximum days to integrate four or five clusters. It really shouldn't have taken that long to do the work. Then you need to contact different teams to get the support. It all causes delays.

In terms of implementation strategy, I'm always looking at what their components are. I always have to go with the Firewall Analyzer components and to check what type of devices  they are willing to integrate for this particular unit. I check if it is a Check Point cluster, or the Palo cluster, or a Forti cluster, and what the additional features are that they are looking for. Based on that, I complete the Firewall Analyzer unit as soon as I can. Since I have worked with the product, I have similar use cases. What are the things that we can use to demonstrate for firewall change flow? I'm always asking for input from them. What are the things that you need for base level policy changes, etc...?

In terms of actually deploying AlgoSec, most of the time it's me only. But I have to contact the other end. There is always a direct contact person and a support team when it comes for integrating the firewalls. 

When it comes to maintaining AlgoSec, we have another colleague also. They can always give the support.

I have seen improvements of ROI at companies. Although customers might have a department, they recruit new people to use AlgoSec reports to analyze their risk, monitor the alerts, and check their daily tasks. I have seen new implementaton by a banking customer who obviously see the value.

I'm on the technical side so I don't have a clear picture about pricing and licensing. But as far as I know, if a customer asks for a 24/7 support, the pricing level is much higher, relative to normal 8 - 5 support.

Recently, we proposed AlgoSec and there were other companies who proposed other solutions. During the technical discussions, I was the one who did the demonstration, and we were able to say that whatever features they are looking for, we can always provide it with AlgoSec. When they finally released the tenders we were in the top three options and the second place for technical. The only problem was the pricing with AlgoSec.

The other company gave much a lower price. We couldn't match the AlgoSec price level to that particular vendor. I think the company and customer were really impressed with our presentation and demonstration that we gave. They even told us if we can reduce our pricing by a certain level, they can take us because they are impressed with our product, but the pricing won't do. But when we tried to AlgoSec to reduce the cost so we can get this deal they couldn't match it to that level. Unfortunately, we lost the customer.

It was not a one day effort that we put into submitting these documents, to comply to their requirements, and do a demonstration. They were convinced to take this product, but because of the pricing issue we lost it. We all got disappointed about the support level.

I find AlgoSec more organized than some of the other products. With some other products, you have to go here and there to check it, but with AlgoSec it's more organized. But, I find some of the other products more customizable than AlgoSec. It takes a little bit of time to do the customization, for example, if you need to change or add some special level of approval or if you need to add three different levels of approvals for a particular workflow. To do that, sometimes you have to contact AlgoSec's regional support. But with other products that I know, it's just a matter of adding a particular character to the workflow. In some cases I have found other products that are useful, but in terms of organization, I find AlgoSec easier and more manageable than some of the other products.

I have learned so many lessons here. A secure environment is your main asset. When you have a secure environment you can always run your business smoothly, do your changes smoothly, and do your daily tasks smoothly. A secure and safe environment is the key to a successful IT business. That's the main point that I've learned from this.

If you're implementing, I always recommend AlgoSec and to check whether it can cater to their needs. Most of the time, it is capable. It's capable of handling your requirements most of the time.

On a scale of one to ten, I would give AlgoSec a seven.

This is taking into consideration the support and everything else. Any talks about AlgoSec and you need to consider their support level.

We are not personally using AlgoSec in our organization. We consult with the customer, as to why they have to buy such a solution like Firewall Analyzer. We are a distributor for the Indian market. We guide the customer to why they have to buy this kind of solution, what are the business requirements, etc. 

I have done PoCs and demos on the product.

The solution allows multi-vendor firewalls to have a centralized solution where they can analyze all the rules, duplicates rules, etc. Also, it helps them understand if a change can be automated.

We consult with big customers who have multiple locations. In every location, they have various firewalls available. With AlgoSec as our product, it has really helped with our operational tasks and activities.

If you go through that compliance report, it will give you whether your firewall is in compliance or not. It will also give you a recommendation whether you need to change it. The compliance has helped us with customers, e.g., internal audit from the quality team and external auditors.

AlgoSec integrates with multiple security vendors. It captures the rules, policies and authentication required.

It is pretty simple to use. Resources are readily available.

Firewall Analyzer and FireFlow are very helpful for IT guys, especially for multi-vendor firewalls.

We get a lot of visibility from Firewall Analyzer. It is definitely helpful to see the details of duplicate rules on the firewall. It can define the connectivity and routing.

The solution provides us with full visibility into the risk involved in firewall change requests. This is always required. For example, if you are implementing one rule for network A to network B, but you don't have that visibility in terms of network when you have multiple firewalls, then you have to deploy the rule on every firewall. However, if you have FireFlow, then FireFlow will automatically deploy this rule where it is needed.

I would like more documents and support for the cloud firewall.

We have been using it for one year. I am level 2 certified. I am familiar with AFA (Algosec Firewall Analyzer), FireFlow, and CloudFlow. I have done the online training for AppViz and AppChange.

It has been good. I have not seen any issues.

One to two people are enough for deployment and maintenance. 

The scalability is good.

The technical support is good because it is already available in India as well as the R&D. Whenever I need help, they take my call. I don't have complaints in respect to the AlgoSec support.

I also have experience with Tufin.

It is straightforward and easy to deploy. Two to three days was enough time to complete the configuration along with the device integrations.

For implementation, I always follow these steps:

1. Understand the customer's infrastructure, e.g., what are the customer expectations and primary pain points?
2. Deployment architecture
3. Hardware requirements and prerequisites
4. Port prerequisites
5. initial configuration and setup
6. Onboard devices with default configuration
7. Monitor devices for seven days, then apply the recommendation based on the AFA solution.

For the migration, it is really helpful because we all capture all their policies. We can clean up things with Firewall Analyzer. When doing a migration, we take a backup and that is really helpful for the migration process.

It has reduced the time it takes to implement firewall rules in hundreds of our customers' organizations. Without FireFlow and Firewall Analyzer, you would need one to two hours to deploy the firewall change request rule because you need to identify where to position that rule. It definitely reduces the time by half.

The pricing is good. Though, I would like if pricing could better support small businesses.

We use Cisco ACI with Check Point , FortiGate, and Palo Alto.

This technology gives us total control of our stuff, validation, and clean up of everything that we need.

If you are doing migration from on-prem to cloud, then there is definitely a very quick process and helpful process for that migration.

I would rate this product as an eight and a half out of 10.

Many of our customers have big networks with several different vendors of telecom and firewall equipment. This means that network management overhead is significant and manual firewall rule modification is slow and error-prone.

Many firewalls have a bunch of redundant and often unused rules and that decrease overall network performance. The AlgoSec ASMS solution gives customers a very powerful tool for taking control over their firewall policies and to speed up their network security operations and incident response.

AlgoSec ASMS brings a holistic view of network firewall policy and automates firewall security management in very large-sized environments. Additionally, it speeds up the changes in firewall rules with a vendor-agnostic approach. As a result, the security and accuracy of firewall rules are increased.

Another very helpful feature of the AlgoSec ASMS solution is the ability to automate the mapping between applications and IT systems traffic requirements, and firewall rule base in couple with security risks analysis and compliance.

The AlgoSec solution consists of several modules and each of them improves the environment in a specific area. The Firewall analyzer produces a holistic view of the network topology with knowledge of firewall policies, security risks, and compliance.

The Fireflow module automates the change management process and is tightly integrated with the Firewall Analyzer to achieve compliance with minimal exposure.

The AppViz module allows for mapping applications and IT systems, their traffic with vulnerabilities, and firewall rules and policies.

The initial setup can be complex for beginners.

We started to offer AlgoSec ASMS solution to our Customers in 2015.

Scalability is good if you choose the right sizing of hardware and design.

We have had several projects with other firewall management solutions, and our customers choose AlgoSec because it's very flexible.

The setup is easy when you know what to do. The solution has many options to customize and tune.

Our company engineers implemented the solution.

We have evaluated Tufin and Skybox.

For many customers in Russia, the support of local firewall and network vendors' equipment is very important and they will be happy to get that from AlgoSec.

In Russia, there are several common firewall and VPN solutions that are widly deployed over the country. Sometimes, the use of these products is required by regulation, whereas other times, customers prefer using Russian devices to lower foreign vendor dependency risks. It also ensures that no foreign sanctions will break their network and security operations.

Having the support of these devices is very important for our customers.

We use this solution for device changes auditing, device compliance, network mapping, active change, clean-up of the rule base, and a ticket system.

The device changes audit is a quick identification when changing the configuration on devices. Device compliance gives us the ability to generate device compliance reports. The network map is the method for locating the devices that are related to the communication of origin and destination.

Active change is used to centralize the creation of rules in AlgoSec without the need to access other devices. Cleaning up the rule base means that AlgoSec reports and helps remove unused rules and even unused objects within a rule.

In terms of the ticket system, FireFlow helps to record user requests.

AlgoSec products help to manage complex environments with many devices, so we can deliver requests more quickly.

Environments with many devices are difficult to identify problems, especially when there are new analysts on the team. AlgoSec helps in troubleshooting and streamlines the analysis.

AlgoSec helps in the agility of the analysis, speed in the delivery of compliance reports, automation in the request to create rules in firewalls, removal of unused rules, and optimization of the rule base.

In my opinion, the most valuable features are the network map, unused rules reports (IPT), and active change. They are features that help with automation and reduce the analyst's time spent troubleshooting.

The unused rules reports (IPT) help remove unused rules and even unused objects within a rule.

I would like an analysis to be created for user group rules (Check Point - identity awareness). 

Current versions of AlgoSec do not perform analysis of Identity awareness (Check Point). It would be important for the user to be able to request a rule by an access role group and then AlgoSec would create this rule automatically in the firewall.

An improvement in tool performance would be important. Environments with many devices need a lot of hardware resources to avoid slowdowns. Memory consumption of the server is very high.

I have been working with AlgoSec for five years.

The tool is very stable and does not present many problems.

Currently, the tool works well with large environments.

It may be necessary to create a distributed solution of the product on different servers (WEB / DB).

We did use another solution prior to AlgoSec and the change was due to the reports having more information and easy customization.

The initial setup is simple.

After that, it is possible to make customizations to adapt the tool as desired.

The cost of the tool can be recovered with AlgoSec automations.

We evaluated Tufin and FireMon before choosing AlgoSec.

AlgoSec is the best tool on the market.

We primarily use AlgoSec to just have a check on what firewall rule sets have been configured over a period of time, and if there are any redundancies within those rules, that we can eliminate without any confusion within the ruleset. It allows us to have the optimum support and effectiveness of the firewalls.

Doing the analysis of rule sets is very useful for us.

Being able to make and implement changes within a timeline is a very valuable aspect of the solution.

The solution is easy to navigate.

The initial setup is straightforward.

AlgoSec can probably do better at introducing features for the cloud firewall scenarios. This is something that will probably help customers. It needs a hybrid scenario that includes private cloud, public cloud, and on-prem things. If a feature could cover all three different types of deployment, that could probably make it even more desirable for clients.

I've been dealing with the solution for two and a half years at this point.

We've not received any complaints so far when it comes to stability. So far, our capabilities mapped with AlgoSec has always achieved the best of results for our customers. There don't seem to be bugs or glitches. It doesn't crash or freeze.

We haven't heard anything from clients that would lead us to believe they couldn't scale the solution if they needed to.

The technical support is quite good. I would rate them eight or nine out of ten.

There are some points wherein when it comes to support, my engineer may not have gotten direct support immediately. In the past, my engineer might have to wait half an hour or one hour to get an answer, and then, of course, the customer is also waiting. That slightly impacts my customer experience. Due to that aspect, I am reducing one or two points for that. However, overall, we're pretty satisfied with the solution.

I use a few other solutions as well. More often, I would advise clients to go with AlgoSec. Of course, as a secondary option, if our customers personally had some other preference, my experience is that they tend to go for Tufin rather than Skybox.

The initial setup is pretty straightforward. It's not complex. We don't face any challenges on that front.

We both deploy the solution and manage the solution for our customers.

In terms of pricing, it would be useful if they could be a bit more aggressive to their competition in the market. They need more aggressive pricing. That would be certainly more helpful to the market overall.

We have relationships with AlgoSec, Skybox, and Tufin. We are resellers as well as value-added service partners of all three solutions.

Our experience is across the board. What we advise depends on our customers' requirements and preferences. Based on that, we suggest select solutions.

We have a cloud model that we have worked out with AlgoSec. We are their managed security service partners. Along with that, we also do the on-prem deployment, especially in the Indian government sector.

Overall, I'd rate the solution a nine out of ten. I've had a fantastic experience with it so far.

The purpose of using the product was to attack and Analyse rule bases from a holistic perspective. The Firewall Analyzer has a rule base consolidator as well as a feature to make the rule base more permissive. It also helps to reduce rule base clutter, as well as legacy rules.

Traffic query helps us to quickly find rules that allow outbound access.

FireFlow is a useful ticketing system that integrates with many products.

We would like to use FireFlow's API to automate certain tickets that come through to leverage automation in our environment. 

An example is that we have a policy with 900 rules, which we were able to reduce to 500 rules. That's close to a 50 percent savings on the rule base.

We used the Unused rules function in Firewall Analyser to examine our rule base. This has drastic performance increases in our production firewalls.

Objects not used within rules can save even more when it comes to cleaning up rule bases. Where this is a very manual process without AlgoSec, engineers can have a level of automation by building useful reports to assist with clean up.

The most valuable feature is the Firewall Analyser, which has a number of fantastic features.

From a risk perspective, you can apply compliance Frameworks like ISO 27001 and PCI DSS against firewall rule bases to see if your rule base is compliant. If you are not then AlgoSec provides descriptive ways on how to adjust rules to make your rule base more compliant. 

Definitely, the policy-cleanup features are the main draw. Shadowed rules, rule duplication, rule consolidation, rules permitting too much access, and rule usage are very useful and help to clean up rule bases.

There are areas where auditing rule changes are not accurate. It is important to be accurate when using rule changes, as users need to be accountable for their changes; however, I cannot trust AlgoSec when rule changes come through on reports as they reflect incorrectly. I have taken this up with support and have never really had a resolution for this. 

I would like to see enhanced dashboards or build meaningful reports for executive consumption. 

AlgoSec is a fantastic product, and I would like to see more "granular" breakdowns of traffic on IPT traffic analysis for source and destination, as the way it does it currently does not allow me to self problems for rules with ANY in the destination.

We have been using AlgoSec for one and a half years.

The stability is good.

Scalability-wise, this product is good.

The technical support is always responsive and always willing to understand the issues. 

Our previous solution was not useful and did not have an intuitive interface. Support was also terrible.

The initial setup is straightforward. If you understand your infrastructure, it will be easy to deploy in a central location.

Our deployment was done through a vendor team and it took one week.

We haven't saved any money yet but we have improved the performance of certain devices.

I would suggest that you start with a VM, get a PoC with a temp license, and try it out. You will love it.

I would not like to disclose which other products, but I have used two other products that didn't even come close to AlgoSec's power.

Its a good production and good support, definitely worth it.

We primarily use AlgoSec for Firewall Security Management, Firewall Policy Automation, and Auditing. Our firewall estate environment is complex, multi-vendor, and across many sites, so we needed a product that would integrate seamlessly, encompassing all sites and platforms.

It's an ongoing process and we are constantly learning about new features of the product that would be beneficial in terms of helping secure, consolidate, and streamline our environment.

We are well on the road to achieving this with the help of their Professional Services team.

It has saved us much time, helping us work smarter and more efficiently with regards to policy/ruleset management, automation, and consolidation. This product has saved us numerous person-hours in terms of automation and consolidation.

The various elements of the product have allowed us to cover all aspects of Firewall Security Management, Firewall Policy Automation, and Auditing, which all help to leverage the product's full potential.

Having learned more about the product, going forward we believe it will allow us to benefit in additional areas of Firewall security management. 

We have found the Firewall analyzer to be most valuable in terms of policy ruleset management. However, policy ruleset management, automation, and auditing are all good features.

The complete and end-to-end visibility and analysis it provides of the policy rule base is invaluable and saves countless time and effort.

The automation possibilities the FireFlow product provides will also be very useful going forward in terms of time and effort saved, as well as reliability and efficiency.

Overall, the Firewall Analyzer is hugely beneficial in terms of policy ruleset management.

Nothing comes to mind in terms of things that need to be improved.

In terms of additional features in the next release, more integration with SD-WAN would be valuable.

I would also like to see more integration with Cloud security products and services but overall, the product compatibility and integration with multi-vendor and differing platforms/environments is pretty comprehensive. That said, with the fast-moving nature of SD-wan and Cloud Security, product features and enhancements will need to keep pace because clearly, Cloud Security is where the industry will be focusing. 

We have been using AlgoSec for nearly a year.

AlgoSec is as stable as can be expected.

It is highly scalable and more than meets the requirements for our environment.

They were very good, responsive, knowledgeable, and usually resolved issues quickly.

We did not use another product prior to AlgoSec for the same purpose.

The initial setup was fairly straightforward; however, with the usual initial setup niggles and teething issues.

The Professional Services team assisted us and had a very good level of expertise.

ROI is very well leveraged.

Setup cost and pricing were reasonable and the licensing was straightforward.

We didn't evaluate other products as we had a previous, much smaller deployment of AlgoSec that we were happy with.

Overall, I am happy with the product; it meets and even exceeds our expectations and ticks all the boxes in terms of reasons for purchasing it.