We primarily use the AlgoSec solution to monitor and interpret the risk status in our firewalls. Seeing the troublesome situations experienced in our firewalls from the same point of view sometimes does not help to solve the problem. However, thanks to AlgoSec, it is of great benefit to observe these risks from a different perspective and to see that they improve in the process. Being able to see and follow these changes makes the work of system administrators and risk analysts much easier.

It is of great benefit to observe the firewall risks from a different perspective and to see that they are improving in the process. When the effects of tightening and improvements are checked regularly, we can better monitor the current risk situation. It is a difficult process to examine the security risks in detail in each of our products and in our firewalls which may be different brands and models. AlgoSec enables us to manage this process in a central way.

AlgoSec can monitor the current status of firewalls. Other vendors mostly focus on working with daily tasks, however, AlgoSec is able to follow the live status and current issues or changes with the help of push technology. It can be easily integrated with different firewall devices (even different brands and models). In this way, it becomes very easy to monitor different risks from a single interface. Thanks to the web-based management screen, it can be easily managed through any end-user operating system.

At the integration point, a manual page could be added to the dashboard where directions about the products are explained in detail. In this way, if the system administrator wants to integrate a new product, they will be able to integrate this product by following these directions, even if they do not have deep knowledge of the product in question. Integrating different products should not require us to have to wait for coordinated work with a product specialist.

I've used the solution for almost four years.

In terms of stability, we have no complaints so far. We didn't face any problems.

This solution works well in mid-size companies. 

Customer service is very good and educated. However, the process to open a ticket sometimes could be harder than necessary since we need to collect some logs from the dashboard and upload them to the related ticket before submitting it.

Positive

I've used the Skybox Security solution as well.

The product offers an almost straightforward setup. It is easy to install and integrate.

I installed the product by myself.

We cannot calculate ROI based on vulnerability or data leak issues.

The cost and licensing are reasonable.

I did not evaluate other options.

We needed to review unused rules and delete them. However, I also wanted to view my unused objects and NAT rules. Algosec met my needs. 

The product was able to present how many rules were redundant and how many shadow rules were in a gateway. Thanks to this visibility, I was able to do my rule optimization. Thus, my firewall rules were fewer, and fewer rules were checked when traffic passed through the firewall. In this way, it was possible for traffic to pass through the firewall faster.

The simulation can be improved. Networks and interfaces to which the firewall is connected are kept in a visual simulation. The rules could also show us the traffic on these networks in red and green. When we add a rule, we should be able to see what kind of traffic obstruction we can cause and what can be improved. In the next release, it would be fun to visually present the dashboard with animations.

One of the standout features is its ability to provide visibility and control over security policies. The product offers a centralized dashboard that gives an overview view of the entire network infrastructure, including firewalls, routers, and switches, regardless of their vendor or location. This unified view enables administrators to easily manage and modify security policies from a single platform, eliminating the need for manual, error-prone processes. 

AlgoSec also provides a powerful rule analyzer that detects and highlights any redundant, overlapping, or conflicting rules, helping organizations optimize their security policies for maximum efficiency. AlgoSec also allows administrators to define and enforce a standardized change management process, reducing the risk of unauthorized or misconfigured changes.

AlgoSec's compliance management capabilities have helped a lot in my organization. It offers predefined compliance frameworks, such as PCI DSS and HIPAA, and assists organizations in mapping their security policies to these standards. AlgoSec can generate comprehensive reports that demonstrate compliance with regulatory requirements, simplifying the audit process. 

It also provides continuous compliance monitoring, alerting administrators of any of policy violations or any changes that may impact compliance.

The visibility of security policies and automation is the most valuable feature of AlgoSec. It offers a range of automated workflows and processes that accelerate security policy management. For example, it can automate the process of rule recertification, ensuring that rules are regularly reviewed and validated. 

AlgoSec also facilitates policy optimization by automatically suggesting rule modifications based on industry best practices or specific compliance requirements. By automating these repetitive tasks, AlgoSec frees up valuable time for security teams to focus on more strategic initiatives.

AlgoSec offers almost everything that clients want and has a robust set of features. That said, there are a few areas where it could improve. The user interface, although functional, could benefit from a more modern and intuitive design. Additionally, the initial setup and configuration process may require some technical expertise, which could pose a challenge for organizations with limited security resources. A simple tutorial about the initial configuration on Youtube could provide a lot of help. Even a self-guide link inside the GUI would be helpful.

I've used the solution for two years.

The initial setup was complex.

The implementation was handled in-house.

The most common use cases include:

• Performing audits on an annual basis with the help of information security
• Remediating risky rules by trusting them or remediating them at the firewall level
• Unused rules and disabled rules are addressed on a regular basis
• All firewall changes are monitored through AlgoSec with the help of change notifications
• Improving compliance and risk management and connections revolving around the network Layer 3
• Locating objects and addressing any issues on a much quicker basis

We were able to improve the security ratings of our firewalls. It helped us with annual audits, change notifications, rule assessments, and visibility in general.

It improved compliance and risk management and connections revolving around the network Layer 3.

We can get all the firewall-related data with a single click and effectively work on synchronizing with all the firewall gateways including the management server.

It helps us with firewall audits on an annual basis with the help of information security.

We remediate risky rules by trusting them or remediating them at the firewall level.

We address the unused rules and disabled rules on a regular basis.

All firewall changes are monitored through AlgoSec with the help of change notifications.

It improved compliance and risk management and connections revolving around the network Layer 3.

It helps locate objects and address any issues on a much quicker basis.

RFEs are kept open for too long. We had requested a couple of features, including the ability to trust implicit rules, and IPT doesn't run on IPSEC-enabled firewalls (Cisco to be specific). We had reported these issues for over four years now and still we do not see any resolution.

There is no visibility for the changes made to the NAT rule policies.

Adding objects or object groups on the firewall also do not generate a change notification.

There is no visibility for changes made to the secondary standby firewall if the firewalls are added as a cluster.

I've used the solution for more than five years.

We did not previously use a different solution.

We did not evaluate other options. 

I started working with AlgoSec to integrate change opening tools with some clients as I work at an AlgoSec reseller.

I have customized hooks so that custom actions could be triggered within AlgoSec, before implementing the active change I worked to generate scripts to clean up the checkpoint firewall rule base based on AlgoSec reports. My experiences with AlgoSec have always been with end-user support, especially when it comes to software development. That said, I've also done an installation and helped the customer create the approval flow.

AlgoSec has been a partner in my company for many years, with which we can improve our customers' experience.

It adds many facilities in the management of network equipment, due to the ease in analyzing the rule base. It helps firewalls to have a better performance since the rules are positioned more efficiently and unnecessary rules and objects are removed.

The training provided by AlgoSec helps a lot in the development of employees who work with the tool.

I recently discovered the "ask the community" option and it made problem-solving a lot easier.

All of AlgoSec's features are very good, however, in my point of view traffic planning and risk analysis are the most important, with them we can have a view of which items will be affected by the change, which objects need to be created or used, which rules will be affected, with that we can have a much more optimized base and easier to maintain.

With the risk analysis, we can customize it according to the company because each client may have a different risk scenario.

The possibility of customization also makes the job much easier.

Plugins for integration with other tools as ServiceNow, for example, would be ideal. This would facilitate the work without needing a developer to carry out integrations, mainly for market tools.

We need a screen to view system logs. This would facilitate the problem analysis process. The possibility of placing buttons in another system to trigger actions within AlgoSec would be great. For example, placing an HTML button in ServiceNow that triggers the active change. Being able to view the ticket flow within other tools would be useful.

I've used the solution for three years.

I've always worked with the standalone version.

I've always used Algosec.

I have not looked into ROI.

The costs are paid according to use.

I did not evaluate other options previously.

We use the solution for rule optimization. We had almost 100+ firewalls in our network. AlgoSec helps us to manage the firewalls more effectively.

AlgoSec made our work simple in managing the multivendor firewall rule. Audit-ready reporting is an awesome feature.

The most valuable aspects of the solution include policy optimization, rule cleanup, and network discovery.

They need to do some improvements in multi-vendor firewall policy migration. They need improvements in network discovery. The solution could fix some bugs in the A32. Fireflow needs to be a little more user-friendly.

I've used the solution for the past four years.

The scalability is good.

We previously used Firemon. AlgoSec has more functionality and is user-friendly to manage our firewall more effectively.

The initial setup is good.

The ROI is good.

AlgoSec provided the best price and the team helped effectively with the support and A32 migration.

We did look into Tufin.

The solution is the best in the market.

I am working with AlgoSec for supporting my end clients and partners. AlgoSec has different functionalities. The primary use case of this solution is firewall policy management which helps most of the enterprise's customers to manage their L3 devices and multiple firewalls in their environment at a single console and audit firewall configuration from time to time. AlgoSec provides full visibility into the risk involved in firewall change requests. The network topology table helps to understand where the traffic flows through and where it's interconnected.

The comprehensive visibility of network security allows users to understand the dependencies between different policies. In the firewall analyzer, we can easily visualize and analyze all the devices within the network. To check the connectivity between the two devices, you can use the source's IPs and destination.

We can build the whole network topology using Algosec easily and provide optimization with all networks.

The verification of policies on all integrated firewalls with a minimal time period. 

The solution helps visualize and manage the hybrid network. 

Auto Discover applications and services are great. 

It simplifies security policy management. 

The product enhances visibility and control. 

Compliance automation and network topology are great. 

You can connect applications to security policy rules. 

Everything can be micro-segmented successfully.

We can easily identify risky rules. 

End-to-end security management is simple in that we can automate every change. 

It has effortless cloud management and can detect firewall configuration changes to spot unusual activities.

AlgoSec provides very good support to their clients. There are no complaints. That said, these items can be improved:

• Support can be improved as there are time delays for resolutions
• In the current version of AngloSec analyzer, we can not delete the object from all firewalls and need to do the task manually
• We need more effective topology diagram
• There are challenges in connecting the different security vendors
• User creation and assigning roles are a little bit difficult
• While upgrading we have to upload package files which can be downloaded from the Algosec website yet the downloading takes time

The stability is excellent.

The product performs well in the environment.

We did not previously use a different solution.

Licensing is based on a subscription model and the costs associated are worth it.

We did not evaluate other options.

We use app flow, Firewall Analyzer, and FireFlow. We use AlgoSec to gain visibility on firewall rules and for gap-cleaning projects to clean up the firewalls. We also use the solution as a firewall assurance tool to stay clean, have an optimized set of firewalls, and then automate firewall rules deployed from start to finish.

We have on-prem data centers and 180 sites all over the world.

Additionally, we use cloud services, infrastructure as a service, platform as a service, and software as a service. The majority of it is standardized on Cisco networking with Fortinet security solutions, except for the data centers, which are Check Point.

The purpose is to gain visibility into firewall rules. We used it to go through a gap-cleaning project to clean up the firewalls. We also use the solution as a firewall assurance tool to stay clean and to have optimized firewall rules. In addition, we use the solution to automate firewall rule deployment from start to finish, so we have a complete change process in FireFlow and can automatically deploy the firewalls on appliances. For that, we also built a connection with BMC Remedy because that's the main tool used for change management.

AlgoSec has improved our organization through a safer firewall rule base and better time-to-market IT services provided to the rest of the organization. Those are the two main improvements. In general, AlgoSec has provided a better security posture.

Customizability is AlgoSec's best feature. You can customize everything and build anything you like, and that's a feature we missed in competitors' solutions.

AlgoSec is not a tool where people with little knowledge of security or IT can find their way around. AlgoSec has a less user-friendly interface compared to competitors, but it is comparatively more customizable. As such, the interface is more on the complex side.

I have been using AlgoSec for four years.

AlgoSec is a stable solution. There are bugs, but those do not affect the system's stability. We have not had any unplanned downtime since we started.

We use the solution 24x7 to record cyber rules, with about 50 changes per week.

The solution is scalable and we have approximately 50 users.

The initial deployment was complex because we were integrating with ITIL systems since we had integrated with BMC Remedy. The integration with Check Point was complex because we were on the wrong version. We had to go through various administrative processes to update Check Point. If AlgoSec was more flexible in the ways one could integrate and the versions one could integrate it with, that would help.

A team of ten people handled the deployment, including testers, and they took approximately three months. The end-to-end deployment took just over two years. We did not migrate from a previous solution.

We have seen a return on investment only with efficiency gains and improved security posture. That might transfer to a monetary value, but we haven't assessed that.

I find the price too expensive. It looks a bit like SAP, so it does have standard functionality out of the box, but you will spend a lot of money if you want to customize it. However, the price is not as extreme as SAP or Oracle, but the actual implementation does turn out to be expensive. 

We finally chose AlgoSec over Skybox for its customizability, the options for integration, and the workflows. Though Skybox was much more user-friendly, it was weaker when it came to integration options and customizability.

In our organization, we work with multiple security vendors, and integrating with leading vendors for the most part is easy, but there are some exceptions. The solution made integration with the majority of devices really easy, but it was really cumbersome with some devices.

The solution has massively reduced human error through automation by about 95%.

As far as multiple environments are concerned, we have a private cloud, which is just a data center hosted by an external party. We have a public cloud, multiple vendors, and multiple regions. We also have decentralized data centers throughout the world.

We're investigating combining the solution with Cisco ACI.

The cost versus the achieved business goals is in balance.

I recommend that new users do a proof-of-concept before choosing AlgoSec. I would rate the solution an eight out of ten.

We use AlgoSec for firewall policy management.

The most valuable feature of AlgoSec is its firewall analyzer. AlgoSec also has a better interface.

AlgoSec's audit management is not good enough and can be improved. Also, AlgoSec should be made more scalable.

I have been using AlgoSec for around one year.

AlgoSec is a stable solution.

AlgoSec is not a scalable solution. Only I use AlgoSec in our company to do firewall management.

It is moderately easy to set up AlgoSec.

Two staff were involved in AlgoSec's deployment, which took around three hours.

Before choosing AlgoSec, we evaluated Tufin as an option. We chose AlgoSec because it has a better interface.

AlgoSec is a good firewall management tool for organizations with multiple firewall levels. If you only have two or three firewall levels, then AlgoSec is not worth investing in.

Overall, I rate AlgoSec an eight out of ten.