AlgoSec Reviews

Our primary use for AlgoSec is to automate our firewall configuration. We use the AlgoSec system to remotely configure the firewalls, making our life easier.

We are in a multisite environment with plenty of firewalls for perimeter security and LAN segregation for specific proposes. This solution helped us to make the process more dynamic.

It has reduced the workload for the firewall team thanks to the API integration with our ticketing system, handling the standard types of requests automatically. Before having it, we had to create a lot of standard rules that now can now be just pushed from the AlgoSec system.

It has also helped in terms of firewall monitoring. Automatic alerts are sent to the security team so we can react quicker in case something goes wrong or a thread is detected going through the firewall. This is made possible using the simple reports.

The most valuable feature of this solution from an operations perspective is the automation of the firewall rule deployment, working together with our ticketing system.

Any new needs are requested by a user using the internal webpage request. This request is automatically validated against a set of standard rules. If the request is compliant, the new rule sets are automatically configured in the specified firewalls without any human action. This reduces the firewall team's workload and improves efficiency.

It would be nice to have a good tool for network map discovery in the GUI to make it more user-friendly. I would also like to be able to check and modify network maps in a graphical and more intuitive way. This will improve our network overview for new deployments and troubleshooting.

An API to connect to Palo Alto Prisma and Zscaler to be used after SD-WAN deployment would be a helpful feature. We have discussed this with AlgoSec and are hoping to see it in the near future. 

We have been using the AlgoSec solution for four years.

We did not use a solution like this one previously. This is the first time.

I'm part of the team that uses the AlgoSec solution, not on the finance IT team.

Firewall rule base management and FCR processing is the main reason we use AlgoSec.

We also use it for troubleshooting purposes and reporting. In that sense, there are three instances that are the main consumers of it. Our infrastructure management uses reporting to get insights, our Network and Security team does all of the FCR processing and troubleshooting of network problems, and our security department that also uses reporting and is part of the approval process for FCRs that are placed in AlgoSec.       

AlgoSec provided a much easier way to process FCRs and get visibility into traffic. With previous vendors, we had to guess what was going on with our traffic and we were not able to act accordingly.

By automating some parts of the work, business pressure is also reduced since we now deliver much faster. I received feedback from our security department that their FCR approval process is also now much easier. The network team is also now able to process FCRs much faster and with more accuracy.

Most of all, Technical Reviews are now top-notch and AlgoSec does part of the job automatically that had been done manually with our previous vendor.

We now process FCRs much faster, which helps us to deliver faster and implement reworks at a quicker rate.

With Business Flow and Firewall Analyzer, it provides much better visibility into traffic and process flows. Visibility into traffic was our main problem in the past since we had no clue what was going on but now, we have all sorts of analyses and reports. This makes our decision process, firewall clean up, and troubleshooting much easier.

All of the search options needed are there but the search menu could be a bit more intuitive. In other words, I can perform any search I want without any problems but combining different search parameters can sometimes be a problem.

Creating more intuitive menus could be helpful, especially for the first-time users.

For example, it would be useful to be able to save searches with complex structure so they can be easily reused with simple change of parameter. Also, "contain" criteria sometimes misses just like ability to search using any value in basic search box, instead of reaching out to Advanced search (it would be great if simple typing IP address, or Project ID in basic search box lists all rules containing such a value).

We have been using AlgoSec in production for about one year. Before that, we used it as a PoC for around six months.

We have had no issues in the past year.

This solution is very scalable.

We used another vendor prior to AlgoSec but we were not satisfied with the "intelligence" of the product when it came to the processing of FCRs.

We also evaluated Skybox.

I have not seen any major issues with AlgoSec and it is better than the previous product we used. I am glad to have it now.

First and mostly, as a large company, we had some issues regarding the main rating companies as they found some issues compromising our assets. There are different management systems and models with human interaction and sometimes with a different validation. This was impacting our business, so we put a lot of effort into solving problems, case by case, with manual operations. AlgoSec came into action in order to avoid this and streamline our process.

AlgoSec is one security management tool with the main target to find any rule that is not in compliance with our internal standards. New rules cannot be configured in any firewall unless it has been validated from security.

We were able to identify every rule configured on each firewall in our facilities with AlgoSec. This included every risky rule, shadow rule, and non-compliant rule. After this, we were working with a fully cleaned-up process.

Now, any rule is pushed automatically with AlgoSec. In fact, every user in the company is raising tickets through it to request a new open flow across firewalls. If AlgoSec detects that this flow has no risk, it is automatically pushed onto the firewall. If not, it goes to a dedicated approval process.

Among all of the different AlgoSec modules, I think that FireFlow is the most valuable and we have integrated it into our internal processes. This is something that increases business efficiency and helps avoid bottlenecks in our NOC team. Moreover, we have eliminated any human mistakes that we have dealt with in the past and now we want to avoid as we are moving toward a completely automated network.

There are a few things that we have already raised to AlgoSec in order to improve the tool. First, as the highest volume in our network is SaaS traffic, we need to secure this connection. To secure SaaS traffic there are a few vendors such as Palo Alto and Zscaler, but AlgoSec is not yet able to push rules onto these clouds. It’s in the roadmap but this is something that blocks our whole design.

The network map design is not very useful for the administrator as the information displayed is not user-friendly.

It's been almost two and a half years since when we were looking for a fully integrated Security Management tool and we decided to run this solution in our multi-vendor network.

Stability is good, but we are still debugging tiny things because we have to accommodate the solution to our large IT infrastructure.

It will be good as long as they can move this solution to hybrid or fully cloud deployments. 

All issues raised so far have had a good response SLA.

We didn't use any security managament tool prior to this one.

This initial setup was tough because of the network map configuration. There is no visibility on the provider (ISP) because they cannot grant access to us. So, the configuration was mostly set up manually.

AlgoSec was deployed with the support of professional services coming from the vendor. This made the implementation smooth for us. The expertise was good, as they had experience with this solution.

We were doing some workshops with both AlgoSec and Tufin. 

We primarily use the AlgoSec Firewall Analyzer.

We have more than ten cluster firewalls and we have deployed the AlgoSec solution suite. We want to check compliance status of our devices. We also need to reduce the number of rules in each of the policies.

In our new data center, we want to automate the firewall policies.

Now, we can easily track the changes in policies. With every change, AlgoSec automatically sends an email to the IT audit team. It increases our visibility of changes in every policy. 

Every month, I use the optimizer to reduce firewall rules. In the summary tab, I can easily track the number of changes in the firewall policies.

The most valuable feature is the reporting, including the policy report and regulatory compliance reports.

In the Intelligent Policy Tuner, the tighten permissive rules tab allows us to reduce the number of rules in each policy. I can easily control, report, and reduce the rules for policies. Also in the Rules Cleanup tab, I am removing unused rules as I feel confident in deleting these types of rules.

Our Information team read Regulatory Compliance Reports that can easily track the compliance status of each device.

Cisco Firepower device support is limited in our AlgoSec system and I think AlgoSec can improve in that area. For example, in FireFlow we can easily track using the ticketing system to integrated Check Point devices. However, with Cisco Firepower devices, we couldn't integrate with them.

We have been using AlgoSec for almost six years.

We did not use another solution prior to this one.

The pricing of AlgoSec is fair.

Before purchasing AlgoSec, we implemented a PoC with each of AlgoSec, Tufin, and FireMon.

We have more than ten clusters behind our firewall. It is essential that we track the changes in policies and the compliance status of devices. AlgoSec can easily do that.

We've been using Algosec as our reference tool to clean our policies from old unused rules and objects and to assess rules that are categorized as risky so that we can fix those risks.

Firewall Analyzer from Algosec is our main tool for Firewall auditing and it makes our external auditors very confident on the way our policies are managed.

Fireflow from Algosec also helps us identifying which firewalls are on the way from source to destination when we need to open flows and it saves us a lot of time. We are still on our path to implement full automation of firewall policy creation with Algosec's Fireflow but the goal is to achieve it soon.

Since we deployed Algosec our Firewall policies which didn't have much maintenance over more than 15 years had their policies reduced to less than half the rules by using Algosec's Firewall Analyzer to remove unused rules, unused objects withing rules, compacting several firewall rules in one rule, etc.

We were also able with Firewall Analyzer to get risk reports of our firewall policies and start tackling them to close them or at least to be aware of its existance.

Firewall Analyzer is amazon in Policy Optimization and we feel we are much more secure since we have this product. If we add a rule that poses a risk we get an alert from Firewall Analyzer which is very important to us.

We are also starting to use Fireflow and our goal is to have the policy creation automated soon. For now we are already able to identify which firewalls are on the path between point A and point B and we are on the path to full automation which will reduce a lot the workload of our team.

The feature we find the most valuable is the Firewall Analyzer for the firewall policy audits and to show external auditors we have a process to identify risks and to tackle them. It's also very important for policy clean maintenance. 

This helps us know which devices are between the source and destination on the flows that we need to open for the business. The audit tools are also very important to us because we can easily have everything that needs to be presented to the security auditors.

We are in the process of implementing FireFlow for full automation which will save us time for more important things we need to to on daily basis that are not creating firewall rules. We aim to achieve the full automation soon.

In our case it would be very important to improve support to Dell switches and also some Juniper switches, which we have a lot of in our company network. This has been our difficulty for the full automation on the Fireflow. If all our network devices were Cisco I'm sure we would have the network map complete very easily and the full automation working with much less effort.

We already asked Algosec for the support of the switches we have that are not natively supported for the future versions and we expect that we are lucky enough for them to be supported on the next releases, although there are some ways of working around non-natively supported switches to complete the network map.

We have been using Algosec solution for more than 5 years now.

We never had issues so far in terms of stability.

The solution is very scalable and allows you to add all the firewalls and devices you need.

It is also scalable on the licensing as you can start by buying only the Firewall Analyzer license with which you can start onboarding all the devices and completing the network diagram so that Algosec's has the whole picture and know all the paths from network A to B.

After that you are ready to start using FireFlow and you can buy the license only when you are ready to start deploying it.

Sometimes it takes more time than expected to have answers for support tickets, but in general the customer service is good.

Positive

Not in our case.

The initial setup has been easy. The only difficult thing was the part in which we needed to onboard non natively supported switches. That part is a bit more complex.

We implemented with a mix of external company and in-house. The external team was helpful and had a good expertise level.

The time we save on our daily operations is very important. We could reduce the team size with this tool as we had a trainee almost fully working on opening flows.

It also allows us to detect risks on firewall rules and fix them, keeping the company network safe.

The price for the solution is not cheap but if you use it fully it will compensate in terms of securitization and in terms of time gained on the daily operations. It is also very helpful if your company is audited on the security part.

We heard about Tufin and Algosec, and after going through the specs we decided to go on a POC with Algosec and ended up buying it as it fitted our needs. We followed our Firewall integrator advice, who also recommended Algosec for our Firewall's park which is basically Fortinet and Check Point.

We recommend trying fully automation in a controlled environment before widely deploying it to the production firewalls. It's important to gain confidence on the product.

We use AlgoSec for firewall policy management.

The most valuable feature of AlgoSec is its firewall analyzer. AlgoSec also has a better interface.

AlgoSec's audit management is not good enough and can be improved. Also, AlgoSec should be made more scalable.

I have been using AlgoSec for around one year.

AlgoSec is a stable solution.

AlgoSec is not a scalable solution. Only I use AlgoSec in our company to do firewall management.

It is moderately easy to set up AlgoSec.

Two staff were involved in AlgoSec's deployment, which took around three hours.

Before choosing AlgoSec, we evaluated Tufin as an option. We chose AlgoSec because it has a better interface.

AlgoSec is a good firewall management tool for organizations with multiple firewall levels. If you only have two or three firewall levels, then AlgoSec is not worth investing in.

Overall, I rate AlgoSec an eight out of ten.

One of the use cases for the solution is when you have many firewalls from different vendors and would like to handle all the configurations from a single pane of glass.

We are an AlgoSec distributor, and another use case that is very important to our customers, especially in the financial sector, is generating compliance reports. AlgoSec has very comprehensive compliance reporting. Most of our customers who use AlgoSec care a lot about compliance reports, whether ISO or PCI or other types of compliance.

AlgoSec saves time by providing an analysis of all the firewall rules. For example, I might find 10 unused rules, or rules without objects or without a subnet. To get that information manually can take time. I might have to go through a firewall and check the rules and it would take at least 10 minutes for 10 rules. And a manual process can result in errors. AlgoSec saves time because it can detect all unused rules and I can just remove them via the AlgoSec platform through FireFlow. Removing those 10 rules manually can take about 20 minutes, but through AlgoSec it takes one or two minutes.

The solution can find all the misconfigurations in firewall rules and it can delete or modify them automatically, with no human action needed. As a result, there will no longer be errors in the firewalls. FireFlow handles the workflow of adding and removing policies. Sometimes, an engineer may not have solid experience when it comes to firewall rules. If he goes to the firewall portal itself and tries to add or remove a policy, this policy may cause errors or potential risk. AlgoSec handles this process instead. It helps eliminate human error.

Also, if you have a network engineer with less experience, he can still go through AlgoSec and submit rules. AlgoSec supports another tier of engineers who approve the policies. This is all done using FireFlow.

We use the AFA (AlgoSec Firewall Analyzer) and FireFlow. AFA is the most popular feature in our region and FireFlow is good for managing workflow.

AlgoSec Firewall Analyzer can detect misconfigurations and unused or permissive rules, as well as rules without logging. Through a single dashboard, I can see all the problematic rules from all the firewalls. It's very simple, with AlgoSec, to get an analysis of all the rules, and that helps with visibility. AlgoSec can do a risk assessment for each policy or rule in the firewall and detect the severity of each rule, whether low, medium, high, or critical. I can get a quick overview of the risk policies that a customer needs to change because, perhaps, there is a rule where the risk is high.

The AlgoSec dashboard is very simple. I can find all the information without any effort. All the tabs are clear and straightforward.

I can apply changes to rules through FireFlow. For example, when I detect many unused rules, I can remove them and, using FireFlow's process, it is very simple to do so.

It is very easy to generate a compliance report for ISO or PCI. It can be done with one click. Some organizations may have a baseline for compliance. The beauty of AlgoSec is that it can adjust compliance according to the corporate needs or environment, when standards vary from one region to another.

When it comes to visibility, the solution can make a network map for all the devices in the network, whether routers or firewalls. I can run queries to detect network policies. For example, if a customer cannot access the corporate stack or the application site, using AlgoSec I can detect which firewall, and which policy inside the firewall, may be fully or partially blocking access. This is a very important feature and most of our customers use network mapping to create visibility into the network.

AlgoSec integrates with most of the leading firewall vendors, but one issue is that AlgoSec doesn't support Sophos and Forcepoint. AlgoSec competitors, like FireMon, support Forcepoint. I have told AlgoSec a number of times that we have many customers that use Forcepoint. I have asked why they don't support integration with Forcepoint. They have said they don't care about Sophos, Forcepoint, and SonicWall. They don't consider those vendors to be leaders in the firewall market and they don't have plans to support them.

I have been using this solution for about two years.

Sometimes a customer's platform is down, but overall AlgoSec is stable.

Support from AlgoSec is good. When I create tickets, they support us and solve all the tickets. There is no delay in support.

One of the things I don't like about AlgoSec is that when a customer has an issue with the platform, it takes time to resolve. Issues often need more than tier-one or tier-two; they're often not easy for the customer to resolve. It requires the AlgoSec team to solve issues with configurations or performance.

For example, AlgoSec upgraded the platform six months ago and it was mandatory for all customers. On my side, it was not easy to perform the upgrade and I had to request support from AlgoSec.

Positive

We started deploying the application in January of this year. Currently, in our contract, we have a license for AlgoSec FireAnalyzer and FireFlow. So, at this moment, we are only working with AlgoSec FireAnalyzer. 

We are using AlgoSec to have a good view of our environment in terms of the risks and compliance and to implement rules. Our environment at this moment is only on-premises. We have servers, routers, firewalls, etc.

The visibility that AlgoSec provides about our environment is very important. Without it, we won't have visibility into various risks to our environment. AlgoSec can show us these risks and allows us to improve and close some rules. It improves the security of the network, and we can protect the data of our customers more efficiently.

It is helpful in improving the security and compliance of our environment. We can optimize our environment by improving the rules that are not used or are duplicated. FireFlow is useful in creating and implementing new rules. It allows us to automate rules implementation and have more control over rules.

Its reports are very important for compliance and understanding and mitigating risks. They show us the rules that are open or that can create risks for our environment. This information is very important for us for optimizing our environment and correcting the policies.

In our environment, we add rules in the firewall based on user logins, but currently, we can't do that with AlgoSec. AlgoSec can't create rules based on user logins. For example, generally, when we create a rule, we put IP Address, Destination IP Address, and Service Port. However, in our environment, we put IP Address, User Login, Destination IP Address, and Service Port, but AlgoSec doesn't support a rule in this format. We opened a ticket regarding this with their support two months ago, and they said that they will be able to add it in the future, but they don't know the timeframe. We are currently in the process of making changes in our environment for such rules, and after two months, we won't be using the rules that are based on user logins. We will make them consistent with the market, and we will use only the IP Address, Destination IP Address, and Service Port for rules. So, it won't be a problem for us, but this can be an improvement for other clients.

It is quite new for us. We starting working with it just a few months ago.

Its stability is good. We never had a problem where we couldn't access the platform. It is always available, and we don't have any problems related to the downtime of this platform.

At the moment, it gives us what we need. Next month, we will add new technologies to AlgoSec.

AlgoSec has a great team. They are professional and have good knowledge of AlgoSec. We have a good relationship with them, and we got good support from them.

We never had a solution like this. It is the first one in our environment.

We started its implementation in January with the help of a partner company. It was very easy to implement, and we didn't have to contact AlgoSec.

We completed the deployment in February. We put it in our environment and started the server. After that, we did the configuration and started to add our devices to AlgoSec.

We implemented it with the help of a partner company in Brazil called Logicalis. When we have any problem, we talk to them, and they are able to help us.

I would recommend this solution because AlgoSec provides a lot of reports and views of your environment. You won't be able to get this view through a firewall manager. For example, the CheckPoint firewall manager won't provide what AlgoSec provides, especially related to the compliance of your environment.

We have implemented Cisco ACI in our environment, and AlgoSec will help us to work with this new technology implemented in our environment. We will integrate AlgoSec and ACI next week.

I would rate AlgoSec a 10 out of 10.