AlgoSec Valuable Features
The most valuable is helping us determine where our rules are too permissive. Based on previous human review of our rules, they are very cursory. We know why we do something, but we don't get into the details of whether the rule is nice and tight. What Firewall Analyzer lets us do is understand the risks presented by our rules. The tool does a calculation of all the traffic that could be allowed and we can match that to whether it should be allowed. Another thing that we have recently started to do, but only about 100 days ago, is collect syslog events from the firewall that now tell us whether the rules that might be well-configured are actually being used by people or traffic. Our next step will be to start eliminating well-formed rules that just aren't needed.
The overall visibility that AlgoSec gives me into our network security policies is perfect. We think about separation of duties. As the information security officer, I shouldn't be logging into the firewall and playing around. What AlgoSec does is give me the ability to see everything about the firewall: its rules, configurations, and usage patterns. It gives me all the visibility that I need to make sure that we are doing what we should do to keep it tight. There is no perimeter anymore. We have to be very careful what we are letting in and out, and Firewall Analyzer helps us to do that.
Another very useful feature of the AlgoSec Firewall Analyzer is it will alert us to changes in firewall rules and configuration. So, we have a third-party who manages our firewall. AlgoSec gives us notification, if they go in and make changes either to the configuration or rules, so we can keep track and make sure that only authorized changes are occurring.View full review »
Senior Systems Engineer with 51-200 employees
The features that I like are the monitoring and the alerts. It provides real-time monitoring, or at least close to real-time. I think that is important. I like its way of organizing, also. It is pretty clear. I also like their reporting structure - the way we can use AlgoSec to clear a rule base, like covering and hiding rules. For example, if the customer is concerned about different standards, like ISO or PZI levels, we can all do the same compliance from AlgoSec. We can even track the change monitoring and mitigate their risks with it. You can customize the workflows based on their environment. I find those features interesting in AlgoSec.
The visibility is pretty clear from top to bottom, even interconnected maps and zones.
We can always customize the standard risk profiles. But even within the standard one, before doing any changes, when you go with the flow, they always inform you. Before implementing the change, you get the visibility there. You get the visibility with risks.
This is important because the places that I have worked have different departments for risk handling. So whenever we go through the flows before implementing, that part goes through the risk department and gets their approval first. With AlgoSec you get to know the risk profile before implementing the change. That way you get to know the risks that you are taking with that particular change. So it's important.
It has helped to reduce the time that it takes to implement firewall rules. In some places where I work, they fill a form and send it to a particular manager. For example, if an end-user fills it and he sends it to his manager, then it gets his approval and he sends it to the risk department, and gets their approval, and sends it back to the person who implements. There's a chain that takes a longer period of time and even their paper costs. That gets reduced when they use a workflow from AlgoSec. They always get automatic notifications when the change moves on to the next level so they know exactly which stage the change is in.
It is helping to reduce those policy changes by more than 50%.
You can face audits in two ways. You can either do it from AlgoSec. I have used it like that for periodic audits. You can always plan it. Either you can go from one of your rules, clean up your rule base and improve the standards of your risks and all the other areas in the AlgoSec reports. Or else, you can go for a PCR level report and you can prepare it stage-by-stage and commit up to a certain standard. I have used both methods. You can also do reports for the particular changes and check how much your environment is improved after you follow the report and do the particular change that they suggest. For example, reordering or combining your rules or removing some of the unused objects. Then you can run a report and see how much it gets improved. So in terms of auditing, which they can run every six or eight months, or once in a year, you can always turn on your audit before it comes to that level. You can always prepare for your audit by scheduling reports.
It's pretty easy when it comes to integrating with the leading vendors. If you want to integrate, they have proper documentation. Their documentation is very good. I have to give them credit for that. You can always follow it. Integrations are pretty easy and much easier than with some of the similar competitive products that I have used. I don't want to mention names, but AlgoSec is much easier because of their proper documentation. For example, when you are integrating a particular device or application, you know the things that you need to do because they have the proper documentation before doing it. It takes less time to integrate compared to some of the other products in the field.
I have come up with two cases of misconfigurations in some rules. One of them is with change requests when you have a single object and you just have to amend it to the particular rule but not to other specific rules. The other thing is what rule it's covering. It's not a misconfiguration, actually, and you can amend it. I have come up with some situations like that. Before coming back to my stage, it is always clear from the other risks and level of approval. So I did come up with that kind of a scenario but it's not actually a misconfiguration.
AlgoSec has helped to simplify the job of security engineers because you can always monitor your risks and know that your particular configurations are up-to-date, so it reduces the effort of the security engineers. You can always get top to bottom. For example, if you talk about the rule base of a particular firewall and access to some particular things, you can always get a clean one with the required security. So rather than going here and there, they can always use this tool to do the automation and their decision-making.
I haven't yet configured with Cisco ACI, but in the next one and a half months, I'll be integrating it with an ACI structure.
I expect the value of bringing AlgoSec and ACI together will be good. It'll be like an extension. If you integrate AlgoSec, it's not like a single point. If you connect it with the ACI fabric it will be challenging. I haven't really experienced it in full, because I am still in the designing phase and I haven't done the full implementation, but I feel like it'll be interesting and challenging. Since I have not experienced it or yet done the implementation combining these two, I cannot fully say how it will be. It's a question mark. But I'm expecting it to be a little bit challenging because the visibility differs.View full review »
AlgoBot is a Slack chatbot that they've designed to help people identify if the firewalls are going to allow or block specific network traffic. We leveraged this to allow our staff to check themselves if the firewalls are going to be blocking traffic or not. That saves us logging into the firewalls and running the query off the host. We give them the power to use it and it saves us time.
AlgoSec has features to prepare for audits and ensure our firewalls are in compliance. But we have all the tools to measure compliance and security framework stuff we're doing.
The most valuable for us so far has been the firewall rule analysis. Just to be able to get to a point where our infrastructure is secure and stable. The analysis runs everything that we actually need. When we run a report, we need to look at the report, then go back to the analysis because the analysis has all the information for us. We just have to match up the analysis to the report.
We have a security vendor who runs an analysis on the logs that we send them. We have multiple vendors who come in and do an annual security assessment. We have multiple vendors who come in and do an annual penetration test. We have vendors who deal with the end clients as well as vendors who deal with the servers for security, in addition to our firewalls, routers, and public interfaces. AlgoSec takes all of the information on our network, puts it into one single pane of glass where we can go and request what we need from the vendors. Plus, there are reports in AlgoSec that we can run and send out to our vendors so they have an eye into what we are looking at.
Lead Infrastructure Engineer at a financial services firm with 5,001-10,000 employees
We primarily use AFA for the change management portion of it. But the security ratings also are used by our security group to ensure compliance and validate that nothing is being configured that is not in our best interest.
The overall visibility AlgoSec gives into our network security policies has been very good. We are happy with the way the application works. It is very intuitive and easy to use. I would give that a very high rating.
AlgoSec provides full visibility into the risk involved in firewall change requests as well. It definitely allows us to drill down to the level where we can see the actual policy rule that's affecting the risk ratings. If there are any changes in ratings, it'll show you exactly how to determine what's changed in the network that will affect it. It's been very clear and intuitive as far as that.
I don't know if it has reduced the time it takes to implement firewall rules in our company. We don't use it for implementing changes because our network is very in-depth and we're very particular with our security on that, that we do manually make all of our firewall changes. So we're not using the automated functionality of AlgoSec to do that for us. But I think that's more because of the restrictions that we have in our own network.
AlgoSec is very good when it comes to preparing for audits and ensuring our firewalls are in compliance. The security ratings are a major factor in that lately, as well as being able to show the configurations and how they affect the risk ratings. Whenever we do need to address any issues, it's very clear to show us exactly what the effects of the ratings are, as tied into the firewall policies.
We work with multiple security vendors. I'm not on the security team any longer. I went from network group to security and then back again. But our security group does work with AlgoSec and they use it very intimately for different functions.
Cyber Security Architect at a tech services company with 5,001-10,000 employees
The Analyzer was the thing that had the most value because I am all about the quality of the rules and number of the rules. I thought it was really a great product, especially because we have more than one type of firewall.
I liked the level of detail. I thought it was a good measure of what people needed to understand. It had really useful information about controlling the environment. It looked like AlgoSec has done a really good job with developing what customers might find useful.
AlgoSec provides us with full visibility into the risk involved in firewall change requests. There is a lot of competition out there. This provides a comprehensive environment where risk is properly captured, which is very valuable.
The list of tools in the AlgoSec suite all seem to complement each other, which is what we needed towards making sure that we weren't leaving anything out. So, it seemed to be comprehensive enough between all the different products.
AlgoSec helped us to gain visibility into our application connectivity flows, which was important. We have Splunk, so we need a firewall/security expert view on top of Splunk. I felt like AlgoSec gave us that information. This allowed us to show that AlgoSec could be a valuable contributor to our security environment.
It enables us to manage multiple or dispersed environments in a single pane of glass. This is good because we have a complex support model that we are trying to simplify. There are as few panes of glass as necessary. Even with a separate security pane, it is worth it.View full review »
We've been using Firewall Analyzer a lot. Cybersecurity teams have been using it for identifying vulnerable rules and loosely installed services. AlgoSec Firewall Analyzer is a widely adopted module at present.
When it comes to AppViz, I like the project option using which a lot of migrations can potentially be simplified. We are planning to use it for our future migrations. When we are migrating from on-prem to cloud and have a lot of firewall rules for the applications, AppViz's project feature, especially the server migration feature within the project, would really be helpful.
We have Check Point, Palo Alto, and FortiGate firewalls, and it integrates pretty seamlessly with these firewalls. We have had no issues so far.
The workflow and the fact that I can follow up on a request that I've created and clearly see the status it is in are the most valuable features of this solution. When I need things to move on, for example, if the security guys didn't look at the request or the implementation is not going as it should, then I can contact people. There is a mechanism in there that clearly indicates the service level agreement we have for implementation. We can see if it is being attained.View full review »
Chief Technology Officer at Accord Group
For us, as well as for our customers, firewall management and change management are the most important features.View full review »
Consultant at a computer software company with 10,001+ employees
AFA is helpful when finding duplicate rules, subnets, and policies for your ports that have not been used in the last six months. It also helps to find out which ports have been opened for all firewalls. After that, we run the reports and share them with the customer. After getting approval from the customer, if there is a block on a particular port or ports not used in a current environment, Analyzer is helpful when placing the change request of the users. In this case, AlgoSec provides the link to the user who raises the request though the automation, which is the change request. From that change request, it comes through our ticketing tools, e.g., BMC Remedy. Then, we have to check and approve it. Once it gets approved, we deploy the particular policies, as per the user's request.
It provides visibility for the risk. Whenever unnecessary ports have been opened in our environment, whether by mistake or human error, a support ticket gets opened so we can find out about it in an easy way. After that, we can implement or block the particular ports if they are not necessary for the organization's production. The solution has become more helpful during the cleanup rules for the firewall, when we do those activities twice a month. For example, if a user raises a request two to three months ago, then we forget to block the particular port by human error. During the client's cleanup workshop, we can make things clearer, which is more useful for us when cleaning up unnecessary rules and ports from the firewall.
AlgoSec enables us to manage these hybrid environments in a single pane of glass.
It is an excellent, intelligent tool. The console is user-friendly for understanding and implementing things on firewalls. It is helpful for finding duplicate rules.
Senior Technical Analyst at a maritime company with 1,001-5,000 employees
AlgoSec gives us a high level of confidence that our ACLs and our risk components are actually in line with our expectations. Because we run a lot of our firewalls as an internal change control boundary, we rely on them heavily to segregate security zones. It gives us a high level of confidence that things like third-party networks that ride on the backbone are segregated and appropriately defined.
The features I find the most valuable are the:
- Duplicate objects
- Unused rules
- Duplicate rules.
The traffic simulation has been really valuable, especially with other business units that aren't familiar with the firewalls but are looking to see whether or not traffic they're using or going to be putting on the network through projects is going to be impacted.
The overall visibility that AlgoSec gives into our network security policies is high. Our firewalls are our primary control boundary on the LAN. They give us the most amount of visibility we can get at that layer without microsegmentation.
AlgoSec provides us with full visibility into the risk involved in firewall change requests. That feature is important to us because we're a heavily risk-averse organization when it comes to IT control and changes, It allows us to verify, for the most part, that the controls that IT security is putting in place are being maintained and tracked at the security boundaries.
It has reduced the time it takes to implement firewall rules. We can sometimes do 20 to 30 ACL either adds, removes, or changes in a week. In some cases those changes are now down to minutes. Prior to AlgoSec, we would have to do all the manual verification which meant potentially logging into every related firewall, checking every ACL, and making sure that we got the placement correct.
The most valuable features are:
- Compliance reporting
- Their immediate support team
- Maps: You can trace the traffic and what firewall is blocking what connections, services, and websites.
You don't need to be tech-oriented to work with AlgoSec.
One of the beautiful things about AlgoSec is that it gives you templates. There are quite a number of compliance templates, depending on the industry that you are in. For example:
- The ISO number system
- The information security - ISMS management system
- PCI DSS
- FISMA Compliance.
For our clients, they especially have to maintain ISMS and PCI DSS, as these are the two compliance regulations that they have to maintain. You can run analysis or reporting based on the templates. Within minutes, you get into the report, can see your compliance status, and what exactly you need to fix. You can clearly see what parts of the requirements you are not meeting and where you are falling short within standards. It is very clear and visible. We can customize all of this with the reporting, however the client wants it. This is one of the critical parts for most of our clients.View full review »
Security Manager at a transportation company with 1,001-5,000 employees
The firewall policy summarization is the most valuable feature. It helps us to cross-check the firewall ruleset. That's the main purpose of it. And of course, it monitors changes of the firewall policy. It provides full visibility into the risk involved in firewall change requests. It helps us to check for any integrity issues and conflicts with other rulesets, and of course the compliance.
When it comes to integrating with the leading vendors, we haven't had any hiccups integrating Algosec with existing firewalls or network switches, router switches, ASAs, or VPNs. It has to be great. I don't think another brand name or latecomer will do better than Algosec.View full review »
We can use it to create new rules. It will consider huge lists of lines of traffic in one rule at once, and multiple requests, which is amazing.
The most valuable feature is the automation that can be accomplished by using scripts. If we didn't have AlgoSec, I would have to do everything manually. It can create multiple rules for multiple requests at once. It can handle hundreds of them and in fact, it's ridiculous how much it can handle. The fact that it can also check for blocks while you're creating new requests is awesome.
Automation has helped to reduce human error and misconfigurations. It is now a lot better than it was before.
This solution has absolutely reduced the time that it takes to implement firewall rules. If we didn't have FireFlow, we would have to do a lot of things manually. With as many firewall requests as we have daily, we would lose a lot of time. For example, sometimes we get between 20 and 40 firewall requests a week and I can do all 20 of those in one day if they are okay in terms of the traffic. Trying to do 20 requests manually would take a lot more time. As it is now, I just have to put them in through an Excel sheet and it not only saves me time and stress, it saves the company money. Also, the requester is happy because it is done fast and we can do multiple requests at once. Not only does it make me happy, partly because it frees up my time to do other things, but it makes the requester happy too.View full review »
Network Security Engineer/Architect at a tech services company with 1,001-5,000 employees
The feature we find the most valuable is the Firewall Analyzer for the firewall policy audits and to show external auditors we have a process to identify risks and to tackle them. It's also very important for policy clean maintenance.
This helps us know which devices are between the source and destination on the flows that we need to open for the business. The audit tools are also very important to us because we can easily have everything that needs to be presented to the security auditors.
We are in the process of implementing FireFlow for full automation which will save us time for more important things we need to to on daily basis that are not creating firewall rules. We aim to achieve the full automation soon.
Presales Engineer at a tech services company with 11-50 employees
We use the AFA (AlgoSec Firewall Analyzer) and FireFlow. AFA is the most popular feature in our region and FireFlow is good for managing workflow.
AlgoSec Firewall Analyzer can detect misconfigurations and unused or permissive rules, as well as rules without logging. Through a single dashboard, I can see all the problematic rules from all the firewalls. It's very simple, with AlgoSec, to get an analysis of all the rules, and that helps with visibility. AlgoSec can do a risk assessment for each policy or rule in the firewall and detect the severity of each rule, whether low, medium, high, or critical. I can get a quick overview of the risk policies that a customer needs to change because, perhaps, there is a rule where the risk is high.
The AlgoSec dashboard is very simple. I can find all the information without any effort. All the tabs are clear and straightforward.
I can apply changes to rules through FireFlow. For example, when I detect many unused rules, I can remove them and, using FireFlow's process, it is very simple to do so.
It is very easy to generate a compliance report for ISO or PCI. It can be done with one click. Some organizations may have a baseline for compliance. The beauty of AlgoSec is that it can adjust compliance according to the corporate needs or environment, when standards vary from one region to another.
When it comes to visibility, the solution can make a network map for all the devices in the network, whether routers or firewalls. I can run queries to detect network policies. For example, if a customer cannot access the corporate stack or the application site, using AlgoSec I can detect which firewall, and which policy inside the firewall, may be fully or partially blocking access. This is a very important feature and most of our customers use network mapping to create visibility into the network.
Information Security Specialist at a financial services firm with 10,001+ employees
Firewall Analyzer and AppViz are the most important features because they provide a lot of information regarding network segmentation. For us, this is a valuable input in order to provide network segmentation for various applications that we have developed in-house or that we bought from vendors. Our network is not properly segmented right now, but we plan to do it using AlgoSec. This is the most important feature for us right now. We also plan to use FireFlow in order to automate the firewall change management.
Senior Network Security Engineer at a tech services company with 1,001-5,000 employees
One of the most valuable parts for us is to achieve the compliance standards without ample strain and burden. Defined templates assisted us to make effective on following the internal processes and the industry standard.
It enhanced the complete workflow system within six months of deployment. We eventually onboarded by integrating with multiple solutions.
We performed regular audits internally to standardize and to pass the external audits effortlessly.
In simple words, this process empowered us to define a metrics among our industry and set the development goals clearly.View full review »
AlgoSec has good tools to manage policies and devices. Many administrators like how it helps you monitor and clean up the policy for the on-premise firewall. AlgoSec can give you recommendations to optimize your rules. It supports ITSM, and it's a powerful tool for monitoring firewall change requests.
A large company has many devices working with its firewall as well as many policies for managing router switches and networks. If a single security admin changes one policy, it impacts all the routers throughout the entire network. If you do not have a system for firewall change management, you're vulnerable to human error, misconfiguration, and other problems. AlgoSec has one central management system for managing your planning and implementation policies for your devices and firewall. This minimizes risk.
I think it's simple for AlgoSec to integrate with other security solutions. AlgoSec is supported on device firewalls like Cisco and Palo Alto. To integrate, you just have to verify that it has AlgoSec support. It's relatively easy to integrate with AlgoSec because it communicates using the SHA protocol with just a username and password.
I've used AlgoSec with Cisco ACI but only as a proof of concept. My clients are mostly using Cisco ASA with a Cisco router, Palo Alto, and Juniper.View full review »
It is helpful in improving the security and compliance of our environment. We can optimize our environment by improving the rules that are not used or are duplicated. FireFlow is useful in creating and implementing new rules. It allows us to automate rules implementation and have more control over rules.
Its reports are very important for compliance and understanding and mitigating risks. They show us the rules that are open or that can create risks for our environment. This information is very important for us for optimizing our environment and correcting the policies.View full review »
It is pretty simple to use. Resources are readily available.
Firewall Analyzer and FireFlow are very helpful for IT guys, especially for multi-vendor firewalls.
We get a lot of visibility from Firewall Analyzer. It is definitely helpful to see the details of duplicate rules on the firewall. It can define the connectivity and routing.
The solution provides us with full visibility into the risk involved in firewall change requests. This is always required. For example, if you are implementing one rule for network A to network B, but you don't have that visibility in terms of network when you have multiple firewalls, then you have to deploy the rule on every firewall. However, if you have FireFlow, then FireFlow will automatically deploy this rule where it is needed.View full review »
Security Operations Engineer at a security firm with 201-500 employees
It's easy to use. It's not very complex. You can do a lot of things with AlgoSec.
Rule checks and shadow rule detection are my favorite and the most valuable features of AlgoSec.
As a security solution, time matters. For example, a company can have a penetration test. After that, the administrators have a very detailed but also very unuseful report. The reports there are lists of CVEs, risk scores, assets, etc. In order to fix these problems, administrators have to work at least 2-3 months to fix all critical and high problems. However, the medium problems are still problematic. After that long, a new pentest time arrives and they need to open a fresh page on their working systems with lots of new vulnerabilities.
At that point, AlgoSec is a really extremely helpful solution to help administrators to fix big problems in the appropriate amount of time.View full review »
The most valuable feature is the Firewall Analyser, which has a number of fantastic features.
From a risk perspective, you can apply compliance Frameworks like ISO 27001 and PCI DSS against firewall rule bases to see if your rule base is compliant. If you are not then AlgoSec provides descriptive ways on how to adjust rules to make your rule base more compliant.
Definitely, the policy-cleanup features are the main draw. Shadowed rules, rule duplication, rule consolidation, rules permitting too much access, and rule usage are very useful and help to clean up rule bases.View full review »
It's a bit difficult for a network engineer to login on the firewall and make the changes and in that sense, AlgoSec is a lifesaver. You don't need to log in on each separate firewall, you just login on AlgoSec and make changes on all the firewalls from one single pane of glass. You can get the logs from all the firewalls to your AlgoSec as well. And if you see any blocked traffic, you can delete it at the point it gets blocked. If you have five firewalls, it will show which firewall is getting blocked and that can be automated. It's a very powerful and useful tool that can be customized to your requirements. One of the main features is that you can configure all the rules in one place. It also provides a complete report of Euro firewall rules that complies with security authorities such as GDPR.View full review »
Managed Security Services Product Manager at a comms service provider with 10,001+ employees
Doing the analysis of rule sets is very useful for us.
Being able to make and implement changes within a timeline is a very valuable aspect of the solution.
The solution is easy to navigate.
The initial setup is straightforward.View full review »
We have found the Firewall analyzer to be most valuable in terms of policy ruleset management. However, policy ruleset management, automation, and auditing are all good features.
The complete and end-to-end visibility and analysis it provides of the policy rule base is invaluable and saves countless time and effort.
The automation possibilities the FireFlow product provides will also be very useful going forward in terms of time and effort saved, as well as reliability and efficiency.
Overall, the Firewall Analyzer is hugely beneficial in terms of policy ruleset management.View full review »
Level 3 Security Engineer at a tech services company with 10,001+ employees
Risky rules and compliance profiles are very valuable. With these reports, we are able to identify gaps in the client's firewall policy and this allows us to effectively remediate such gaps.
The time and effort saved by using these compliance reports or profiles are definitely welcome. Another feature that we would use on a near-daily basis is the Fireflow and simulation query functionality. With the simulation query, one would not need to log into a specific firewall vendor console to verify if access is allowed or not; we run it through the simulation which saves us a lot of effort.View full review »
Analysis of the environment to optimize the use of the solution (firewall) and obtain a greater view of compliance.
Optimizing the operation making it possible to focus on other improvements.
The possibility for the end-user to request their rule and ensure that policies are complied with using AlgoSec adds greater security, and it also speeds up the request process. It also makes it possible to automate the implementation of rules.
The user receives the information if his request is within the policies and can continue the request, or if it is denied, the applicant must adjust their request to stay within the policies. The time spent for this without AlgoSec is up to one week, whereas with AlgoSec, in a maximum of 15 minutes we have the request analyzed.View full review »
Both the modules of AlgoSec solution which has been on-boarded in our environment are amazing to use it as it provides a central end to end visibility of the firewall rules spanning across the multiple layers of the firewall.
It's helping our Risk and Compliance team to assess all our firewall rules periodically and help us to remain compliant.
It saves a lot of manual time especially in daily operations and increases the turnaround time for business.
It has helped us internally to provide the documentation for our auditing and reporting purposes.View full review »
In my opinion, the most valuable features are the network map, unused rules reports (IPT), and active change. They are features that help with automation and reduce the analyst's time spent troubleshooting.
The unused rules reports (IPT) help remove unused rules and even unused objects within a rule.
The rule checks and shadow rule detection are my favorite aspects and the most valuable feature of Algosec.
As a security solution, time matters. For example, a company can have a penetration test. After that, the administrators have a very detailed, very unuseful report. On the reports, there are lists of CVEs, risk scores, assets, etc. In order to fix these problems, administrators have to work at least 2 to 3 months to fix all critical and high-risk problems. However, the medium problems are still problematic! After that long of a time period, a new pentest time arrives. Therefore, they need to open a fresh page on their working systems with lots of new vulnerabilities.
At that point, AlgoSec is an extremely useful solution as it helps administrators to fix big problems in the appropriate amount of time.View full review »
We primarily use the firewall analyzer feature. It is really great for looking at stuff like PCI, HIPPA, etc. There are sometimes false positives but I don't know of a product out there that does not have false positives.
The firewall analyzer is great if you deploy a new firewall platform and need to see if it provides an adequate level of protection, where you don't have any dangerous rules.
I like the peace of mind that we get from seeing what our overall score is for the configs. I also like that I can check against PCI requirements.
Client Manager - TE Services at NTT Security
AlgoSec currently has two useful features: AFA and AFF.
The AFA workflow helped us to manage firewall rules implementation using multiple stakeholders' approval with an end-to-end lifecycle of change management and tracking.
Algosec AFA is useful for policy optimization, cleanup, and measuring capacity management.
AFA provides greatly extended support for firewall rule review for risky rules, optimization, and clean-up for unused rules. Firewall rule automation for implementation also makes support easy for support firewall administrators.View full review »
The AlgoSec solution consists of several modules and each of them improves the environment in a specific area. The Firewall analyzer produces a holistic view of the network topology with knowledge of firewall policies, security risks, and compliance.
The Fireflow module automates the change management process and is tightly integrated with the Firewall Analyzer to achieve compliance with minimal exposure.
The AppViz module allows for mapping applications and IT systems, their traffic with vulnerabilities, and firewall rules and policies.View full review »
The product is great for:
1) Network topology visualization: reduces network troubleshooting effort which contributes to quickly restoring network or application outage.
2) Policy optimization: reduce/consolidate the number of rules created prior to the existence of AlgoSec Firewall Analyzer in order to free up hundreds of rule capacity before reaching the max rule limit of the firewall.
3) PCI DSS compliance: helps to highlight the area which firewall admin need to take note and address in a streamlined and structured manner.
4) Risk reduction: helps to quickly identify the risk that exists in existing rules and provide useful recommendations that help the firewall admin to remediate with ease.
5) Monitor changes: helps firewall admin to comply with security requirements of providing real-time security alert whenever a change is made, with detailed info on what was the value before and after.View full review »
L3 Security Engineer at NTT Security
I always find the policy optimization by identifying duplicate objects, shadowed rules, and unused objects pretty useful. By eliminating all these duplicate objects, unused rules, and unused objects, firewalls and other security devices will use fewer resources to process certain tasks/requests.
This will benefit both the security engineer managing the security devices and the client as they will spend less time in dealing with optimization and therefore can focus more on other important matters.View full review »
Business Development Manager at Vibs
The most valuable aspect of the product is the automatic application connectivity. The second best feature would be detection and response and analysis of the data. Applying security policies over the network is easy. AlgoSec instantly provides audit reports which is a most useful feature in this organization.
Integration of the next-gen firewall, cloud firewall, routers, and load balancers is seamless and a very useful feature.
The solution offers unified and risks analytics reports features.
AlgoSec helps IT managers automate firewall management across all hybrid environments.View full review »
Technical Architect at a manufacturing company with 10,001+ employees
Security ratings and security rules analysis are two valuable features. In general, it's a very good and stable solution.View full review »