AlgoSec Review

AlgoBot checks if rules already exist or finds out easily where they need to be configured

What is our primary use case?

Our main use cases for this solution are:

  • Firewall Rule optimization
  • Topology mapping of various firewalls
  • Automating the implementation of rules.
  • Reports warning before time based rules expire. 

We also implemented the AlgoBot, which is extremely useful when checking if rules already exist or finding out easily where they need to be configured.

We have 20-plus firewalls from multi-vendors in several sites, both IT and OT. Therefore, an automated way to manage firewalls is a must, especially since staff is always on the short side.

How has it helped my organization?

AlgoSec has saved us a lot of time in managing our rule base which has become increasingly large. With 20-plus multi-vendor firewalls, it gets really hard to manage without a solution like AlgoSec. This has helped us to fulfill our internal SLAs for change implementation.  

The fine tuning of the policies is a lot faster and repeatable. 

The compliance factor has also helped us a lot where we can show auditing that we have a repository for all the changes made in the firewalls, who made them, and at what time.

Gone are the days where time-based rules expire without anyone noticing. We have now automated reports sent to the team. This allows us to ask the involved asset owners if rules can be disabled or need to be extended.

What is most valuable?

Most valuable features are the firewall rule optimization, topology mapping, and automating the deployment of new rules in several multi-vendor devices. 

AlgoBot is a brilliantly, simple idea that lets us give our IT internal customers a way to check if rules are already in place before asking for more.

With firewall rule optimization, you cannot only tune most used rules higher in the rule base, but also check for unused objects or rules to clean up.

The automatic implementation of rules in several firewalls simultaneously is also a great feature, especially in large environments or on short staffed teams. 

What needs improvement?

AlgoBot should be more developed by adding more features to the chat.

We will be integrating with Cisco ACI soon. Hopefully, new features with this integration will be developed as well in terms of automation.

I came across a difficulty recently with a BGP enabled firewall that had a large number of routes. This wasn't directly supported due to a 3000 rule per firewall limit.

For how long have I used the solution?

We've been using AlgoSec for over six years.

What do I think about the stability of the solution?

It has been running flawlessly since installation. Even upgrades are pretty straightforward and have never given us problems.

What do I think about the scalability of the solution?

We have added 10 more firewalls to our 14 existing and have had no performance or scalability issues.

How are customer service and technical support?

We have had several tickets opened and the responses were fast. This enabled us to solve our problems quickly. The only complaint is about the license rekeying needed for when you need to change a firewall. That usually takes a bit of time.

Which solution did I use previously and why did I switch?

We did use a different solution for several years. The features and usability made us switch.

How was the initial setup?

If you are knowledgeable about the firewalls that you intend to manage, the initial setup is really easy. The most difficult steps are configuring checkpoints for LEA integration where you need to create the object in each firewall, establish connectivity, install the database, install the policy, etc.

What about the implementation team?

It was initially implemented through a vendor. Their level of expertise was good enough to implement the solution effortlessly.

What's my experience with pricing, setup cost, and licensing?

Cost is based on firewall. There are bundles, e.g., virtual firewalls might make the solution cheaper.

The licensing scheme should be done in a simpler way. For example, if we delete a firewall and want to add a new one, then the license doesn't get freed up automatically. You have to request a new license to customer support and install it. If you are testing new implementations, this can be cumbersome.

Which other solutions did I evaluate?

We evaluated the main competitor, Tufin, because we were using it!

Which deployment model are you using for this solution?

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More AlgoSec reviews from users
...who work at a Financial Services Firm
...who compared it with FireMon
Add a Comment