AlgoSec Reviews

We use this solution for device changes auditing, device compliance, network mapping, active change, clean-up of the rule base, and a ticket system.

The device changes audit is a quick identification when changing the configuration on devices. Device compliance gives us the ability to generate device compliance reports. The network map is the method for locating the devices that are related to the communication of origin and destination.

Active change is used to centralize the creation of rules in AlgoSec without the need to access other devices. Cleaning up the rule base means that AlgoSec reports and helps remove unused rules and even unused objects within a rule.

In terms of the ticket system, FireFlow helps to record user requests.

AlgoSec products help to manage complex environments with many devices, so we can deliver requests more quickly.

Environments with many devices are difficult to identify problems, especially when there are new analysts on the team. AlgoSec helps in troubleshooting and streamlines the analysis.

AlgoSec helps in the agility of the analysis, speed in the delivery of compliance reports, automation in the request to create rules in firewalls, removal of unused rules, and optimization of the rule base.

In my opinion, the most valuable features are the network map, unused rules reports (IPT), and active change. They are features that help with automation and reduce the analyst's time spent troubleshooting.

The unused rules reports (IPT) help remove unused rules and even unused objects within a rule.

I would like an analysis to be created for user group rules (Check Point - identity awareness). 

Current versions of AlgoSec do not perform analysis of Identity awareness (Check Point). It would be important for the user to be able to request a rule by an access role group and then AlgoSec would create this rule automatically in the firewall.

An improvement in tool performance would be important. Environments with many devices need a lot of hardware resources to avoid slowdowns. Memory consumption of the server is very high.

I have been working with AlgoSec for five years.

The tool is very stable and does not present many problems.

Currently, the tool works well with large environments.

It may be necessary to create a distributed solution of the product on different servers (WEB / DB).

We did use another solution prior to AlgoSec and the change was due to the reports having more information and easy customization.

The initial setup is simple.

After that, it is possible to make customizations to adapt the tool as desired.

The cost of the tool can be recovered with AlgoSec automations.

We evaluated Tufin and FireMon before choosing AlgoSec.

AlgoSec is the best tool on the market.

We primarily use AlgoSec to just have a check on what firewall rule sets have been configured over a period of time, and if there are any redundancies within those rules, that we can eliminate without any confusion within the ruleset. It allows us to have the optimum support and effectiveness of the firewalls.

Doing the analysis of rule sets is very useful for us.

Being able to make and implement changes within a timeline is a very valuable aspect of the solution.

The solution is easy to navigate.

The initial setup is straightforward.

AlgoSec can probably do better at introducing features for the cloud firewall scenarios. This is something that will probably help customers. It needs a hybrid scenario that includes private cloud, public cloud, and on-prem things. If a feature could cover all three different types of deployment, that could probably make it even more desirable for clients.

I've been dealing with the solution for two and a half years at this point.

We've not received any complaints so far when it comes to stability. So far, our capabilities mapped with AlgoSec has always achieved the best of results for our customers. There don't seem to be bugs or glitches. It doesn't crash or freeze.

We haven't heard anything from clients that would lead us to believe they couldn't scale the solution if they needed to.

The technical support is quite good. I would rate them eight or nine out of ten.

There are some points wherein when it comes to support, my engineer may not have gotten direct support immediately. In the past, my engineer might have to wait half an hour or one hour to get an answer, and then, of course, the customer is also waiting. That slightly impacts my customer experience. Due to that aspect, I am reducing one or two points for that. However, overall, we're pretty satisfied with the solution.

I use a few other solutions as well. More often, I would advise clients to go with AlgoSec. Of course, as a secondary option, if our customers personally had some other preference, my experience is that they tend to go for Tufin rather than Skybox.

The initial setup is pretty straightforward. It's not complex. We don't face any challenges on that front.

We both deploy the solution and manage the solution for our customers.

In terms of pricing, it would be useful if they could be a bit more aggressive to their competition in the market. They need more aggressive pricing. That would be certainly more helpful to the market overall.

We have relationships with AlgoSec, Skybox, and Tufin. We are resellers as well as value-added service partners of all three solutions.

Our experience is across the board. What we advise depends on our customers' requirements and preferences. Based on that, we suggest select solutions.

We have a cloud model that we have worked out with AlgoSec. We are their managed security service partners. Along with that, we also do the on-prem deployment, especially in the Indian government sector.

Overall, I'd rate the solution a nine out of ten. I've had a fantastic experience with it so far.

The purpose of using the product was to attack and Analyse rule bases from a holistic perspective. The Firewall Analyzer has a rule base consolidator as well as a feature to make the rule base more permissive. It also helps to reduce rule base clutter, as well as legacy rules.

Traffic query helps us to quickly find rules that allow outbound access.

FireFlow is a useful ticketing system that integrates with many products.

We would like to use FireFlow's API to automate certain tickets that come through to leverage automation in our environment. 

An example is that we have a policy with 900 rules, which we were able to reduce to 500 rules. That's close to a 50 percent savings on the rule base.

We used the Unused rules function in Firewall Analyser to examine our rule base. This has drastic performance increases in our production firewalls.

Objects not used within rules can save even more when it comes to cleaning up rule bases. Where this is a very manual process without AlgoSec, engineers can have a level of automation by building useful reports to assist with clean up.

The most valuable feature is the Firewall Analyser, which has a number of fantastic features.

From a risk perspective, you can apply compliance Frameworks like ISO 27001 and PCI DSS against firewall rule bases to see if your rule base is compliant. If you are not then AlgoSec provides descriptive ways on how to adjust rules to make your rule base more compliant. 

Definitely, the policy-cleanup features are the main draw. Shadowed rules, rule duplication, rule consolidation, rules permitting too much access, and rule usage are very useful and help to clean up rule bases.

There are areas where auditing rule changes are not accurate. It is important to be accurate when using rule changes, as users need to be accountable for their changes; however, I cannot trust AlgoSec when rule changes come through on reports as they reflect incorrectly. I have taken this up with support and have never really had a resolution for this. 

I would like to see enhanced dashboards or build meaningful reports for executive consumption. 

AlgoSec is a fantastic product, and I would like to see more "granular" breakdowns of traffic on IPT traffic analysis for source and destination, as the way it does it currently does not allow me to self problems for rules with ANY in the destination.

We have been using AlgoSec for one and a half years.

The stability is good.

Scalability-wise, this product is good.

The technical support is always responsive and always willing to understand the issues. 

Our previous solution was not useful and did not have an intuitive interface. Support was also terrible.

The initial setup is straightforward. If you understand your infrastructure, it will be easy to deploy in a central location.

Our deployment was done through a vendor team and it took one week.

We haven't saved any money yet but we have improved the performance of certain devices.

I would suggest that you start with a VM, get a PoC with a temp license, and try it out. You will love it.

I would not like to disclose which other products, but I have used two other products that didn't even come close to AlgoSec's power.

Its a good production and good support, definitely worth it.

The primary use case of this solution was to optimize and cleanup all the unused legacy firewall rules from multiple firewalls which was massive in terms of time and effort.

The other user case in our environment was to automate all the manual day to day firewall changes to reduce the turnaround time for application owners.

We wanted to have central visibility for our entire firewall portfolio to see the firewall flow of traffic traversing through multiple layers of firewalls.

Definitely with the help of this solution it made our life easier to optimize and clean up the task within a short span of time which provided the quick visibility of all the rules to be actioned.

Traffic Analyzer provided the centralized view for our IT SOC operations to focus mainly on high-risk firewall rules exposing with explicit any rules.

The other best feature is the Fire flow module which is in the process of implementation to automate the firewall rules changes along with the workflow model right from the requester to the implementer.

Both the modules of AlgoSec solution which has been on-boarded in our environment are amazing to use it as it provides a central end to end visibility of the firewall rules spanning across the multiple layers of the firewall.

It's helping our Risk and Compliance team to assess all our firewall rules periodically and help us to remain compliant. 

It saves a lot of manual time especially in daily operations and increases the turnaround time for business.

It has helped us internally to provide the documentation for our auditing and reporting purposes.

AlgoSec should explore integrating more multi-vendor platforms and should be looking towards ready infrastructure for providing Infrastructure as service (IAAS) on any cloud platforms as the trend and technology is gradually moving from In House platforms to Cloud platforms.

Algosec should also be exploring the integration with the open source firewalls as well.

The GUI features of Algosec solution should be more flexible to use and adopt.

We have been using this solution for one year.

In terms of scalability, it's a license-based model to add license at any point of time when you have any new firewalls added in the portfolio.

Customer service is good but needs more improvement to be on listening side of the customers.

No, this is the first time we have introduced this solution.

Our Initial setup was not so straight forward as we were exploring all the features to its depth so lots of engagement was done with OEM level to explore and implement in our environment.

We went through local vendor support however the involvement from OEM was also huge and phenomenal.

Definitely the simplicity to use this solution is the key factor to be a leader in this competition and the other factor is the response and support model.

We went through the RFP process evaluation for all the magic quadrant leaders of the  market.

We are using Firewall Analyzer (AFA) to compare configurations from multiple firewalls, such as Cisco ASA, Palo Alto, Check Point, and so on. It helps us to streamline our firewall rules, identify risks, and provide better visibility. This product has significantly saved the time and human efforts in creating and deploying firewall rules. It is now easier for our cybersecurity team to analyze firewalls rules and ACLs, using them in a more efficient manner. Other features are also very important for us.

With the help of this product, we can manage all the network security equipment in a centralized way. We are also able to make requests to our security team about quick and valid changes requests, helping to minimize the workload in documentation, troubleshooting and so on. This helps to identify any wrong or unnecessary changes in the network security perimeter, making sure that all security policies and best practices are followed in our network domain. During change implementation, and especially after completion, we can validate, make sure that everything is working fine, and is up-to-date per our expectations.

It’s capability to build and present entire network topology via map makes team members to easily investigate the entire domain. Whenever new applications and services get on boarded and traffic rules and policies being created it automatically discovered those Apps and services and makes life easy. Each and every performance report can be fully automated using this and saves time in audit and compliance requirement.It also helps us to clean old and obsolete rules or those rules which are not in use otherwise it could be very difficult without this product as team have to log into each firewall and remove rules and policies

We are running multiple hybrid cloud solutions, working with cloud providers, and looking for API integrations with cloud and related interoperability. Sometimes, when we are trying to delete or disable any rule, it takes more time than expected. 

Sometimes, the web browser has issues with slowness. It can be worked out with a click or two. 

We are using Algosec Firewall Analyzer referred to as (AFA) since 2018.

This is very stable, robust product. During extreme load in business hours, it works well without any issues. 

It provides interoperability with all vendor firewalls and the scalability is much easier.

Technical support is always good whenever we contact the support team. We always get an immediate response and a solution within defined timelines.

Earlier we are not using any solution but always planning to procure solution that have ability to integrate multi vendor firewalls into single platform and after assessments and evaluations with OEM products we finally select Algosec as approved solution.  

Initial setup was very simple. Using Quickstart help, any member can take part in deployment and administration from basic to advanced level. 

Only the firewall integration could take time due to some complex interactions. 

We implemented using our own internal team and with the help of AlgoSec technical support team. AlgoSec technical support was excellent and prompt.

It provides an improvement in the firewall process load. It also helps with increasing CPU and memory utilization.

When it comes to the cost of support and licensing, it is much cheaper than other competing products.

We have tried FireMon and Tufin under a non-production environment, but the overall features of AlgoSec were best. Therefore, we choose this product for our production environment.

Excellent product to use and has tremendous support from OEM.

We have not faced many problems or issues using this product.

We also have not tested AI or ML capabilities and are very keen to start working with it now. 

Overall, it is well-maintained, robust platform tool for firewall management.

Our main use cases for this solution are:

• Firewall Rule optimization
• Topology mapping of various firewalls
• Automating the implementation of rules.
• Reports warning before time based rules expire. 

We also implemented the AlgoBot, which is extremely useful when checking if rules already exist or finding out easily where they need to be configured.

We have 20-plus firewalls from multi-vendors in several sites, both IT and OT. Therefore, an automated way to manage firewalls is a must, especially since staff is always on the short side.

AlgoSec has saved us a lot of time in managing our rule base which has become increasingly large. With 20-plus multi-vendor firewalls, it gets really hard to manage without a solution like AlgoSec. This has helped us to fulfill our internal SLAs for change implementation.  

The fine tuning of the policies is a lot faster and repeatable. 

The compliance factor has also helped us a lot where we can show auditing that we have a repository for all the changes made in the firewalls, who made them, and at what time.

Gone are the days where time-based rules expire without anyone noticing. We have now automated reports sent to the team. This allows us to ask the involved asset owners if rules can be disabled or need to be extended.

Most valuable features are the firewall rule optimization, topology mapping, and automating the deployment of new rules in several multi-vendor devices. 

AlgoBot is a brilliantly, simple idea that lets us give our IT internal customers a way to check if rules are already in place before asking for more.

With firewall rule optimization, you cannot only tune most used rules higher in the rule base, but also check for unused objects or rules to clean up.

The automatic implementation of rules in several firewalls simultaneously is also a great feature, especially in large environments or on short staffed teams. 

AlgoBot should be more developed by adding more features to the chat.

We will be integrating with Cisco ACI soon. Hopefully, new features with this integration will be developed as well in terms of automation.

I came across a difficulty recently with a BGP enabled firewall that had a large number of routes. This wasn't directly supported due to a 3000 rule per firewall limit.

We've been using AlgoSec for over six years.

It has been running flawlessly since installation. Even upgrades are pretty straightforward and have never given us problems.

We have added 10 more firewalls to our 14 existing and have had no performance or scalability issues.

We have had several tickets opened and the responses were fast. This enabled us to solve our problems quickly. The only complaint is about the license rekeying needed for when you need to change a firewall. That usually takes a bit of time.

We did use a different solution for several years. The features and usability made us switch.

If you are knowledgeable about the firewalls that you intend to manage, the initial setup is really easy. The most difficult steps are configuring checkpoints for LEA integration where you need to create the object in each firewall, establish connectivity, install the database, install the policy, etc.

It was initially implemented through a vendor. Their level of expertise was good enough to implement the solution effortlessly.

Cost is based on firewall. There are bundles, e.g., virtual firewalls might make the solution cheaper.

The licensing scheme should be done in a simpler way. For example, if we delete a firewall and want to add a new one, then the license doesn't get freed up automatically. You have to request a new license to customer support and install it. If you are testing new implementations, this can be cumbersome.

We evaluated the main competitor, Tufin, because we were using it!

I am the senior network security engineer in an environment of more than 80 firewalls ranging from ASA 5506-X to ASA 5585-X and now to FortiGate 3960E. As part of this position, I need to be able to audit firewalls and ensure that they are compliant to a number of policies.  Before AlgoSec, this was done in a very long, slow manual process, and it took days to audit even the smallest firewall. With AlgoSec, I can run a compliance report and see exactly where that firewall falls short.

AlgoSec has freed up my time to look into new solutions and complete other jobs that I have to get done. I have been able to shepherd the migration from Cisco ASA to FortiGate and using AlgoSec made that process much easier. Now, when I get a request for audit information, that information is available at a click. A PCI audit is no sweat. I know which firewalls fall under PCI, and I can provide the needed answers in minutes instead of days.  This has improved my use of time.

Policy optimization, compliance, and change reports are the most valuable. I can clean up firewall rules quickly, optimizing the rule set and moving on in hours. Before, I was looking at days. Compliance is a breeze. The change reports are helpful to see changes over time and also be a "second set of eyes" when looking into issues. 

The mapping tool is helpful. 

Traffic queries are a great help when troubleshooting a problem, especially if the traffic is going through two or more firewalls.

I can't think of specific improvements. If anything, the product has been improving in usefulness constantly. 

I have been using AlgoSec Firewall Analyzer for approximately two and a half years now.

Product hotfixes are released regularly and are a breeze to install. I have dealt with other products that always promising to fix bugs, but it takes months or longer for the next patch to appear. AlgoSec is on top of this and in my opinion is a real leader with bug fixes.

Technical support is the best that I have ever dealt with. I have yet to have a support engineer tell me that they couldn't fix a problem or that it was sunspots (Cisco TAC). They have gone above and beyond multiple times. I never hesitated to call as they have never made me feel that the problem is the user, even though I am sure that there were times it has been.

I have never had a problem that the technical support wasn't willing to dig into and get resolved.

Not really. We used a homegrown VBScript that would parse the configurations on our firewalls for auditing. This didn't help at all with compliance.

The setup is not difficult. The professional services were outstanding in installation and knowledge transfer.

We implemented through a vendor team. Their expertise was outstanding. They made sure to spend a lot time doing knowledge transfer.

The initial cost was high for us, but we have always been behind the tech curve and cost has always been the limiting factor. That attitude has changed. Now, we look for the best, not simply the cheapest.

We did look at a couple of other solutions. FireMon and Qualsys are the only two I remember.

It has saved my bacon a number of times and is a great arrow to have in your quiver of tools.

We need less time to identify any risks in our firewalls, as we can detect changes in real-time.

We have obtained in easy way to do compliance reports for audit purposes. With this optimization reports, we can clean up unused rules, consolidate covered or redundant rules. We can also define trusted rules that apply.

Risky rules reports help to reduce manual work and identify the main risky configurations to remove. This give us some recommendations on how remediate and their importance.

• Identifying and removing risky rules
• Firewall rules cleanup (unused rules)
• Security compliance reports
• Security baseline settings

A vulnerability management module might be interesting, though not integrated with a third-party vendor. It should be an AlgoSec VM module.

I would like some server integration for vulnerability management.  

Some PDF reports are not so good. E.g., the graphics and reports are not so good. Sometimes, we need to create graphics and reports to compare security ratings across months and groups. 

I have been using AlgoSec for two years. 

Awesome.

Great.

Excellent and very kind technical support.

No.

Licensing is very easy to set up. The pricing is relative to how you want to expand and harden your network security. 

I did not evaluate another solution.

It is a great tool that makes work easier each day. I can't imagine working without AlgoSec and using it for my daily activities.