AlgoSec Reviews

We needed to review unused rules and delete them. However, I also wanted to view my unused objects and NAT rules. Algosec met my needs. 

The product was able to present how many rules were redundant and how many shadow rules were in a gateway. Thanks to this visibility, I was able to do my rule optimization. Thus, my firewall rules were fewer, and fewer rules were checked when traffic passed through the firewall. In this way, it was possible for traffic to pass through the firewall faster.

The simulation can be improved. Networks and interfaces to which the firewall is connected are kept in a visual simulation. The rules could also show us the traffic on these networks in red and green. When we add a rule, we should be able to see what kind of traffic obstruction we can cause and what can be improved. In the next release, it would be fun to visually present the dashboard with animations.

The purpose of using the product was to attack and Analyse rule bases from a holistic perspective. The Firewall Analyzer has a rule base consolidator as well as a feature to make the rule base more permissive. It also helps to reduce rule base clutter, as well as legacy rules.

Traffic query helps us to quickly find rules that allow outbound access.

FireFlow is a useful ticketing system that integrates with many products.

We would like to use FireFlow's API to automate certain tickets that come through to leverage automation in our environment. 

An example is that we have a policy with 900 rules, which we were able to reduce to 500 rules. That's close to a 50 percent savings on the rule base.

We used the Unused rules function in Firewall Analyser to examine our rule base. This has drastic performance increases in our production firewalls.

Objects not used within rules can save even more when it comes to cleaning up rule bases. Where this is a very manual process without AlgoSec, engineers can have a level of automation by building useful reports to assist with clean up.

The most valuable feature is the Firewall Analyser, which has a number of fantastic features.

From a risk perspective, you can apply compliance Frameworks like ISO 27001 and PCI DSS against firewall rule bases to see if your rule base is compliant. If you are not then AlgoSec provides descriptive ways on how to adjust rules to make your rule base more compliant. 

Definitely, the policy-cleanup features are the main draw. Shadowed rules, rule duplication, rule consolidation, rules permitting too much access, and rule usage are very useful and help to clean up rule bases.

There are areas where auditing rule changes are not accurate. It is important to be accurate when using rule changes, as users need to be accountable for their changes; however, I cannot trust AlgoSec when rule changes come through on reports as they reflect incorrectly. I have taken this up with support and have never really had a resolution for this. 

I would like to see enhanced dashboards or build meaningful reports for executive consumption. 

AlgoSec is a fantastic product, and I would like to see more "granular" breakdowns of traffic on IPT traffic analysis for source and destination, as the way it does it currently does not allow me to self problems for rules with ANY in the destination.

We have been using AlgoSec for one and a half years.

The stability is good.

Scalability-wise, this product is good.

The technical support is always responsive and always willing to understand the issues. 

Our previous solution was not useful and did not have an intuitive interface. Support was also terrible.

The initial setup is straightforward. If you understand your infrastructure, it will be easy to deploy in a central location.

Our deployment was done through a vendor team and it took one week.

We haven't saved any money yet but we have improved the performance of certain devices.

I would suggest that you start with a VM, get a PoC with a temp license, and try it out. You will love it.

I would not like to disclose which other products, but I have used two other products that didn't even come close to AlgoSec's power.

Its a good production and good support, definitely worth it.

We primarily use AlgoSec for Firewall Security Management, Firewall Policy Automation, and Auditing. Our firewall estate environment is complex, multi-vendor, and across many sites, so we needed a product that would integrate seamlessly, encompassing all sites and platforms.

It's an ongoing process and we are constantly learning about new features of the product that would be beneficial in terms of helping secure, consolidate, and streamline our environment.

We are well on the road to achieving this with the help of their Professional Services team.

It has saved us much time, helping us work smarter and more efficiently with regards to policy/ruleset management, automation, and consolidation. This product has saved us numerous person-hours in terms of automation and consolidation.

The various elements of the product have allowed us to cover all aspects of Firewall Security Management, Firewall Policy Automation, and Auditing, which all help to leverage the product's full potential.

Having learned more about the product, going forward we believe it will allow us to benefit in additional areas of Firewall security management. 

We have found the Firewall analyzer to be most valuable in terms of policy ruleset management. However, policy ruleset management, automation, and auditing are all good features.

The complete and end-to-end visibility and analysis it provides of the policy rule base is invaluable and saves countless time and effort.

The automation possibilities the FireFlow product provides will also be very useful going forward in terms of time and effort saved, as well as reliability and efficiency.

Overall, the Firewall Analyzer is hugely beneficial in terms of policy ruleset management.

Nothing comes to mind in terms of things that need to be improved.

In terms of additional features in the next release, more integration with SD-WAN would be valuable.

I would also like to see more integration with Cloud security products and services but overall, the product compatibility and integration with multi-vendor and differing platforms/environments is pretty comprehensive. That said, with the fast-moving nature of SD-wan and Cloud Security, product features and enhancements will need to keep pace because clearly, Cloud Security is where the industry will be focusing. 

We have been using AlgoSec for nearly a year.

AlgoSec is as stable as can be expected.

It is highly scalable and more than meets the requirements for our environment.

They were very good, responsive, knowledgeable, and usually resolved issues quickly.

We did not use another product prior to AlgoSec for the same purpose.

The initial setup was fairly straightforward; however, with the usual initial setup niggles and teething issues.

The Professional Services team assisted us and had a very good level of expertise.

ROI is very well leveraged.

Setup cost and pricing were reasonable and the licensing was straightforward.

We didn't evaluate other products as we had a previous, much smaller deployment of AlgoSec that we were happy with.

Overall, I am happy with the product; it meets and even exceeds our expectations and ticks all the boxes in terms of reasons for purchasing it.

It is currently used by the network security, audit, and internal control departments of organizations where I have deployed the application. It gives overall insight/visibility and enhances security across the enterprise.

Our company environment used old fashioned firewall devices for a long time and we hardly touched on old firewall rules. With this product, we were able to clean up our firewall rules and organize them neatly. It actually gave us a very straightforward report of what is being used, and not used, for firewall rules. 

AlgSec is used for in-depth firewall analysis and intelligent policy tuning and optimization. It helps in regulatory compliance metrics and overall firewall security optimization.

I like the auto-mapping features and configuration overview. We use this for many things, but primarily for quick reactions to security events, audit, project management, and quick operational efficiencies.

• Firewall rule optimization
• Regulatory and baseline compliance analysis/mapping
• Policy tuning
• Application discovery
• Automated Change management

The reporting portion is weaker than other competitors, although this is good enough to utilize in our environments.

Enhanced integration via API (typically, this is only known by few AlgoSec users).

The user interface could be a little more user-friendly. Other competitors have more of a dashboard look and feel. With AlgoSec, you have to launch new windows to see rule usage reports. It can be a little bit difficult when trying to find more information.

Our company was using old fashioned firewall devices.

We did POC on FireMon and AlgoSec. We chose AlgoSec for our company environment.

Our primary use cases for this solution are:

1. Business Security and Automation
2. Faster change management solution
3. Network Security device analyzing and optimization

• AlgoSec helps to analyze the risk, optimize the rules and policies, and improve performance in network security devices such as firewalls.
• It helps to perform the network security changes four times faster than the normal change request process.
  
• It assists in provisioning the application rapidly, which increases the organization's revenue.
• The ASMS (AlgoSec Security Management Solution) is fully focused on business security and automation. It ensures business security and agility.

The features that we have found to be most valuable are:

• Risk Analyzing: Has helped to identify the risks in security network devices in a very short time, which increases and improves security overall.
• Policy optimization and IPT: Has helped to identify the garbage rules and improve the device performance. Also, has assisted in removing any rules causing IPT failure.
• Compliance: Helps prepare for the audit in a short time, and assists with continuous compliance.
• Active push: It is capable of pushing the changes and configuration from AlgoSec itself, which decreases manual errors during implementation and configuration. 

This product could be improved in several ways, including:

• More device support - such as barracuda devices
• An automated rollback process and options in active push. when we do a active push Algosec takes a policy backup for recovery purpose. if we did any change using active push from Algosec and if the customer wanted to rollback the particular configuration, better if Algosec able provide automated rollback process through AFF rather creating a manual a ticket. 
• Software-defined WAN integration and support 
• Application-aware policy identification and optimization - now a days most of NGFW are creating applications (such as Salesforce, Skype for business etc..) aware policies using their application database. normally destination object will be these applications and not the legacy objects that we created in firewall. if Algosec able to understand these application it will be good move for future market. 

We are very impressed with the stability of this solution. The product is very user-friendly and does not cause many technical problems while in operation. Sometimes we might have issues with newly supported device integration and features.

AlgoSec has multiple form factors such as a hardware appliance, VM appliance, and software. The customer can choose the most suitable solution for their environment. Further, AlgoSec has three main components and the customer can purchase them phase by phase, based on their requirements and budget. It can scale up to the total ASMS solution using the same resources.

As per my experience, AlgoSec provides very good customer service and technical support. They are very friendly and their response time and SLA are very impressive.

We did not use another solution before this one.

The initial setup is very straightforward and easy. Further, AlgoSec provides better documentation and self-support services where we can learn, reference, and be empowered.

We are a value-added distributor of AlgoSec and have implemented this solution for many customers in addition to ourselves. Our customers are happy with the implementation.

Our return on investment with this solution is between one and two years.

The setup for this solution is not very costly. The licensing is very easy to set up, with flexible licensing methods such as subscription and perpetual. The pricing itself is also flexible, with it being related to the number of devices and applications.

Before selecting this product, we evaluated Tufin.

This solution is very useful for any type of organization with multiple network security devices such as firewalls, routers, etc, and have the goal of achieving business security and automation.

AlgoSec has main three components that can be purchased in different phases if required. They are:

• AFA: AlgoSec Firewall Analyzer
• AFF: AlgoSec FireFlow
• ABF: AlgoSec BusinessFlow

Firewall and Compliance.  We use the product to support the firewall review process and risk of over 400 firewalls

We are able to quickly review 100's of firewalls and stay compliant.  The product has been invaluable to our information security department

Policy review and compliance.  We are now using the AlgoSec FireFlow feature to help us automate the firewall ACL submission process and implementation of firewall rules.

Product has improved quite a bite in the years we have been using the product. We look forward to completing the AlgoSec Fireflow implementation and piloting the Business flow product.  AlgoSec continues to improve their product every year. 

This solution was implemented to provide risk analyse, audit on rules, and changes, as well as giving visibility to the application or project manager on firewall rules that are linked to their servers for a massive datacenter migration. 

For a massive migration, it permits project/application owners to estimate and anticipate changes which are needed autonomously and only involve the security administrator for implementation of the rules. This permits us to save a lot of time and make some firewall policy clean up. Then, when we add firewall change requests to management through this tool, it decreases the time for design and implementation significantly.

The Firewall Analyser feature is the most important and valuable part of this tool. This provides quick and simple visibility on the firewall's risk assessment in regards to compliance's referential that can be also customised to fit our organisation's requirements. 

Improve the dashboarding capability for FireFlow which is currently very limited in terms of presentation and customisation. 

Not really. Sometime after the version upgrade, a few bugs appeared. 

Not yet. 

At the beginning, support was good. 

Now as support is composed of several levels, default standard support at Level 1 is to answer by upgrading to the latest released version, if you are not using it yet.

We did not have such a tool before installing AlgoSec for a firewall policy audit with reports. We had a homemade tool for change management.  

Find a good integrator.

We went through a vendor team. His expertise was medium.

We evaluated differents solution when launching the project, like Tufin. This one was the most mature.

We use AlgoSec to integrate firewalls. I'm a senior network security engineer and we are customers of AlgoSec.

Security ratings and security rules analysis are two valuable features. In general, it's a very good and stable solution. 

I believe the customization of dashboards should be simplified and more user-friendly. Customization inside the domain level needs to be improved.

The solution is stable although there are occasionally issues with patches, but they are generally resolved quickly. The solution is extensively and regularly used for compliance reports. 

The solution is scalable. We have close to 30 firewall admins.

The technical support is good. The only drawback is that the product is not very user-friendly and it's too expensive to contact support each time we have a problem. 

The initial setup was carried out using professional support and the company was happy with the integrator. We moved our ticketing up to AlgoSec using FireFlow. I wasn't around but I think it took some time.

The license was initially renewed every three years but it's now done on an annual basis. I'm not aware of any additional costs. 

I rate this solution eight out of 10.