We performed a comparison between AlgoSec and FireMon Security Manager based on real PeerSpot user reviews.
Find out in this report how the two Firewall Security Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It gives control and visibility to the end users."
"It is helpful in improving the security and compliance of our environment. We can optimize our environment by improving the rules that are not used or are duplicated. FireFlow is useful in creating and implementing new rules. It allows us to automate rules implementation and have more control over the rules."
"It now takes less than half of the time it took before we had this tool to deploy the flows requested by the business."
"The most valuable feature of AlgoSec is its firewall analyzer."
"It helps in regulatory compliance metrics and overall firewall security optimization."
"AlgoSec gives us a high level of confidence that our ACLs and our risk components are actually in line with our expectations. Because we run a lot of our firewalls as an internal change control boundary, we rely on them heavily to segregate vendor networks. It gives us a high level of confidence that those third-party networks that ride on the backbone are segregated and appropriately defined."
"For us, as well as for our customers, firewall management and change management are the most important features."
"The training provided by AlgoSec helps a lot in the development of employees who work with the tool."
"FireMon saves us a lot of time and it's nice because if you're adding a rule that's similar to another rule, it'll tell you so sometimes you can just edit the one and add another source or destination in there without creating a duplicate rule. It enables you to consolidate and have fewer, more meaningful rules. We're saving around 30% of our time."
"The ease of use is the most valuable feature. There are a lot of products out there, but the ability to navigate through and use Firemon is very good."
"I've been using the reports to see what is going on, and that is a helpful feature. We can track down unused rules, which helps with compliance. We can see rules that have not been used or that are duplicates or overly permissive."
"The automation that the platform provides to create tickets reduces human error and more generally, reduces the operational overhead."
"It gives us the ability to go to one place to look for potential firewall rules that are inappropriate, or which don't meet compliance. Instead of manually searching hundreds of firewalls for a policy, we can go to this one location and find the rules which are now out of compliance."
"It is a good product. Previously, we were using only spreadsheets to compare the usage, but now with FireMon, we are able to clean up or review the policies to some extent. It is still a work in progress, but we are at a good stage now."
"The most valuable feature is that everything is recorded in the historical logs, including the firewall rules, headcounts, object-level usage, and the rule documentation. The rule certification details are also there, which means that someone can be held accountable for a specific firewall rule."
"It is the single place where we go to review all of our firewall changes. The solution makes it easier for us to track all the changes made. It is a central place where we can look at all the firewall rules, because we have three different firewall vendors. It save us time and creates efficiencies by looking at the general picture."
"Releasing hot fixes or patches is late compared to other security products."
"Some of the auditing functionality needs improvement. Our major focus is the firewall validation process and tracking and verifying that changes are implemented correctly. We are actually doing parts of the auditing process manually. And getting any one of the vendors to bring out a good auditing process has been very difficult."
"Fireflow needs to be a little more user-friendly."
"It would be nice if it was more variable when checking virtual domain baseline in the same way as Fortigate's firewalls do."
"To be more specific, when we tried to add some devices on AlgoSec it seemed to be done but when you checked the monitor section, some device was always red. Finally, we could handle this part by installing a new software fix but AlgoSec support was weak when we tried to handle this process."
"There is room for improvement in the rollback process."
"In terms of integrations, we would like to see a greater number with the upcoming and next-generation tools (i.e. SOAR and a selection of other SIEMs)."
"We are still waiting to implement FireFlow, and getting it into place will hopefully speed up our implementation time and help with policy standardization."
"Some of the core functionality in our environment doesn't seem to work. We will get buggy code releases. They need to work on their Q&A of every code release."
"I think that having a more open system and providing documentation for it would be helpful for users like us. We are pretty adept and can navigate through the Linux software that the on-premises FireMon is based on. It would help us in the long run."
"Its reporting can be improved. I am the only one who works a lot with it, and I am having problems in terms of reporting. In the case of Palo Alto, I'm okay with it, but with some of the Cisco devices, such as routers, when I provide the reports to other teams for review, they always say that the hit count is incorrect. So, I was struggling for a long time to work with them. When working with other teams, they have a lot of questions about reporting, such as how it reports, and we are still struggling with that."
"The stability has been fairly decent, but there have been a few issues. My coworker has had some issues in the past where he has had to work with support."
"A phone app would be nice. This is the reason why it is not perfect yet."
"Policy Planner requirements section is good, but could use some improvement to allow flexibility to enter different types of requests (modifying an existing policy, object or service group, for example) in a structured task format that can be auto-verified."
"The cost of the solution is pretty expensive. It would be ideal if they could work on their pricing."
"When it comes to real-time compliance management, something that is missing is alerting on certain, predefined controls. It would be good to have a predefined set of controls which, if not complied with in a newly set up rule, would create an alert for us. That is something that is missing, out-of-the-box."
AlgoSec is ranked 1st in Firewall Security Management with 173 reviews while FireMon Security Manager is ranked 4th in Firewall Security Management with 52 reviews. AlgoSec is rated 9.0, while FireMon Security Manager is rated 8.2. The top reviewer of AlgoSec writes "Gives us the ability to dig down into details and work at a level above the skills that we already have". On the other hand, the top reviewer of FireMon Security Manager writes "Makes compliance much easier compared to doing it manually, and automates policy changes across environments". AlgoSec is most compared with Tufin Orchestration Suite, Skybox Security Suite, Palo Alto Networks Panorama, ManageEngine Firewall Analyzer and RedSeal, whereas FireMon Security Manager is most compared with Tufin Orchestration Suite, Skybox Security Suite, Palo Alto Networks Panorama, ManageEngine Firewall Analyzer and RedSeal. See our AlgoSec vs. FireMon Security Manager report.
See our list of best Firewall Security Management vendors.
We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Thank you, Sunil and Carlo, for your insightful responses.
I really appreciate that and will investigate further.
Best regards,
John
It’s been too long since I evaluated AlgoSec to give some solid feedback here. I can say that mapping in FireMon is terrible if you have a complicated network, otherwise, it works pretty well.
FireMon performance- make sure you get the best server, you can break them out and put certain roles on different boxes to get a lot of expansion possibilities though it might not be necessary this depends heavily on the size of your configs. If you have 1,000 firewalls with 100 rules each no problem but a handful of firewalls with 900k+ rules can become problematic.
We have not pulled MPLS configs into the system but their protocol support (FireMon) seems top notch.
DR, well you can distribute the environment all over the place so it’s really up to you with Firemon how robust your DR is. I’ve never had a failure requiring a massive restore, even our older servers running their pre-web UI version is still running fine.
Unfortunately we chose Tufin over both those products, sorry I cannot give you a comparison on either. For us, Tufin simplifies the needs we have for Risks/Cleanup/Violations in our FW policies.
We also leverage compliance policy for best practices. You can also take advantage of the reporting functionally which suites your environment or infrastructure such as:
- New Revision
- Advance Change
- FW Modul Change
- Object Change
- Expired Rules
- Rule and Object Usage
- Policy Analysis
- Security Risk
- Rule Documentation.