Effortless Firewall Management with Robust Automation
What do you like best about the product?
I like the ability to automate firewall changes with built-in risk analysis, making firewall policy changes faster and easier. The automation speeds up firewall changes while ensuring they are built safely.
What do you dislike about the product?
Nothing it worked great.
What problems is the product solving and how is that benefiting you?
I use AlgoSec to automate and optimize firewall policy management, reducing risk and operational effort by automating policy changes and ensuring compliance. It helps speed up firewall changes with built-in risk analysis, making policy changes faster and safer.
Automation has transformed firewall changes and has reduced audit effort and breach risk
What is our primary use case?
My main use case for AlgoSec at FedEx is to automate, optimize, and ensure compliance of firewall and network security rules across our hybrid environments. This tool gives us a single pane of glass view of firewall devices, routers, cloud security groups, micro-segmentation policies, and many more resources. This has reduced complexity in multi-vendor environments.
A quick, specific example of how I use AlgoSec in my daily workflow is that we used it to automate rule design, risk assessment, implementation, and validation. This has greatly reduced manual work and change implementation time.
The automation and centralized management have specifically helped my team by reducing manual work and change implementation time.
What is most valuable?
The best features AlgoSec offers include automation of firewall rule changes, centralized security policy management, and improved compliance and audit readiness.
AlgoSec has positively impacted my organization by allowing us to see faster change management, reduced audit costs, and reduced breach risk.
I can share specific metrics indicating that through OpEx savings, we have been able to reduce firewall rule analysis and rule change handling time by 60 to 90 percent. This has led to fewer manual tasks and a smaller workload on our network and security teams.
We have seen a return on investment with reduced audit costs, less time spent preparing evidence manually, and reduced breach risk.
I would like to add that on centralized security policy management, it reduces complexity in multi-vendor environments.
What needs improvement?
AlgoSec has a bit of a learning curve. It requires training, especially to fully leverage application-centric workflows.
In terms of needed improvements, I would like to mention the integration challenges.
For how long have I used the solution?
I have been using AlgoSec for two years.
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
AlgoSec's scalability is very strong. It grows with our organization's needs and can handle large data sets of our organization.
How are customer service and support?
The customer support is very great, with dedicated 24/7 assistance.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We previously used a different solution, Tufin, before switching to AlgoSec.
How was the initial setup?
My experience with pricing, setup cost, and licensing indicates that while the migration cost can be higher, the cost is acceptable. It is cost-effective, but the setup is not very easy.
What was our ROI?
We have seen a return on investment with reduced audit costs, less time spent preparing evidence manually, and reduced breach risk.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing indicates that while the migration cost can be higher, the cost is acceptable. It is cost-effective, but the setup is not very easy.
Which other solutions did I evaluate?
Before choosing AlgoSec, I evaluated other options, including Skybox Security.
What other advice do I have?
My advice to others looking into using AlgoSec is that it has been great. It improved our operational efficiency, risk reduction, and compliance automation in my organization. I would rate this product an 8 out of 10.
Effective Firewall Cleanup with Algosec, but Needs Better Stability
What do you like best about the product?
Algosec has proven to be a very effective tool for firewall cleanup activities, and I have been using it for this purpose for the past two years. The range of options and statistics it provides is quite good, though I have found that they are not always completely accurate. The monitoring features are also comprehensive, and I find the user interface to be especially user-friendly. Additionally, the tool is straightforward to deploy, which makes it even more convenient to use.
What do you dislike about the product?
The main concerns I have with this tool are its occasional malfunctions and the fact that statistics are sometimes not visible. There are also communication problems with the Checkpoint firewall, as certain changes either do not appear in the tool or take a long time to show up. Even when our firewalls are configured identically, the tool still struggles to communicate with one of them. Additionally, there is a significant issue with integrating Microsoft Exchange Cloud relay, which we rely on for sending weekly firewall reports. This compatibility problem is a major drawback for the tool. The TAC support is not upto the mark as they don't have proper knowledge of the tool and they have very less senior TAC support members.
What problems is the product solving and how is that benefiting you?
The primary advantage we gain from using Algosec is its support for firewall cleanup activities. Over the past two years, I have regularly performed these cleanups, and they have generally been completed successfully and without significant issues. Another benefit is the way Algosec documents each activity, which is helpful for referencing and verifying changes in the future.
good training and deployment experience
What do you like best about the product?
Deployment and integration seems very seamless. As our team is able to deploy and maintain its functionality AlgoSec is a great to have in our toolkit to maintain centralized security.
What do you dislike about the product?
some problems and always present do to client specific, infrastructure.
What problems is the product solving and how is that benefiting you?
AlgoSec helps our client to maintain network security policies, keep visibility of the network and consolidate workloads of not only NOC engineers.
good too to get insight of a company security
What do you like best about the product?
Fire wall analyser can give you a view of compliance on the basis of defined standards
What do you dislike about the product?
UI is a bit complex to use which can be better
What problems is the product solving and how is that benefiting you?
we can use it check the compliance of company network compliance and loopholes in security architecture.
Fireflow is good for change management and rule recertification.
Algosec Review
What do you like best about the product?
For us its the analytics to see where in the path access is dropping and to test new rules to see what FW are been traversed and either blocked or allowed
What do you dislike about the product?
need more integrations into CMDB, Ticketing Services
What problems is the product solving and how is that benefiting you?
Issues with too many rules and compliance for on-prem FW's - helps us remove unused rules, objects and to meet audit requirements
Algosec Review
What do you like best about the product?
Algosec has vast range to tools within ASMS which is easy to use and technical customer support is good and knowledgeable to have.
What do you dislike about the product?
Ease of Integration - Lot many things to be keep in mind during integration phase which is time consuming to identify and fix issues.
What problems is the product solving and how is that benefiting you?
Algosec AFA - AFA has various serach criteria to fulfill Firewall Admins requirement. Rule cleanup and Audit are key feature which i utilize for our daily operations.
Algosec AFF - ActiveChange feature is nice to have to review/approve/implement the change on the fly from Fireflow.
Centralized Security Management: The Strengths and Weaknesses
What do you like best about the product?
The best thing about AlgoSec is its centralized dashboard for the onboarded devices. Its User interface is user friendly and its policy optimization feature proves useful in improving overall devices configuration.
What do you dislike about the product?
The main thing i dislike about AlgoSec is its intial setup can be sometimes time consuming depending on the infrastructure of the customer also for additional features requires extra cost.
What problems is the product solving and how is that benefiting you?
The main feature that AlgoSec is solving is bringing in the change management module which helps in automating the firewall policy implementation skipping manual intervention.
Analyzes network flows with good functionality and clear insights
What is our primary use case?
In our company, we primarily use AlgoSec to analyze and optimize firewall policies. This solution is invaluable for cleaning up rules and objects. It allows us to identify which rules are redundantly covered by others, detect unused objects in rules or groups, and pinpoint duplicated objects. Additionally, AlgoSec aids us in reducing overly permissive rules that have accumulated due to legacy changes.
Our environment consists of several systems with different policies, all managed under a single management console. This unified approach helps us maintain a clean and efficient object rule base across the board.
By using AlgoSec, we can ensure our firewall settings are both streamlined and effective, significantly enhancing our security posture. Furthermore, the insights provided by AlgoSec empower us to make informed decisions about which rules are necessary and which can be consolidated or removed, ultimately optimizing our network performance and security management process.
How has it helped my organization?
AlgoSec has significantly improved our organization by streamlining our firewall management process. With the use of AlgoSec FireFlow and AlgoSec Firewall Analyzer (AFA), we have been able to maintain clean and efficient firewall policies. AFA has been instrumental in helping us clean up existing firewall rules, ensuring that our policies are optimized and free of redundancies. By identifying and removing obsolete or duplicate rules, we have improved our network's security and performance.
FireFlow has been particularly beneficial in automating policy change processes, allowing us to keep our firewall policies clean and up-to-date. This automation not only reduces the potential for human error but also speeds up the implementation of necessary changes.
AlgoSec has saved us considerable time and energy when it comes to various tasks, such as risk analysis and assessing the impact of potential changes. By providing clear insights into which rules are already implemented and effective, we can focus our efforts on areas that truly need attention, ensuring our resources are used efficiently. Overall, AlgoSec's solutions have optimized our security management, enhancing both our operational efficiency and our ability to protect critical assets.
What is most valuable?
One of the most valuable features we've found in AlgoSec is its ability to analyze network flows to help define new, less permissive rules. This functionality is crucial for enhancing our network's security posture by ensuring that only necessary traffic is allowed. By examining the actual traffic flows within our network, AlgoSec provides insights into where existing rules may be too permissive, allowing us to tighten them without disrupting legitimate business operations.
This feature not only assists in making our security policies more precise but also helps in minimizing the attack surface by restricting unnecessary access. As a result, we can confidently implement rules that align more closely with the principle of least privilege while still accommodating essential connectivity and services. The ability to refine our firewall rules in this informed manner enhances both our security and compliance efforts, making this feature particularly valuable to our organization.
What needs improvement?
While AlgoSec offers robust capabilities, there are areas where the product could be further enhanced. One specific area that could benefit from improvement is the rule analysis feature, particularly in terms of defining objects within a new rule. Currently, the process seems to be more focused on network-level analysis rather than on objects, which sometimes requires us to perform multiple iterations to achieve optimal results.
Enhancing the tool to provide more object-oriented analysis could streamline the process of rule creation and modification, allowing for more precise and efficient policy management. Additionally, incorporating advanced capabilities for identifying and recommending the most appropriate objects for new rules would minimize manual effort and potential errors, thereby increasing accuracy and saving time.
For future releases, we would like to see more seamless integration between AlgoSec Firewall Analyzer (AFA) and FireFlow. Enhancing the connectivity between these tools would simplify transitioning from AFA to FireFlow, making it easier to create change tickets directly. This improvement would streamline our change management processes, enabling us to implement and monitor policy changes more efficiently and with greater accuracy.
For how long have I used the solution?
I've used the solution for six months.
Which solution did I use previously and why did I switch?
Automated reporting streamlines firewall audits
What is our primary use case?
I use AlgoSec as a firewall analyzer. It helps review the changes made on the firewalls and determine who executed those changes. The tool automates predefined reports about non-used network objects, which is technically challenging for manual review.
How has it helped my organization?
By implementing AlgoSec, we've reduced the time and effort it takes to review firewall changes and audit logs. Before AlgoSec, we used to review each firewall manually, but now, the tool automates this process which saves us time.
What is most valuable?
The most valuable feature of AlgoSec is its ability to generate comprehensive reports. As a firewall analyzer, it's very useful for reviewing and collecting information at a single point. The tool also helps generate reports automatically, which is beneficial for us.
What needs improvement?
The graphical user interface in AlgoSec needs improvement. Sometimes it gets stuck, requiring multiple refreshes. Additionally, system integration with more products can be enhanced, like integrating the Blue Coat web filtering products.
For how long have I used the solution?
I have been using AlgoSec since 2020.
What do I think about the stability of the solution?
The product is stable and reliable for our needs.
What do I think about the scalability of the solution?
While we haven't tested it extensively, it has the capability to scale. We currently use it to manage eleven firewalls and nine routers. It has the ability to expand by adding more CPUs and memory.
How are customer service and support?
Technical support is decent, although it can take time for them to handle more complex cases. The first level of support may lack the knowledge to solve advanced issues swiftly.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
Before using AlgoSec, we manually reviewed and audited changes and reports.
How was the initial setup?
The initial setup was easy for adding firewalls, despite some challenges when deploying the second module of AlgoSec.
What about the implementation team?
The implementation was conducted by working with the vendor through remote sessions.
What was our ROI?
The return on investment is evident in the reduced time and effort for reviewing and auditing firewall changes.
What's my experience with pricing, setup cost, and licensing?
I am not involved with pricing details since I mainly handle the technical aspects. However, the value from reduced time and effort justifies its cost.
What other advice do I have?
I would recommend AlgoSec for enterprise environments that make frequent changes. Smaller environments with infrequent changes may not benefit as much.
