AlgoSec Reviews

App Flow, Firewall Analyzer, and FireFlow are utilized. For gap-cleaning efforts to improve the firewalls and to gain visibility into firewall rules, we use AlgoSec. In order to maintain a clean environment, have a set of firewalls that are optimized, and then automate the deployment of firewall rules, we also employ the solution as a firewall assurance tool.

Our goal is to increase our understanding of firewall regulations. We utilized this tool to conduct a gap-cleaning project and tidy up our firewalls. Furthermore, we rely on this solution as a firewall assurance tool to ensure our rules are optimized and up to date. Additionally, we use this tool to automate the entire process of deploying firewall rules, ensuring a smooth change process in FireFlow, and allowing us to automatically deploy the firewalls on our appliances.

Security policy management entails far more than simply inspecting a device and applying certain rules. It is all about improving and automating time-consuming security processes so that staff can concentrate on more strategic responsibilities. AlgoSec FireFlow, for example, enables enterprises to process security policy changes in minutes or hours rather than days or weeks. It automates the entire security policy change process, from design and submission to proactive risk analysis, implementation, validation, and auditing, using intelligent, highly customizable processes.

The most valuable aspects of the solution include:

Dealing with misconfigurations. Automating manual processes reduces misconfigurations and prevents nearly all firewall breaches caused by misconfigurations, rather than flaws.

Automation as a strategy. Network policy automation is not an end unto itself. Rather, it supports the business strategy of maintaining security, ensuring SLAs, increasing cooperation, and reducing friction between departments. It improves competitive differentiation through better customer engagement, e.g., by moving applications to the cloud. Network policy automation aids regulatory compliance, and frees IT time from housekeeping so it can be applied to digital transformation and supporting strategic initiatives.

Understanding visibility requirements. With the help of advanced NSPM tools, network administrators and security managers can gain a deeper understanding of their network devices and business applications. By analyzing traffic flows across various vendor devices and hybrid infrastructures, they can identify security vulnerabilities, simplify troubleshooting, and uncover new applications and services.

To provide comprehensive instructions on product integration, a manual page can be added to the dashboard at the integration point. This will make it simple for the system administrator to incorporate new goods, even if they are unfamiliar with them thoroughly. Every time we integrate a new product, we shouldn't have to wait for coordinated work with a product specialist.

Due to the fact that AlgoSec's user interface is less friendly than that of other programs, it might not be appropriate for persons with little experience in security or IT. It does, however, allow for more customization. As a result, the interface can be regarded as more sophisticated.

I've been using this solution for the last two years.

For cybersecurity, AlgoSec automates application connectivity flows reliably.

The scalability is available via:

High-Availability. AlgoSec appliances can be clustered for fault tolerance, ensuring availability if system components fail.

Disaster Recovery. AlgoSec appliances can automatically synchronize data with offsite appliances to provide redundancy and ensure data preservation in the event of a failure at the primary site.

Geographically Distributed Architecture. AlgoSec appliances can be deployed across distributed sites for the local collection of logs and rulesets.
This data is then efficiently transmitted to a central appliance for processing.

Load Sharing. AlgoSec appliances can be clustered to share data workloads across multiple appliances for faster data analysis and reporting.

It was a wonderful experience dealing with customer service and support.

Positive

The initial setup is straightforward.

We implemented the solution in-house.

We've noted ROI in the following ways:

Automation. By analyzing the firewall rulesets, the network topology, and your corporate security policy, FireFlow can save more than 50% of the time required to process a firewall change. From automatically pinpointing the exact devices that need to be changed, to proactively assessing the risk and designing the change in the most optimal way. With AlgoSec’s ActiveChange technology, administrators can also automatically execute the change on the firewall and save even more time.

Accuracy. As much as 30% of requested firewall changes are not required, and many others are implemented incorrectly. FireFlow can automatically identify and close “already works” requests, and also ensure changes are performed exactly as requested.

Auditing. In order to meet regulatory and internal security requirements, IT find themselves spending a lot of time ensuring each change is properly documented to address any questions an auditor may have. FireFlow maintains a detailed history of every step of every change request and saves precious time. It even identifies changes that were performed without a formal request.

AlgoSec is a useful firewall management tool for organizations that require management of multiple firewall levels.

We use AlgoSec Firewall Analyzer and AppViz. We have bought the FireFlow license, but we do not use it currently. We plan to use it, but we are not using it right now. 

Firewall Analyzer is helpful for network assurance and meeting some requirements of PCI DSS. 

We use it to manage only our on-prem environment. Our network environment is mostly on-prem. We do not use cloud networking. We have an internal cloud, which is hosted in the Netherlands, but it is like a private cloud.

It gives us a pretty good understanding of what's going on in our network in terms of network security policies. In terms of the overall visibility that it gives into our network security policies, I would rate it a nine out of 10.

For preparing for audits and ensuring that our firewalls are in compliance, Firewall Analyzer gives a great overview of what's going on with the firewalls in terms of rules, etc. It offers a great input for auditors or for reporting to auditors.

We use Firewall Analyzer in order to monitor the PCI DSS network area. It is helpful for meeting some requirements of PCI DSS.

We work with multiple security vendors. It works when it comes to integrating it with the leading vendors. We didn't have any problems integrating with the solutions of our top three vendors.

Firewall Analyzer and AppViz are the most important features because they provide a lot of information regarding network segmentation. For us, this is a valuable input in order to provide network segmentation for various applications that we have developed in-house or that we bought from vendors. Our network is not properly segmented right now, but we plan to do it using AlgoSec. This is the most important feature for us right now. We also plan to use FireFlow in order to automate the firewall change management.

The Firewall Analyzer module can be improved to implement a vulnerability management solution, or they can link Firewall Analyzer with a vulnerability management solution in order to get a better overview of what's going on in our network in terms of vulnerabilities.

We started implementing AlgoSec in April this year.

So far, so good. We didn't have any problems. It is pretty stable.

From what I've heard and what I've read on their portal, it is pretty scalable. There are no issues around this.

We have not opened any tickets on the portal. We have a dedicated support person who assists us in the deployment. They are pretty fast to react. If I ask them a question today, they will respond very quickly.

We didn't have a different solution.

It was pretty straightforward. We started implementing AlgoSec in April this year. We are not fully into production, but we have been using it since May. Technically, it took less than a month, but we still have to do some paperwork in terms of security procedures, security monitoring, etc. So, it has been all paperwork from May till today.

The patching process of this solution is also pretty straightforward. They provide monthly patches, and it doesn't take a whole bunch of people to maintain it. Just one or two people can do the job.

Even though we had a reseller involved in this process, we did it on our own but with a little help from AlgoSec.

We have not yet seen an ROI. We are currently at the beginning of implementing the solution, and there is still a lot of time before we see a return on investment.

Price is not my concern. If a tool does its job, it is not my concern to obtain a good price for it. If a tool is needed, we are going to buy it.

We evaluated other solutions such as Skybox, Tufin. We found the graphical user interface of AlgoSec to be very user-friendly. It provides the information that you need. The information that you need is very well organized as compared to other solutions.

It depends on your needs. If you want to have a better overview of your network, AlgoSec is a tool that you can rely on. You can have an overview of your network by using your own equipment, but you have to dig in deeper. AlgoSec provides better visibility with a little amount of effort.

We haven't had any breaches in the past. We have not used it to implement and manage microsegmentation initiatives. We use it for network segmentation, which is done at the network level which includes firewalls, switches routers, and so on. Network segmentation is an ongoing process. 

I would rate it a nine out of 10.

Our company has a very large technical estate, with over 90,000 staff and 80,000 computing devices, it was imperative that we found a firewall security management tool that allowed us to speed up the process of change requests when it comes to our firewall IPS team, as they were becoming overwhelmed with the volume of requests.

AlgoSec has improved our organization in terms of improving efficiency within our firewall setup. It has added automation to working process that has helped us achieve our initial goal of reacting faster to incoming requests, which as a result of allows the relevant teams time to focus on other areas of importance.

The best feature for us is the ability to automate the change requests that come through our service desk, which is done via the tool's intelligence to analyze the conditional rules. As previously mentioned, this used to be a big time sink for the guys which is now less of an issue. This means that the company can claim back valuable man-hours for other means (also showing a labour cost saving to the board).

For the most part, this AlgoSec tool does meet our needs. If I was to think of any improvements I think the main one that stands out to me is confidence in future proofing. A good example is that we are looking at various SOAR which we'd like it to be fully compatible with (but not entirely convinced it is yet). Lastly, I have also heard a few qualms about the technical support and that it could be improved. However, this doesn't detract from the value the tool brings to our business.

Algosec is a cybersecurity tool that benefits the organization with a smooth operation of the network infrastructure and by managing the firewall. 

It is user-friendly and easy to implement and manage. It can be installed on-premises as well as on the cloud. It visualizes the complex networks and creates a dynamic network topology map. 

Using Firewall Analyzer, security and operations teams can optimize the configuration of firewalls, routers, web proxies, and related network infrastructure to ensure security and compliance.

Algosec helps with device onboarding and offboarding, managing access, and overseeing information security.

Algosec helps customers across the globe optimize their firewall policies and bring the best performance.

AlgoSec supports a wide range of devices and is constantly working to include support for many other vendor devices.

The solution checks on vulnerability scans often and reports.

Auto policy orchestration has helped our organization.

We can get all the firewall-related data with a single click. There is effective work on synchronizing with all the firewall gateways, including the management server.

The most valuable aspects of the solution include:

• Hybrid network security topology. A centralized dashboard provides a bird's eye view of the company's network infrastructure, like firewalls, routers, switches, and cloud.
• Security Policy Management. Automates the entire security policy management process.
• Compliance. Conducts complaints checks.
• Audit capabilities. Generates comprehensive reports for auditing.
• Cloud security management. Manages security policies in both on-prem and cloud environments.
• Network segmentation. You can design and implement the network segmentation that controls security breaches.

The solution needs improvements in the following areas:

• Algosec does not support vendors like Sophos, SonicWall, Forecepoint, and so on.
• Traffic simulation and fire flow need to be improved.
• The solution has insufficient documentation.
• They need to improve tech support in India.
• Deleting objects from each firewall is tedious, and it has to be done manually.
• An effective topology diagram can be provided.
• It is a challenge to combine different security vendors. 
• To upgrade, we have to upload package files which can be downloaded from the Algosec website, however, downloading takes time.

I've used the solution for two years.

We did not previously use a different solution.

We did not evaluate other options. 

The company has a lot of sites that are involved in food production and has locations with on-premises firewalls and a data center. There is a cloud in Asia as well.

Right now, AlgoSec is being used to optimize the firewall and the firewall policies, and to clean up any unused rules or those that are too open.

We have 10 to 15 users.

I like that the firewall will analyze the tools within the risk profiles and the policy optimizations within the AFA. This can also be used to create reports for the customer with the risk profiles to optimize the firewall rules.

I think it's a powerful tool that gives good visibility. One of AlgoSec's nice features is the map of your entire environment. When you need to change something, you can see the whole path for the traffic, that is, where you need to implement the change, where the traffic is blocked, and where it's allowed.

AlgoSec provides full visibility into the risks involved in firewall change requests. This is important because when your environment grows to a certain scale, it becomes harder and harder to get the full overview of all your firewalls and rule sets.

AlgoSec can reduce the time it takes to implement firewall rules. I tried the FireFlow module in a course with AlgoSec. With active implementation, it smooths out the process so much more. If you have two or three firewalls that you need to implement, AlgoSec does everything for you. It reduces the time in terms of both looking through your environment to see where you would need the firewall rules and implementing them as well.

If you're just looking at your firewalls, you might not notice all the security risks and open rules. AlgoSec's automation helped to reduce human error and misconfigurations. It helps with cleanup and keeps your firewall as tight as possible. It helped to simplify the job of our security engineers.

Our organization works in multiple environments, and the firewalls are located across the globe. This solution enables us to manage these multiple or dispersed environments in a single pane of glass.

I'm responsible for the maintenance of the server, that is, patching and upgrading, and it's straightforward. It cleans itself up with the retention and everything you configure on it. 

All our firewalls were renamed, and AlgoSec saw these devices as new devices. As a result, all the reports from the same device but with the old hostname were no longer connected. AlgoSec did not clean up the old reports as well. After a few days, it depleted its own storage, and then, the server became inaccessible. 

There's no fail-safe for AlgoSec to not stop creating reports if its own storage is at 98% or 99% capacity because the server becomes inaccessible when it reaches 100%.

I've also been fighting an issue with the Chisel service running on the server regarding AlgoCare for some time now. I have been in contact with AlgoSec's technical support regarding this, and they've been helpful and responsive.

I've been using AlgoSec for six months, but the organization has been using it for some time.

When it doesn't fill its own storage and kills itself, the stability is fine. It has only happened one time; the ms-metro service went down, so the web GUI became inaccessible. All in all, though, the stability is good.

AlgoSec's technical support is swift, knowledgeable, and professional. We had some issues when we upgraded from A32.10 to A32.20, and they helped us to get it up and running again. All the contact I've had with them has been very positive, and I'd give them a ten out of ten.

Positive

Consider whether your infrastructure needs this solution. The organization should be a specific size before this product will come in handy for you. If you are a large enterprise with a lot of sites and a large infrastructure, then you should certainly consider using AlgoSec. I've loved working with it and would rate it a ten on a scale from one to ten.

We use Firewall Analyzer from AlgoSec. We are mainly using AlgoSec Firewall Analyzer for auditing and analyzing firewall configurations. We have added different vendors inside AlgoSec for analysis. We have added Palo Alto firewalls, Fortinet firewalls, and Cisco firewalls. We are using all of these in our network.

There's an option to collect logs and send them to AlgoSec, but we are not using this option. We have other solutions for this purpose. We have Darktrace, IBM QRadar, etc.

In terms of our network environment, for the on-prem network, we have different security zones. For the data center, we have different DMZs for internal applications. We have different networks in different locations connected to our corporate network. About 90% of our applications are on-prem, and we only have the websites on the cloud.

It's helpful for auditing firewall configuration. If there is any mistake on the configuration side, it helps us to fix it. If there is a complication or there are unused security policies, it suggests removing or double-checking them. It's a good product. It's stable and gives us accurate results.

We have a network with more than 10,000 users. We have a lot of security devices for finance, remote sites, and corporate. AlgoSec is helping us to review and do auditing of the security device configuration. It's helping us to audit and review the configuration for any mistakes for firewalls, web application firewalls, proxies, etc.

When we add a security device, such as a firewall, it analyzes the configuration files for the firewall and gives us a brief of everything, such as security policies, routings, and objects. It lets us know if there is any mistake in the configuration, which is helpful for us. It gives us good visibility of what we have inside our security devices. For example, one of the firewalls that we have has more than 500 security policies. With manual auditing, we cannot analyze or review such a huge configuration. So, we are using AlgoSec Firewall Analyzer for this purpose, and it has saved more than 70% of our time.

It reduces human errors and misconfigurations. It lets us know if there haven't been any traffic hits for a policy for a long time. We can then review the configuration to see why there are no new hits for this. We are reviewing all of this every six months. It makes our work easier. It simplifies the job of security engineers.

Being able to analyze the environment and audit firewall configuration is most valuable. We are working here in the oil sector, and it's a critical environment. Every six months we have auditors coming from the main office and doing auditing for security. We are using AlgoSec Analyzer to help us to do the audit before the auditors come to our office and do the auditing of our security devices. So, it's helping us to do good work and analyze all security devices, including firewalls.

My only concern is related to how they count the number of licenses. We have active and standby devices. If someone adds the standby device by mistake and does an analysis, it consumes two licenses. They need to improve the way they are counting the number of licenses because someone can do analysis on a standby device by mistake. We need a way to fix or solve this issue.

I noticed that some of the oil companies in Kuwait have started to use AlgoSec Analyzer. I see AlgoSec solutions in Kuwait. AlgoSec needs to have sales engineers here. They should have presales or sales consultants so that they can offer solutions to companies in Kuwait.

We have been using AlgoSec for more than four years.

It's a stable solution.

It's scalable. We have 10,000 users accessing services and the internet. We only have two users who are accessing and working with AlgoSec. They are security engineers.

They are cooperative. If we face any issues, we just send an email or open a case through the portal. We can contact them directly. We don't face any issues with their support. I would rate them a 10 out of 10.

Positive

I have not used other tools. We know AlgoSec is a leader in this industry. We haven't faced any issues in the last four years while using the AlgoSec solution. We haven't done any research on other solutions because we haven't faced any issues with AlgoSec.

It's very easy to do the initial setup. It's not a big issue. In about two days, you can configure your device, activate the license, and add security devices. If you have an admin account, you can allow AlgoSec Analyzer to access security devices. 

Its management is not a big issue. Only one person can maintain it.

We have seen an ROI. That's why we got this solution. We knew how we would use it and what would be its benefits. We have seen about 60% or 70% ROI.

We purchase licenses based on the number of security devices in our network.

When I have active and standby firewalls, if I do an analysis of the active firewall and by mistake, I also do an analysis of the secondary or standby firewall, it'll consume two licenses from the total number of licenses I have. So, I need to change the license and make the active firewall secondary. They need to improve how they are counting the number of licenses. We have discussed this with the consultation team of AlgoSec.

I would rate it a 9 out of 10. It's a good product. It's working fine without any issues. We don't face any issues. Our only concern is how they are counting the total number of licenses.

My main use case is as a firewall analyzer module where it can be further broken down as follow: 

1) Network topology visualization: visualizes a network traffic path during troubleshooting

2) Policy optimization: uses optimization and clean-up recommendations to perform annual housekeeping of the firewall

3) PCI DSS compliance: follow the out-of-the-box checklist to prepare for a PCI DSS audit

4) Risk reduction: uses the recommendation of the risky rules to address all the critical and high-risk rules

5) Monitor changes:  monitor for firewall-config changes in real-time via email alerts

The solution has improved our organization in multiple ways. We can:

• Easily understand and provision application connectivity to accelerate application delivery and minimize outages

• Process firewall changes 4x faster, and eliminate misconfigurations and rework

• Proactively assess the impact of network changes to ensure security and continuous compliance

• Simplify and automate internal and regulatory firewall audits, and reduce time and costs

• Streamline communication across the application, network and security teams

• Deliver a tighter security policy that provides better protection against cyber-attacks

The product is great for:

1) Network topology visualization: reduces network troubleshooting effort which contributes to quickly restoring network or application outage.

2) Policy optimization: reduce/consolidate the number of rules created prior to the existence of AlgoSec Firewall Analyzer in order to free up hundreds of rule capacity before reaching the max rule limit of the firewall.

3) PCI DSS compliance: helps to highlight the area which firewall admin need to take note and address in a streamlined and structured manner.

4) Risk reduction: helps to quickly identify the risk that exists in existing rules and provide useful recommendations that help the firewall admin to remediate with ease.

5) Monitor changes: helps firewall admin to comply with security requirements of providing real-time security alert whenever a change is made, with detailed info on what was the value before and after.

The FireFlow's out-of-the-box workflow configuration/customization wizard could be improved to be more user-friendly and have a shorter learning curve. The current configuration wizard is quite complex and complicated, which will result in the need to engage with an AlgoSec professional services team to perform even the simplest workflow adjustment.

I had tried AlgoSec's direct competitor's workflow configuration wizard and found it to suit most organization requirements even though the customization capability may not be as advanced as AlgoSec.

I've used the solution for six years. 

The setup is fairly straightforward.

We did also consider Tufin.

We utilize this solution to manage policies for our firewalls. At first, we used it to keep a record of our policies: Who changed something, when, and whether the policy is allowed or not. We now use it to map our traffic flows and to flag a policy that is not allowed by the criteria we have set for our different types of firewalls.

We used it initially to go through all of our policies on over 800 firewalls, to organize the policies and map out our policy flows to certain zones. That enabled us to know how to structure our policies.

We spent a year going through our firewall policies to clean them up because before, when we were on Cisco ASA firewalls, we had a very hard time regulating what types of firewall policies were being created, and it was even harder to review them. After we moved to Palo Alto firewalls, we decided that that was the best time to load our policies into AlgoSec and review them. That way we not only converted to a more capable next-generation firewall, we could also ensure the policies were strong.

AlgoSec has helped significantly with our firewall compliance. Before AlgoSec it was a very manual job to go through firewalls and look for risky rules. Now, we get alerts when a risky rule is created. This allows us to maintain compliance and run compliance checks monthly. As a result, we have saved many hours of work by our operations folks. They were the ones who had to manually review all of the firewall policies and create evidence of their review in a very scrappy fashion.

With AlgoSec, we can show a view of firewall compliance that is clean and easy to read and present. This also helps our business units ensure their policies are clean. With that data, we are able to show management that the firewalls connected to our network, but owned by other business units, meet our standards.

We like that we have been able to identify risky rules, based on the criteria we have set. We also like the ability to push policies from AlgoSec to the firewalls to ensure risky policies are never created in the first place. That's a feature that will help us in the future as well.

We are moving towards an automated environment so the ability to work with Ansible, ServiceNow, and Palo Alto gives us the ability to automate our firewall policy creation. And it does so in a manner where we do not have to worry about a policy being created that may put our organization at risk.

Support for Layer 7 policies, including User-ID and threat profiles with Palo Alto firewalls, has been a pain point from us. We would like to include the additional info specifically because we believe it changes the riskiness of the rule if it is only set for a specific user or a group of users. For example, if we have what looks like an "allow all" to a certain /24 network, but for only one user, we would give that a different score than if no user was identified.

AlgoSec has been very stable for us.

It scales well.

We have had our issues resolved very quickly.

We used Tufin. 

The initial setup was very simple. We just set up SNMP.

We used a vendor team and they were great.

The ROI for us is the great assurance we have in the security of our firewall policies.

Be sure to scale properly.

We evaluated Tufin.

This solution will help you significantly with compliance, the part of your job that may not be your favorite.