AlgoSec Reviews

The primary use for AlgoSec is managing firewalls and to introduce a workflow system for requesting access through firewalls, which is fully integrated with them.

It provides faster go to market with fewer resources. In one system, users are able to request access through the firewall for business services, which can be approved by the appropriate team and can be implemented automatically by the system itself. Furthermore, users are able to track whether one particular access is blocked on any of firewalls or not, etc.

The most valuable modules are Firewall Analyzer and FireFlow. FireFlow is the workflow system, whereas Analyzer is the module responsible for tracking the configuration of firewalls, routers, switches, load balancers, etc.

There are many more useful features that cannot be listed here in a detailed manner.

I would like to be able to see what objects have the same IP, but different names in different firewalls. Since the system is able to show all of the objects for the integrated devices, it can be confusing if one particular object (eg. IP address/host) has different names in different firewalls.

I have been using AlgoSec for two years.

We have not experienced any problem with the system.

The system can be run on virtual machines, so we don't have any issue with scalability.

I would rate the technical support with five stars. :-)

We always received the necessary help quite fast, and the answers were valuable.

We didn't have a similar system before this solution.

It was not so complex and didn't take more than several days until we integrated all of the important networking devices.

It was implemented by a vendor, they had the necessary expertise.

Actually, I cannot really estimate because I am responsible for the operation of the system. I can say that we have saved some resources with the automatic implementation feature.

I propose to purchase licenses for all of the networking devices in the network, because if not all of the devices are integrated then the query of particular access cannot be discovered entirely.

We have chosen this system after evaluation (RFQ). The other competitor was Tufin.

The AlgoSec Firewall analyzer has helped us to analyze and optimize our firewall by evaluating the rules and services. These include routing, access rules, and restricting both applications and servers.

This solution has helped my client to analyze and assess whether any service or routes are needed for connections that are going to be created. It has also optimized the efficiency of the firewall by evaluating the rule set.

This solution helps us to save time, making the job more efficient for our network engineer.

The features that are most valuable are the interactive topology map and the traffic simulation queries.

The MAP helps us by generating a network topology map and checking the routing table for every device that is connected. The traffic simulation queries help us to check the connection between two objects. This allows us to gather information about the devices pertaining to blocked traffic or services that we need to add.

The MAP has a persistent issue with a firewall that is using a double BVI (Bridge Virtual Interface). In this configuration, it cannot give the correct and proper topology, so the traffic simulation query cannot run properly between the source and destination.

We have used other firewall products and it is very complex to check if any connections are down or blocked. 

• To change management of the rules
• History of changes
• Risk analysis and evolution of the risk factors over time.

• Transparency over the actions made in the rulebase by the different firewall operators
• Documentation of the rules.

The traffic simulation query helps to understand which rules match or don't match for a specific traffic pattern, helping troubleshoot application issues.

We use the "rules change notification" feature to inform the different firewall managers when someone made a change. The actual change comes in a PDF file attached to the e-mail, while it would be faster to have it directly embedded in the notification mail.

Depending on your network topology, the traffic simulator might have some hard time tracing the traffic path between your devices correctly. This has already been improved in the past but could still be enhanced.

The solution is very stable. Some caution is required when you do major upgrades on your firewalls to ensure that AlgoSec can still work with the new software release of the firewall.

The setup is very easy, as it comes as a virtual appliance you deploy in your own virtual environment. The setup is straightforward, and you can very quickly add your firewalls and start tracking changes, query the traffic simulator, and so on.

The primary use for this solution is to clean-up and fine-tune firewall rules.

I found that for policy optimization it does a great job. It handles covered rules, duplicate rules, and consolidated rules.

The most valuable feature is the ability to reorder rules because of the enhancement of firewall CPU performance when they are applied.

I would like an intelligent tuner where it could help update rules with the application ID.

• A systems integrator to implement for clients
• To help them manage their firewalls that were bought from us as well.

It provides the organization by giving us visibility in the process of our clients and automates policy implementations and checks. It gives value to our managed services that we provide.

• Algosec Firewall Analyzer and Algosec FireFlow: They basically give us a full picture of how traffic flows and how we can secure it.
• The product, directly implementing the policies to be enforced by the gateways, makes life easier to the IT.

Based on the conference I just attended, it is improving by Algosec opening their API more. This allows us as a systems integrator to give more value to our clients. We will be able to integrate more things that do not come out of the box.

Stability is fine as it's been in the market for a long time.

Scalability is fine especially as they just released their CloudFlow as well.

No.

AlgoSec helps us be ramped up on our technical expertise on the product.

N/A.

Licensing is simple, and the setup is straightforward.

Yes, Tufin.

We were immediately able to leverage the workflow tools in FireFlow with ActiveChange to speed up our deployment of firewall policies.

By leveraging BusinessFlow/FireFlow/ActiveChange we have been able to reduce the time from initial requirements gathering to implementation of complex firewall designs by approximately 80% without compromising our security posture. 

Additional understanding of complex routing in multiple systems.

We have had this working in our production environment for about 6 months.

The initial deployment was unsuccessful as the product had not initially support our use of virtual routing instances on Juniper SRX devices however AlgoSec engineering was quick to deploy fixes to allow us to reach our desired outcome. 

None.

None.

Top notch.

With a network like ours - more than 100 routing points with around 6 VRF on each - traffic simulation query is one of the most valuable feature on AFA.

For FireFlow, workflow customization and active change are the best features.

In BusinessFlow, the ability to simulate documented flow against configuration by AFA is the best feature to limit differences between documentation and production.

This product allowed us to identify unused rules more easily and doing this simplifies policies in our firewall. We now have documentation of our application with objects sync with real configuration. Our approval in change management has been improve through FireFlow and errors have been reduced through change advised and active change. We also save time by identifying earlier than usual routing issues associated to a change request.

A lot of areas have room for improvement!! This product is still young and in constant development. Interaction with a lot of vendors generates a lot of firewall options (specifically, a timer on services, application control, and so on...). This interaction also generates a lot of bugs in the product. Every new version contains about 10 to 20 bugs for our environment. This is partially explained by the fact it has to understand all of the architecture and specificity associated with all of the supported vendors.

A few of the bugs are:

• Services composed with something else other than TCP or UDP are not well-handled and not working in simulation queries. (For example, AH or ESP or EthernetOverIP.)
• Traffic with same objects in source and destination are not working.
• When NAS is used to store reports, we have had a lot of bugs associated with wrong URL encoding.
• Role assignment with multiple LDAP issues.
• Some file cleanup not working as expected.
• Active change is available for only a few vendors.
• BusinessFlow doesn't offer auditing regarding object management and with a lot of application and managers, it quickly becomes an issue with duplicated objects and so on.
• There are also gaps in access right management.

I have been using it nearly two years.

Every version came with its bug bundle... In two years, we opened 50 cases and about 40 of them escalated to development for resolution. This situation is also explained by complexity of our architecture.

I have not encountered any scalability issues. Each version usually improves performance and the amount of required disk space.

Technical support is 7/10; quick to give a new version solving the issue but long to identify the issue, even when it seems to be identified from the beginning.

For example, more than a month ago, we identified a wrong link associated to NAS configuration. We can clearly see that the wrong link was being generated, pointing from the NAS directly to the NAS repository, instead of a symlink. It took more than a month for support to accept this and to escalate the case to dev. After dev escalation, we are expecting a fix on Monday. So, it took four weeks to acknowledge the issue and two weeks to be fixed by development.

We did not previously use a different solution.

Initial setup is straightforward; some custom options can be tricky to set up, but will not be used by most customers.

Be careful with VRFs. One router with two VRFs consumes two licenses. So a new VRF configured on all routers will double the number of licenses required on routing elements.

We benchmarked Tufin before choosing AlgoSec. We chose AlgoSec over Tufin for its capacity to be more customized and its support for MPLS and VRF.

Offer me a job. ;) I will help you set it up.

More seriously, test it with caution through a POC to be sure that all your architecture specifics are addressed. If not all of them are addressed, ask for a commitment regarding support of missing features and ask for those commitments to be written down before ordering.

• Centrally manage firewall flow requests
• Approval/implementation and validation
• We can easily make our firewall flow change requests using the web interface.

It would be great if the product could be more simplified when defining the rules.

Documentation could be added to the tools, then generate documentation and send it to the relevant people.