AlgoSec Reviews

Our primary use for AlgoSec is to automate our firewall configuration. We use the AlgoSec system to remotely configure the firewalls, making our life easier.

We are in a multisite environment with plenty of firewalls for perimeter security and LAN segregation for specific proposes. This solution helped us to make the process more dynamic.

It has reduced the workload for the firewall team thanks to the API integration with our ticketing system, handling the standard types of requests automatically. Before having it, we had to create a lot of standard rules that now can now be just pushed from the AlgoSec system.

It has also helped in terms of firewall monitoring. Automatic alerts are sent to the security team so we can react quicker in case something goes wrong or a thread is detected going through the firewall. This is made possible using the simple reports.

The most valuable feature of this solution from an operations perspective is the automation of the firewall rule deployment, working together with our ticketing system.

Any new needs are requested by a user using the internal webpage request. This request is automatically validated against a set of standard rules. If the request is compliant, the new rule sets are automatically configured in the specified firewalls without any human action. This reduces the firewall team's workload and improves efficiency.

It would be nice to have a good tool for network map discovery in the GUI to make it more user-friendly. I would also like to be able to check and modify network maps in a graphical and more intuitive way. This will improve our network overview for new deployments and troubleshooting.

An API to connect to Palo Alto Prisma and Zscaler to be used after SD-WAN deployment would be a helpful feature. We have discussed this with AlgoSec and are hoping to see it in the near future. 

We have been using the AlgoSec solution for four years.

We did not use a solution like this one previously. This is the first time.

I'm part of the team that uses the AlgoSec solution, not on the finance IT team.

Firewall rule base management and FCR processing is the main reason we use AlgoSec.

We also use it for troubleshooting purposes and reporting. In that sense, there are three instances that are the main consumers of it. Our infrastructure management uses reporting to get insights, our Network and Security team does all of the FCR processing and troubleshooting of network problems, and our security department that also uses reporting and is part of the approval process for FCRs that are placed in AlgoSec.       

AlgoSec provided a much easier way to process FCRs and get visibility into traffic. With previous vendors, we had to guess what was going on with our traffic and we were not able to act accordingly.

By automating some parts of the work, business pressure is also reduced since we now deliver much faster. I received feedback from our security department that their FCR approval process is also now much easier. The network team is also now able to process FCRs much faster and with more accuracy.

Most of all, Technical Reviews are now top-notch and AlgoSec does part of the job automatically that had been done manually with our previous vendor.

We now process FCRs much faster, which helps us to deliver faster and implement reworks at a quicker rate.

With Business Flow and Firewall Analyzer, it provides much better visibility into traffic and process flows. Visibility into traffic was our main problem in the past since we had no clue what was going on but now, we have all sorts of analyses and reports. This makes our decision process, firewall clean up, and troubleshooting much easier.

All of the search options needed are there but the search menu could be a bit more intuitive. In other words, I can perform any search I want without any problems but combining different search parameters can sometimes be a problem.

Creating more intuitive menus could be helpful, especially for the first-time users.

For example, it would be useful to be able to save searches with complex structure so they can be easily reused with simple change of parameter. Also, "contain" criteria sometimes misses just like ability to search using any value in basic search box, instead of reaching out to Advanced search (it would be great if simple typing IP address, or Project ID in basic search box lists all rules containing such a value).

We have been using AlgoSec in production for about one year. Before that, we used it as a PoC for around six months.

We have had no issues in the past year.

This solution is very scalable.

We used another vendor prior to AlgoSec but we were not satisfied with the "intelligence" of the product when it came to the processing of FCRs.

We also evaluated Skybox.

I have not seen any major issues with AlgoSec and it is better than the previous product we used. I am glad to have it now.

First and mostly, as a large company, we had some issues regarding the main rating companies as they found some issues compromising our assets. There are different management systems and models with human interaction and sometimes with a different validation. This was impacting our business, so we put a lot of effort into solving problems, case by case, with manual operations. AlgoSec came into action in order to avoid this and streamline our process.

AlgoSec is one security management tool with the main target to find any rule that is not in compliance with our internal standards. New rules cannot be configured in any firewall unless it has been validated from security.

We were able to identify every rule configured on each firewall in our facilities with AlgoSec. This included every risky rule, shadow rule, and non-compliant rule. After this, we were working with a fully cleaned-up process.

Now, any rule is pushed automatically with AlgoSec. In fact, every user in the company is raising tickets through it to request a new open flow across firewalls. If AlgoSec detects that this flow has no risk, it is automatically pushed onto the firewall. If not, it goes to a dedicated approval process.

Among all of the different AlgoSec modules, I think that FireFlow is the most valuable and we have integrated it into our internal processes. This is something that increases business efficiency and helps avoid bottlenecks in our NOC team. Moreover, we have eliminated any human mistakes that we have dealt with in the past and now we want to avoid as we are moving toward a completely automated network.

There are a few things that we have already raised to AlgoSec in order to improve the tool. First, as the highest volume in our network is SaaS traffic, we need to secure this connection. To secure SaaS traffic there are a few vendors such as Palo Alto and Zscaler, but AlgoSec is not yet able to push rules onto these clouds. It’s in the roadmap but this is something that blocks our whole design.

The network map design is not very useful for the administrator as the information displayed is not user-friendly.

It's been almost two and a half years since when we were looking for a fully integrated Security Management tool and we decided to run this solution in our multi-vendor network.

Stability is good, but we are still debugging tiny things because we have to accommodate the solution to our large IT infrastructure.

It will be good as long as they can move this solution to hybrid or fully cloud deployments. 

All issues raised so far have had a good response SLA.

We didn't use any security managament tool prior to this one.

This initial setup was tough because of the network map configuration. There is no visibility on the provider (ISP) because they cannot grant access to us. So, the configuration was mostly set up manually.

AlgoSec was deployed with the support of professional services coming from the vendor. This made the implementation smooth for us. The expertise was good, as they had experience with this solution.

We were doing some workshops with both AlgoSec and Tufin. 

We use this solution for Firewall Rule Management, to know who did what and why.

We use AlgoSec FireFlow to create Rules for the Firewalls with detailed information. It is used by end-users who supply the requirements for which this rule is needed, and then it goes to Security for approval.

We use AlgoSec Firewall Analyzer to get the audit reports on the firewall and to verify that change, which was approved by the Security and Network teams, is implemented in the right way.

It is a great tool for audit purposes.

Also it tells us if our firewall is compliance with PCI or not.

We use this for Compliance purposes also.

They are both integrated with each other.

This solution is helping us in the long term for managing the firewall configurations.

AlgoSec FireFlow Network Security solution is an end-to-end solution that ensures that firewall changes are approved, necessary, and implemented in the right way.

If some change is not implemented correctly then it warns you right away.

Also, while migrating from Cisco to AlgoSec, we can see the hit counts on the security rules and when the last time each rule was used. Depending on this information, we only use security rules that are more recently used when configuring new firewalls for migration.

For Palo Alto Firewalls, we have configured a lot of virtual routers as part of the network. This segmentation allows different network traffic to be isolated from a security point of view.

For us, it is a great management and audit tool.

This appliance has a lot of great features to offer.

You can buy the physical appliance or VM depending on your company requirements.

Features we like are:

1. Multi-approval AlgoSec Fireflow rule creation system. The end-user can only implement the rule if it is approved by all of the IT groups.
2. Very good integration with other vendor's products like Cisco or Palo Alto Firewalls.
3. This Appliance gives you the full Network MAP, which is obtainable from the Routing table.
4. It is easy to find whether a security policy is blocked, as well as where and by which device.

We love all the features of this device. It can be a bit expensive for small companies but they also have a VM model for that.

It seems that AlgoSec created a VSYS (Virtual system) for each virtual router name, even though our firewall has only a single VSYS. We are ok to work with this, but if this can be fixed in a future release then that will be great.

We have been using this solution for three years.

We have had no Hardware or Software issue so far with this Product.

This Appliance never went down and whenever we did any software upgrades it went very smooth. Also in our environment we had no issues due to any software bugs.

Their Software is pretty stable and bug free.

We love the scalability of this product.

This solution has Five Star technical support.

It is great to work with its Customer and Technical support team.

We used a different solution prior to this one and we had issues integrating with our new firewall vendor which was Palo Alto

The initial setup is straightforward, and we had no issues during the installation.

We performed the implementation in-house.

It seems we have recovered our money on this appliance, so it is money well spent.

Initial setup was not that hard. Vendor did this for us.

Licensing depends on how many firewalls your company has.

They have license options for small to big customers depending on the network.

Price is fair for Licensing and Product.

We evaluated a few other options, including Tufin, before choosing this solution.

My advice is to go with this product. It is easy to set up and use. It has great features and very good technical support to back it.

So far, we find ourselves below limitations on this appliance with the version we are currently running.

Overall, this is a Great security management product with good automation options to help your security teams function.

We primarily use the AlgoSec Firewall Analyzer.

We have more than ten cluster firewalls and we have deployed the AlgoSec solution suite. We want to check compliance status of our devices. We also need to reduce the number of rules in each of the policies.

In our new data center, we want to automate the firewall policies.

Now, we can easily track the changes in policies. With every change, AlgoSec automatically sends an email to the IT audit team. It increases our visibility of changes in every policy. 

Every month, I use the optimizer to reduce firewall rules. In the summary tab, I can easily track the number of changes in the firewall policies.

The most valuable feature is the reporting, including the policy report and regulatory compliance reports.

In the Intelligent Policy Tuner, the tighten permissive rules tab allows us to reduce the number of rules in each policy. I can easily control, report, and reduce the rules for policies. Also in the Rules Cleanup tab, I am removing unused rules as I feel confident in deleting these types of rules.

Our Information team read Regulatory Compliance Reports that can easily track the compliance status of each device.

Cisco Firepower device support is limited in our AlgoSec system and I think AlgoSec can improve in that area. For example, in FireFlow we can easily track using the ticketing system to integrated Check Point devices. However, with Cisco Firepower devices, we couldn't integrate with them.

We have been using AlgoSec for almost six years.

We did not use another solution prior to this one.

The pricing of AlgoSec is fair.

Before purchasing AlgoSec, we implemented a PoC with each of AlgoSec, Tufin, and FireMon.

We have more than ten clusters behind our firewall. It is essential that we track the changes in policies and the compliance status of devices. AlgoSec can easily do that.

We utilize this solution to manage policies for our firewalls. At first, we used it to keep a record of our policies: Who changed something, when, and whether the policy is allowed or not. We now use it to map our traffic flows and to flag a policy that is not allowed by the criteria we have set for our different types of firewalls.

We used it initially to go through all of our policies on over 800 firewalls, to organize the policies and map out our policy flows to certain zones. That enabled us to know how to structure our policies.

We spent a year going through our firewall policies to clean them up because before, when we were on Cisco ASA firewalls, we had a very hard time regulating what types of firewall policies were being created, and it was even harder to review them. After we moved to Palo Alto firewalls, we decided that that was the best time to load our policies into AlgoSec and review them. That way we not only converted to a more capable next-generation firewall, we could also ensure the policies were strong.

AlgoSec has helped significantly with our firewall compliance. Before AlgoSec it was a very manual job to go through firewalls and look for risky rules. Now, we get alerts when a risky rule is created. This allows us to maintain compliance and run compliance checks monthly. As a result, we have saved many hours of work by our operations folks. They were the ones who had to manually review all of the firewall policies and create evidence of their review in a very scrappy fashion.

With AlgoSec, we can show a view of firewall compliance that is clean and easy to read and present. This also helps our business units ensure their policies are clean. With that data, we are able to show management that the firewalls connected to our network, but owned by other business units, meet our standards.

We like that we have been able to identify risky rules, based on the criteria we have set. We also like the ability to push policies from AlgoSec to the firewalls to ensure risky policies are never created in the first place. That's a feature that will help us in the future as well.

We are moving towards an automated environment so the ability to work with Ansible, ServiceNow, and Palo Alto gives us the ability to automate our firewall policy creation. And it does so in a manner where we do not have to worry about a policy being created that may put our organization at risk.

Support for Layer 7 policies, including User-ID and threat profiles with Palo Alto firewalls, has been a pain point from us. We would like to include the additional info specifically because we believe it changes the riskiness of the rule if it is only set for a specific user or a group of users. For example, if we have what looks like an "allow all" to a certain /24 network, but for only one user, we would give that a different score than if no user was identified.

AlgoSec has been very stable for us.

It scales well.

We have had our issues resolved very quickly.

We used Tufin. 

The initial setup was very simple. We just set up SNMP.

We used a vendor team and they were great.

The ROI for us is the great assurance we have in the security of our firewall policies.

Be sure to scale properly.

We evaluated Tufin.

This solution will help you significantly with compliance, the part of your job that may not be your favorite.

We are using AlogSec mainly for firewall compliance reporting as well analyzing and evaluating firewall policy. That, in turn, means we can actively work on firewall policy optimization and elimination of unused and risky rules. We also using it for compliance reporting. 

The solution has helped us a lot in improving our firewall security optimization as well in evaluating security policy to eliminate the risky rules or secure them. 

Its reporting modules solve all our monthly and quarterly compliance-related reporting requirements. 

Currently, we are using almost all the features of the product to take as much advantage as we can of what it offers. But our primary use is compliance reporting and the Firewall Analyzer helps us achieve our various IT compliance requirements, like ISO-27001.

There is huge scope for improvement in the level of support, especially around the issue of resolution time. That is the only negative point I find in the solution. I hope you guys will work on it and improve your resolution time which will help customers to keep their AlgoSec device healthy.

In the six years we have been using it, we have never seen an outage or failure of AlgoSec or any other software-related failure. 

The product is very scalable. We have never faced any issues related to the scalability of the product. 

As an individual, my experience has been good, but in terms of technical-issue resolution, I am not 100 percent satisfied because of time the AlgoSec team takes to fix issues, some of the time.

Previously, we were using Tufin but we found that solution more complicated when compared with AlgoSec. 

The initial setup was straightforward because of the well-defined GUI platform.

We implemented it in-house.

Given that we have been using this product for the last six years, there is no question about ROI. If we were not seeing ROI, per our expectations, we would not continue with the product. 

AlgoSec is not much more expensive compared to other products available in the market.

We evaluated FireMon but it was more complicated than AlgoSec and did not fulfill our basic requirements. 

Overall, AlgoSec is doing a good job.

We use it to find unused objects and rule cleanup. However, we also found a use case by letting developers read access so they can see rules and open ports so they can request firewall changes as needed. This opened up time for our firewall engineers because they did not have to answer questions anymore to developers. 

By letting developers access AlgoSec, we cut down the questions and time we had to spend explaining what ports are open and where. They can now see in one panel. Since there are multiple firewall vendors, they can see what rules apply where using one tool.

I think finding the firewall's rules with the highest risk is valuable. In the old days, we had to run reports and look through rule bases trying to find risky rules and that can also lead to human error. Now we see it via AlgoSec. It also helps because we see those risks across multiple vendors. 

I would like to see more object-based reports on groups and object usage. When cleaning up old rules, it is easy to disable the rule and then delete after a while. Trying to find unused groups or used objects in groups gets a little harder and I would like to see an easier view into those objects. 

We have never had an issue with its stability.

This product does scale very well and we never had a problem with performance.

Whenever we did have a question on setup or changes, the tech support was very willing to work with us even on basic questions. 

We have used Tufin which does a good job looking at groups and objects but AlgoSec adds more of a risk approach to it. 

It was very easy to setup and easy to get firewalls working with the manager. 

We were able to set it up in-house without any help. That is how easy it was.

Our ROI was seen very quickly since we gave developers the option to look at rules. IT opened up so much time where our firewall engineers had to deal with questions and explanations. 

I would start with only a few firewalls and then grow. You can get your feet wet and add more firewalls in next year's budget. 

We evaluated Tufin. 

The solution is pretty solid and intuitive.