AlgoSec Room for Improvement

josemendes
Security Engineer at Euronext
One important area for improvement is the support for Dell switches, which we have a lot of in our company network. At a minimum, we would like to get information about the routing table to complete the work diagram. We have been told that AlgoSec is working on this, and we expect to have support for those devices soon. We would like to see more features in the GUI so that we don't have to work with the API as extensively. For example, a feature to schedule pushes to the Firewalls at a pre-defined time would be great for us. This way we can schedule the operation to be done at the end of the day, after hours, and have no impact on the users. View full review »
Sergi
Service Delivery Manager at Schneider Electric
What the technical teams report to me is that the network maps are a concern and should be improved. It would be easier if the network maps could be updated using the GUI portal instead of from the OS. This would benefit the operations teams working daily with this tool. In the end, we are striving to improve efficiency, and taking into account that Operations are really under pressure from SLAs to keep support ticket queues clean, and with the least amount of backfill possible, it is key to get better tools that make it easier and faster to update the network maps. View full review »
NetAdm81724
Network Administrator at City of Calgary
We love all the features of this device. It can be a bit expensive for small companies but they also have a VM model for that. It seems that AlgoSec created a VSYS (Virtual system) for each virtual router name, even though our firewall has only a single VSYS. We are ok to work with this, but if this can be fixed in a future release then that will be great. View full review »
Find out what your peers are saying about AlgoSec, Tufin, FireMon and others in Firewall Security Management. Updated: March 2020.
405,901 professionals have used our research since 2012.
Riyas Mohammed
User
This product could be improved in several ways, including: * More device support - such as barracuda devices * An automated rollback process and options in active push. when we do a active push Algosec takes a policy backup for recovery purpose. if we did any change using active push from Algosec and if the customer wanted to rollback the particular configuration, better if Algosec able provide automated rollback process through AFF rather creating a manual a ticket. * Software-defined WAN integration and support * Application-aware policy identification and optimization - now a days most of NGFW are creating applications (such as Salesforce, Skype for business etc..) aware policies using their application database. normally destination object will be these applications and not the legacy objects that we created in firewall. if Algosec able to understand these application it will be good move for future market. View full review »
reviewer1175712
User at a energy/utilities company with 10,001+ employees
Support for Layer 7 policies, including User-ID and threat profiles with Palo Alto firewalls, has been a pain point from us. We would like to include the additional info specifically because we believe it changes the riskiness of the rule if it is only set for a specific user or a group of users. For example, if we have what looks like an "allow all" to a certain /24 network, but for only one user, we would give that a different score than if no user was identified. View full review »
MarcelTe
IT Technical Consultant at Schneider Electric
There are a few things that we have already raised to AlgoSec in order to improve the tool. First, as the highest volume in our network is SaaS traffic, we need to secure this connection. To secure SaaS traffic there are a few vendors such as Palo Alto and Zscaler, but AlgoSec is not yet able to push rules onto these clouds. It’s in the roadmap but this is something that blocks our whole design. The network map design is not very useful for the administrator as the information displayed is not user-friendly. View full review »
Paltxe
Network Engineer at Schneider Electric
It would be very helpful to have a direct link to the relevant firewall policy embedded within reports when there are warnings or risks indicated. Regardless of how serious the risk is, we could jump to the policy with a single click. In this way, the administration would be much easier and we would not have to be changing the screen every time we want to look at or modify something in our firewall. I understand that they are third-party software packages that can achieve this, but it would be more comfortable to have it integrated. View full review »
TiagoCerqueira
Network and Security Engineer at Euronext Technologies
The product is severely lacking in vendor support. They claim to support some devices, but when you dig deeper, it is only basic support, with enterprise-grade features for those devices being unsupported. This is a big deal for us, as several sections of our network are not fully supported which, in turn, does not allow us to fully automate rule creation. Moreover, we cannot perform end to end connectivity checks. One such feature is the lack of VRRP support on devices other than Cisco or Juniper, which causes the software to interpret a non-existent router as the next hop for a particular flow (the VIP address of the VRRP). View full review »
Srdjan
Senior Technical and Integration Designer / Center of Excellence / Europe & Indonesia at Ahold Delhaize
All of the search options needed are there but the search menu could be a bit more intuitive. In other words, I can perform any search I want without any problems but combining different search parameters can sometimes be a problem. Creating more intuitive menus could be helpful, especially for the first-time users. For example, it would be useful to be able to save searches with complex structure so they can be easily reused with simple change of parameter. Also, "contain" criteria sometimes misses just like ability to search using any value in basic search box, instead of reaching out to Advanced search (it would be great if simple typing IP address, or Project ID in basic search box lists all rules containing such a value). View full review »
reviewer1126863
User with 10,001+ employees
The user interface is better than some competitors, but it is starting to get old. Space is not always fully used, especially for the risk and compliance part. As example today, Excel file should be used to deal with network segment definition and risk matrix, it is hard to do it directly from user interface and there is no way to organize, order a set of test. Priority should be to improve the user interface for the risk and compliance part, making it more responsive and user-friendly. View full review »
NetworkAdmin
Network Engineer at Ti Automotive
The GUI has not been upgraded for a long time and could use updating. View full review »
Tim Wackenhuth
IT Security Engineer III at Paychex, Inc.
I would like to see more object-based reports on groups and object usage. When cleaning up old rules, it is easy to disable the rule and then delete after a while. Trying to find unused groups or used objects in groups gets a little harder and I would like to see an easier view into those objects. View full review »
Abasi WInt
Security Engineer at Genuine Parts Company
Currently, the product is doing everything we have asked for. Its a huge component for our Firewall maintenance. One key component is the integration with ServiceNow for Firewall rule requests. This helps expedite the process and track every step from user to configuration. Some area's where the product can improve is with the knowledgebase. Sometimes you have to do additional reading for your particular error. Some additional features I'd like to see are for the reports. As opposed to showing me the entire objects/rules on the change detection email for that particular firewall, I'd like to see just the changes. I think this would be beneficial to none technical personal that may get overwhelmed with all of the data. Also, having a Linux or programming background makes troubleshooting easier. That is one challenge I'm working on now to improve fixing our issues quicker. View full review »
Nick Rose
Network Manager at iPSL
* The maps are a little clunky and could be made easier with some automatic layout technology which assists in spacing out the devices for easier viewing. View full review »
Robert Silvia
Senior Security Analyst at The Hartford Financial Services Group, Inc.
We have had challenges with technical support as mentioned earlier. However, we have a new account team and they are very responsive and addressing our concerns. View full review »
Sergio Vieira
InfoSec at Euronext
The reporting component of AlgoSec Firewall Analyzer is something that, in my view, has room for improvement. It will be welcome in a future version the possibility of having greater granularity, for example when defining the information that we want to see in the reports, to define customized reports by group / user and to make a scheduled sent of the reports. Being more specific, in our use case for operational teams the report to send would only be the summary of changes of all the rules of a day by Firewall. Focused, without adding unnecessary information. Other use case is for GRC teams. The report to send should only be the summary of risk changes of a week or a month, per Firewall. Again focused, without adding unnecessary information. View full review »
reviewer1114632
User at a transportation company with 10,001+ employees
Some UI experience is a little clunky (for e.g. MAPS module) and could be made more user-friendly. We experienced some initial challenges with technical support, although this considerably improved once the teams got to know one another. The API support isn't as versatile as we would like it to be. It needs more integration. View full review »
Sunil Kumar.
User at Maple Leaf Foods
There is huge scope for improvement in the level of support, especially around the issue of resolution time. That is the only negative point I find in the solution. I hope you guys will work on it and improve your resolution time which will help customers to keep their AlgoSec device healthy. View full review »
reviewer1275342
IP network expert at a comms service provider with 201-500 employees
I would like to be able to see what objects have the same IP, but different names in different firewalls. Since the system is able to show all of the objects for the integrated devices, it can be confusing if one particular object (eg. IP address/host) has different names in different firewalls. View full review »
reviewer1173033
DevOps Engineer at a tech company with 10,001+ employees
* AlgoSec support needs improvement, and support needs training to better understand customer issues. ( Support team repeatedly fails to understand the customer issues, Response to the support ticket based on the severity is very poor, support team responses to severity 1 or 2 tickets are very very slow. Customer support representative need training on how to handle severity 1 or 2 tickets) * Integration with other appliances needs improvement. ( AlgoSec integration with other ticketing systems like Service Manager / Service now is not good, It needs to have better integration with ticketing systems like Service Now and Atlassian JIRA) * Documentation needs improvement. ( There is lack of documentation integration with other ticketing systems like HP service manager, Rest APIs, SOAP) * There are limited sets of Python API calls, so they need to add more features in the API. * The FireFlow template does not allow the user to perform external actions like sending an email or triggering a specific action. It needs improvement there. View full review »
Julian Santos
User at a wireless company with 10,001+ employees
I believe Active Change needs to be improved because not all products are supported, and some functions cannot be implemented by Active Change either. Technical support needs to find solutions more quickly. Active Change could implement routes in Firewalls, it should also be able to perform the creation of APP control and URL filter rules. View full review »
reviewer946827
User at a healthcare company with 1,001-5,000 employees
I always wanted AlgoSec to support cloud base security firewalls such as Amazon security groups-AWS or Microsoft Azure network security groups. Hoping they will have it ready by end of 2018. View full review »
reviewer1278546
Senior Network Engineer at a energy/utilities company with 1,001-5,000 employees
There are sometimes issues with the Risky Rules reports where the number of hits is registering zero, but we know that this is incorrect because we have checked the rules and see that they are indeed registering traffic. Sometimes the Trust setting on Firewall rules is changing to trusted by itself. View full review »
reviewer1068567
User
There is room for improvement in the rollback process. What we would like to see in the future is related to support. For integration with newly supported devices, we require a proper support matrix with an escalation process. View full review »
Alberto Selma Tamarit
Senior Networking Engineer at Schneider Electric
It would be nice to have a good tool for network map discovery in the GUI to make it more user-friendly. I would also like to be able to check and modify network maps in a graphical and more intuitive way. This will improve our network overview for new deployments and troubleshooting. An API to connect to Palo Alto Prisma and Zscaler to be used after SD-WAN deployment would be a helpful feature. We have discussed this with AlgoSec and are hoping to see it in the near future. View full review »
Thiago Bujnowski, PMP
Defensive Security Leader at Stone Pagamentos
* Support more and more vendors, like minor ones: WatchGuard and others. * Also, it would be interesting if it could analyse iptables and IPFW rules and support migration. * Windows Firewall and Forefront would also be nice since we often need to migrate from those platforms and prove the value of the newly installed solutions. View full review »
Mustafa Karanfil
Network Security Engineer at Türkiye İş Bankası
Cisco Firepower device support is limited in our AlgoSec system and I think AlgoSec can improve in that area. For example, in FireFlow we can easily track using the ticketing system to integrated Check Point devices. However, with Cisco Firepower devices, we couldn't integrate with them. View full review »
Mark DeLongchamp
Global Network Security Engineer at General Motors
Faster HA/DR failover - with very large databases, it takes a long time to failover / failback. Provide even more REST API calls (ex: rule removal API) View full review »
reviewer1028451
User
AlgoSec is my favorite tool because it does what it is designed to do and it does it well. The service I've received from their support teams is second to none. They have always successfully answered my questions and solved my problems. So, it is difficult to improve a solid solution but, not everything is perfect. Having executive type reporting capabilities which explain the security posture and scoring to provide to executive management would be a nice feature to add. Reports can be printed, but an executive summary report would be an improvement. View full review »
STALIN PAULRAJ
Manager - Network Service Delivery (IP & Security) at Prudential Corporation Asia at Prudential Corporation Asia
ABF is not very mature compare to AFA and AFF, but the module and concepts are quite good. I would suggest more concentration on ABF, especially on object and application permissions. View full review »
reviewer1242069
User at a sports company with 1,001-5,000 employees
I would be nice to have a good tool for network map discovery in the GUI to make it more user friendly and be able to check and modify network maps in graphical and more intuitive way . This will improve our network overview for new deployments and troubleshooting. View full review »
Arieh Shalem
Director of Information Security Operations at First Quality Enterprises
I would like to see Bi-Directional API support in order to integrate with SOAR platforms that provide SOC automation and IRR. Integration with CISO dashboards would be an improvement. It would be nice to have support for IaaS, CASB, and DLP tools, which will allow full life cycle management of security incidents. It would be nice to have an out of the box "best practices recommendation" with the relevant "what-ifs". View full review »
reviewer967575
User at a energy/utilities company with 1,001-5,000 employees
* Integration with multi-vendor firewalls such as SonicWall, WatchGuard with APIs needs to be considered in future releases. * I would like to see the product and advanced integrations with the hybrid cloud in order to measure the workload performance and outcome. View full review »
Idan Malei
Global Network and Security Team Leader at Ormat Technologies, Inc.
The pricing structure is not good because there is no difference between a Data Center firewall for a small branch. The pricing for smaller installations should be lowered because sometimes there is just no ROI to add AlgoSec to the small branch offices with only 10 rules. View full review »
Security-Architect-Lux
User at POST Luxembourg
The production needs to be smarter and maybe have some AI capabilities to provide better firewall optimization and workflow integration. View full review »
reviewer1109571
User at a retailer with 10,001+ employees
AlgoSec now has cloud products that they are rolling out. This is the next space for which everyone is dedicating more resources. We would like to see them utilize the cloud to help with performance improvement, and with various processes needed on a daily basis. We have two remote agents that help with daily processing and would like to integrate more power from the cloud to be as flexible as possible. View full review »
MarcelKocybik
Key-Account-Manager at DATAKOM Gesellschaft für Datenkommunikation mbH
It is always possible to improve the product. We would like to have a kind of "Time Capsule" to be able to restore to a certain state from a backup. We would like to have a BSI Compliance Report for Germany. Interfaces are worked on continuously, and small firewall manufacturers such as Sophos should still be included as standard. View full review »
reviewer859881
Director of Cybersecurity
A modernized GUI would be a nice feature upgrade. The GUI looks a little outdated. There are a lot of updates for the product which have been good. However, it is a pain to always have to upgrade the product. View full review »
Zach Sloneker
IT Security Analyst at The Hartford Financial Services Group, Inc.
Support/upgrade processes and documentation. The platform would benefit from additional support articles and guides on the Algopedia knowledge base. View full review »
reviewer1000023
User with 10,001+ employees
Although I'm very satisfied with the product, one of the ways of improving the product could lie, perhaps, in the acceleration of the analysis process and especially in the section — traffic simulation query. Another improvement would be the support of an orchestration of different firewalls in a heterogeneous environment, mainly at the level of the management of the objects so as to have a homogeneous nomenclature. View full review »
reviewer1113381
User at a manufacturing company with 10,001+ employees
The reporting portion is weaker than other competitors, although this is good enough to utilize in our environments. Enhanced integration via API (typically, this is only known by few AlgoSec users). The user interface could be a little more user-friendly. Other competitors have more of a dashboard look and feel. With AlgoSec, you have to launch new windows to see rule usage reports. It can be a little bit difficult when trying to find more information. View full review »
reviewer1017186
User
The product or service could be improved by orchestration or automation that will help in changing the rule sets on the firewalls based on the detected used services/ports and IP addresses. View full review »
Andre Santiago
Senior Consultant at Deloitte Portugal
The network mapping interface could be improved in the next version. In a complex landscape, with several nodes/equipment, it can be somewhat more difficult to properly visualize the network map. It requires several zoom-in and zoom-out operations, and it is not so visually appealing. Nevertheless, it is still a valuable feature and was highly used by my team. View full review »
reviewer1120656
Information Security Specialist with 10,001+ employees
For the most part, this AlgoSec tool does meet our needs. If I was to think of any improvements I think the main one that stands out to me is confidence in future proofing. A good example is that we are looking at various SOAR which we'd like it to be fully compatible with (but not entirely convinced it is yet). Lastly, I have also heard a few qualms about the technical support and that it could be improved. However, this doesn't detract from the value the tool brings to our business. View full review »
reviewer1112223
User at a manufacturing company with 10,001+ employees
We have a complaint about the compliance check, in that sometimes we want to keep rules rather than merge them. View full review »
reviewer1003116
User
The versioning is a bit weird. We used to use version 2017 which is quite current, but it looks like it is a 2017 version. As far as I know, they want to have this changed soon. Nevertheless, this is something which definitely needs to be improved. View full review »
Joby George Cherian
User
The product has a lot of great features already. However, I would like the reporting to be more customizable, as per user and auditing needs. View full review »
Noel Noguera
Technical Director at Keystone Solutions, Inc.
Based on the conference I just attended, it is improving by Algosec opening their API more. This allows us as a systems integrator to give more value to our clients. We will be able to integrate more things that do not come out of the box. View full review »
reviewer1006992
User at a tech services company with 10,001+ employees
I think that AlgoSec could improve the application by improving the treatment speed. If AlgoSec could make few seconds less to analyze research, theses few seconds will be used by my team to be more efficient. I mean, in the Traffic Simulation Query, it will be wonderful if Algosec could find a way to make the research faster than now. In fact, we are often waiting arround 1,30 min to see the results. Maybe something can be done to make this reasearch faster? View full review »
Olivier Beytrison
System Architect at HES-SO//Fribourg
We use the "rules change notification" feature to inform the different firewall managers when someone made a change. The actual change comes in a PDF file attached to the e-mail, while it would be faster to have it directly embedded in the notification mail. Depending on your network topology, the traffic simulator might have some hard time tracing the traffic path between your devices correctly. This has already been improved in the past but could still be enhanced. View full review »
Mannavan Veeramani
Senior Network Security Engineer at Prudential Corporation Asia
ABF needs to be more integration with AFF/AFA. We needs object level permissions and application level recertifications. View full review »
Bogi Wicaksono
System Engineer at Dimension Data
The MAP has a persistent issue with a firewall that is using a double BVI (Bridge Virtual Interface). In this configuration, it cannot give the correct and proper topology, so the traffic simulation query cannot run properly between the source and destination. View full review »
reviewer1112214
User with 10,001+ employees
The risk matrix implementation is not easy from an Excel file, so it would be nice to have a solution for creating it directly within the web interface. This would be an improvement. View full review »
reviewer1026111
User at a retailer with 10,001+ employees
In my opinion, the user should be granted more flexibility to choose exactly which devices per CMA should be analyzed. The process to replace a decommissioned device with a new device is not straightforward. View full review »
reviewer877923
Account Director
Further integration with ACI and NSX will be key to our customers' requirements moving forward, as customers adopt new, innovative environments. View full review »
reviewer872862
Security and Network Consultant at a tech vendor with 51-200 employees
Needs better integration between modules and also a better troubleshooting methodology. There are still a few improvements to be done in the user interface. View full review »
David Ord
User at Enbridge Gas
The Network Map is a feature that could use work, it is a big piece but is always a moving target with large routing tables in use and speed of use becomes an issue doing queries. View full review »
reviewer1115961
User
In terms of integrations, we would like to see a greater number with the upcoming and next-generation tools (i.e. SOAR and a selection of other SIEMs). This has been a problem for us, as we are going through the process of enhancing our security and some of the products we are looking at are lacking built-in support (integration). View full review »
Matthew Ireland
VP Global Cyber Security Operations at NTT Security
* I would like to see continued expansion to other firewall versions, platforms, and vendors. * I would also like to see continued work on the roadmap. View full review »
WingPoon
Global Network Solution Architech at AXA Tech
* It needs better API integration with its third-party firewall management. * It needs support for its cloud-based solution. View full review »
AndyWodzien
Network Engineer at WPPI Energy
The only thing I had slight issues with is the web UI which is a bit tricky to navigate. It can be difficult to find what you're looking for without having to click around for a bit, but once you get to know where things are, it's not bad. View full review »
Joke
Security Operations Manager at eTranzact
* The font size on the Changes Summary Report is very small when reading the print out copy. * AlgoSec can look at ways to include a change management workflow process or integrate with third-party ticketing solutions. * Explore ways to detect unused port numbers per firewall rules. View full review »
Ketan Khambe
Technical Presales Engineer at Exclusive Networks
I would like to suggest that cloud visibility feature is provided in the next release. We would be able to understand how traffic flows from the source to destination. View full review »
AJC-2000
Security Consultant at Total System Services, Inc.
I look forward to cloud service integration, which is coming in future releases and this should help make the product more of a complete solution. I would also like to see AlgoBot integrate with other communication systems such as Rocket Chat. View full review »
Florian_1276251
Network Expert at a integrator with 1,001-5,000 employees
They can make some improvements to the user interface because it can be slow at times. View full review »
reviewer827928
Network Support
The product could be improved by adding additional tools for troubleshooting, not only for the firewall, but for other devices like switch and dynamic routing display. Also, it would be good if it could retrieve all information regarding Cisco Nexus switches and devices. It would be interesting if the product could automate the switch configuration and create a dynamic map of the entire network. View full review »
reviewer1019766
User at a manufacturing company with 10,001+ employees
Ability to manage more diversity of equipment, as well as simplify the management of the various workflows. View full review »
reviewer877515
Sr Firewall Engineer at a tech consulting company with 1,001-5,000 employees
We are still waiting to implement FireFlow, and getting it into place will hopefully speed up our implementation time and help with policy standardization. There have been some difficulties in getting this portion set up in our environment. View full review »
Mark Grady
Lead - Security Infrastructure Consultant at TSYS
The tech support and ticketing system could use some improvement and need more of a personal touch. View full review »
reviewer947805
User at a insurance company with 1,001-5,000 employees
I think the product is great from an overall observation, sometimes speed is an issue but I think it could be improved a little bit from a parsing perspective. View full review »
reviewer1278324
Cyber Security PreSales Engineer at a comms service provider with 10,001+ employees
The UX control panel is in need of improvement. View full review »
Marco Murillo
Presales Manager at SEFISA
* The reporting could be a bit better. * FireFlow was a bit tricky to configure with its customized flows. Maybe the latest release will resolve this. View full review »
Mahmoud Hashem
Technical Manager at Global Technologies for Trading and Contracting
I would like an intelligent tuner where it could help update rules with the application ID. View full review »
Henrique F. Caires Clemente
Software Developer at Vivo (Telefônica Brasil)
I would like to seem improvements in performance and software stability. View full review »
Damien GEANTY
Senior Cyber Security Specialist at Richemont
This solution would be improved if it were able to compare configurations and provide recommendations. For example, suggest cluster members. View full review »
Find out what your peers are saying about AlgoSec, Tufin, FireMon and others in Firewall Security Management. Updated: March 2020.
405,901 professionals have used our research since 2012.