The leading provider of business-driven security management solutions, AlgoSec helps the world’s largest organizations align security with their business processes. With AlgoSec users can discover, map and migrate business application connectivity, proactively analyze risk from the business perspective, tie cyber-attacks to business processes and intelligently automate network security changes with zero touch - across their cloud, SDN and on-premise networks. Over 1,800 leading organizations, including 20 of the Fortune 50, have utilized AlgoSec’s solutions to make their organizations more agile, more secure and more compliant – all the time. Since its inception, AlgoSec has provided the industry’s only money-back guarantee.

ALGOSEC SECURITY MANAGEMENT SOLUTION

Business-Driven Security Management

Managing your network security policy across on-premise firewalls and cloud security controls is a delicate balancing act. On the one hand you need to reduce risk by minimizing the attack surface, on the other hand you must enable productivity by provisioning connectivity for your critical business applications. However, network security policy management processes have always been complex, time-consuming, and riddled with errors. They don’t have to be.

On premise and in the cloud, AlgoSec simplifies and automates network security policy management to make your enterprise more agile, more secure and more compliant – all the time.

The AlgoSec Network Security Policy Management EcoSystem

image

AlgoSec supports all the leading brands of traditional and next generation firewalls and cloud security controls, as well as routers, load balancers and web proxies, to deliver unified security policy management across any heterogeneous cloud, SDN or on-premise enterprise network. AlgoSec also integrates with the leading IT service management, SIEM, identity management and orchestration systems, as well as vulnerability scanners.

A Unique Lifecycle Approach to Security Policy Management

AlgoSec is unique in that it manages the entire security policy lifecycle to ensure ongoing, secure connectivity for your business applications.

Through a single pane of glass you can auto-discover application connectivity requirements, proactively analyze risk, rapidly plan and execute network security changes and securely decommission firewall rules – all with zero-touch and seamlessly orchestrated across your heterogeneous public or private cloud, and on-premise network environment.

AlgoSec Security Management Solution | AlgoSec AlgoSec Security Management Solution | AlgoSec

AlgoSec Firewall Analyzer | Security Policy and Network Analysis

AlgoSec Firewall Analyzer delivers visibility and analysis of complex network security policies across on-premise and cloud networks. It automates and simplifies security operations including troubleshooting, auditing, and risk analysis. Using Firewall Analyzer, you can optimize the configuration of firewalls, routers, web proxies, and related network infrastructure to ensure security and compliance. With the AlgoSec AppViz add-on for Firewall Analyzer, all business applications are discovered, identified, and mapped, providing critical security information regarding the firewalls and firewall rules supporting each connectivity flow.

AlgoSec Firewall Analyzer Helps You:

  • Visualize complex networks with a dynamic network topology map
  • Automatically discover applications and services
  • Map, clean up, and optimize applications and firewall rulesets
  • Identify and Mitigate risks and associate them to business applications
  • Define and enforce network segmentation
  • Reduce firewall auditing time and costs by up to 80% with automated compliance reports

AlgoSec Firewall Analyzer | Network Mapping | AlgoSec

AlgoSec Firewall Analyzer | Network Mapping | AlgoSec

Instantly Visualize Your Network Security Policy

Firewall Analyzer automatically pulls information from a wide range of devices to generate an interactive network topology map. Through this map you can understand the impact of network security policies on traffic, quickly troubleshoot connectivity issues, plan changes and perform “what-if” traffic queries.

application-mapping

Automatically Discover Applications and Services

AlgoSec AutoDiscovery is an innovative technology that automatically identifies all your enterprise applications and services and their connectivity flows, and quickly generates an up-to-date connectivity map of your applications — without requiring any prior knowledge or manual configuration by your security, networking or applications experts. It provides full visibility of your network security environment, including firewalls and the firewall rules that determine network traffic.

AlgoSec Firewall Analyzer | Network Mapping | AlgoSec

Map, Clean Up, and Optimize Applications and their Associated Firewall Rulesets

Firewall rules support applications or processes that require network connectivity to and from specific servers, users and networks. Firewall Analyzer with AppViz automatically associates the relevant business applications that each firewall rule supports, enabling you to review the firewall rules quickly and easily.

Firewall Analyzer then provides a wide range of actionable recommendations to help you clean up and optimize the security policy. With AppViz, you can tie firewall rule sets to the applications that connect to it, cleaning up rules that connect to unused or decommissioned applications. Firewall Analyzer can uncover unused, duplicate, overlapping or expired rules, consolidate and reorder rules, and tighten overly permissive “ANY” rules, without impacting business requirements.

AlgoSec Firewall Analyzer | Network Mapping | AlgoSec

Identify and Mitigate Risky Firewall Rules and Associate Vulnerabilities to Associated Applications

Prioritize your risk based on what your business values most — the applications that power it. Firewall Analyzer discovers and prioritizes all risks and their associated rules and associated applications in your network security policy.

Firewall Analyzer relies upon the broadest risk knowledge base, which includes industry regulations and best practices, as well as customized corporate policies, to ensure that all risks are uncovered.

Automatically integrate and map vulnerabilities from the leading vulnerability scanners to their business applications and associated firewall rules — including servers and complex connectivity flows. This way, you know exactly which applications and which firewall rules introduce risk.

AlgoSec Firewall Analyzer | Network Mapping | AlgoSec

Easily Define and Enforce Network Segmentation

Firewall Analyzer makes it easy to define and enforce network segmentation throughout your network and across all leading firewall platforms. With Firewall Analyzer you can quickly confirm that your existing network security policy does not violate your network segmentation strategy or block critical business services, and meets compliance requirements.

AlgoSec Firewall Analyzer | Network Mapping | AlgoSec

Prepare for Your Next Audit in Hours, Not Weeks

Firewall Analyzer automatically generates pre-populated, audit-ready compliance reports for all leading industry regulations, including PCI DSS, HIPAA, SOX, NERC, FISMA and ISO, as well as custom corporate policies, to reduce audit preparation efforts and costs by as much as 80%.

AlgoSec FireFlow | Security Policy Change Automation

AlgoSec FireFlow helps you process security policy changes in a fraction of the time, so you can respond to business requirements with the agility they demand. FireFlow automates the entire security policy change process — from design and submission to proactive risk analysis, implementation, validation, and auditing. Its intelligent automated workflows eliminate guesswork and help you save time, avoid manual errors and reduce risk. With the AlgoSec AppChange add-on, changes can be made at the business application level, including application migrations, server deployment and decommissioning projects.

AlgoSec FireFlow Helps You:

  • Process firewall changes with zero-touch automation
  • Intelligently design firewall rules to reduce clutter and complexity
  • Eliminate mistakes and rework. Improve accountability for change requests
  • Proactively assess the impact of network changes to ensure security and continuous compliance
  • Integrate with your existing business processes
  • Support change and migration processes throughout the entire application lifecycle

firewall-change-management

AlgoSec FireFlow | Process Security Policy Changes | AlgoSec

Zero-Touch Security Policy Change Management

Users can set their change management workflow to run automatically through the entire application lifecycle — from planning through deployment to production—with zero-touch – thereby significantly speeding up the security policy change management process while maintaining control and ensuring accuracy throughout the process.

FireFlow automatically implements recommended policy changes directly on your device with ActiveChange. Designed to save time and prevent manual errors, changes are “pushed” for implementation in the next change window, and rollback mechanisms ensure secure implementation.

AlgoSec FireFlow | Process Security Policy Changes | AlgoSec

Intelligently Design Firewall Rules to Reduce Clutter and Complexity

FireFlow automatically discovers all applications, devices and rules which are impacted by a change request. It then intelligently designs or updates any necessary firewall rules, utilizing existing rules and objects whenever possible to reduce policy clutter and complexity.

In addition, FireFlow instantly identifies and closes unnecessary (“already works”) change requests, which helps prevent up to 30% of unnecessary changes.

AlgoSec FireFlow | Process Security Policy Changes | AlgoSec

Eliminate Mistakes and Rework. Improve Accountability for Change Requests

FireFlow automatically validates the successful implementation of change requests to prevent premature closing of tickets. Additionally, FireFlow correlates change requests with actual changes made to detect unauthorized changes and ensure that changes are implemented exactly as specified.

AlgoSec FireFlow | Process Security Policy Changes | AlgoSec

Proactively Assess Network Changes to Ensure Security and Compliance

FireFlow automatically analyzes every proposed change – before it is implemented – to identify risks and ensure compliance with regulatory and corporate standards.

FireFlow leverages the broadest risk knowledge base which includes industry best practices, regulations such as PCI DSS, GDPR, HIPAA, and SOX, as well as corporate-defined policies.

AlgoSec FireFlow | Process Security Policy Changes | AlgoSec

Integrate with Your Existing Business Processes

FireFlow works with your existing business processes and tools. There is no need to change the way you work or the rest of your IT or security toolkit. FireFlow seamlessly integrates with IT Service Management (ITSM) solutions, such as ServiceNow, BMC Remedy and HP so you can continue to manage change requests within your existing systems. FireFlow complements these systems with intelligent automation that enables you to process firewall changes more quickly and accurately.

AlgoSec FireFlow | Process Security Policy Changes | AlgoSec

Support Change and Migration Projects Throughout the Application Lifecycle

Using AlgoSec FireFlow, support end-to-end change and migration processes – including migrations to a different data center, cloud migrations, and application decommissioning.

Using AlgoSec FireFlow with AppChange, you can speed up the secure deployment of business applications throughout the entire change lifecycle. AlgoSec manages the entire application connectivity migration process. AlgoSec maps, clones and adjusts connectivity for each environment in the application lifecycle, as well as provides advanced monitoring and impact analysis throughout the migration process.

Through its built-in workflows, FireFlow automatically identifies all the applications that will be affected by a planned migration or decommissioning project. It then generates the necessary change requests to the underlying network traffic flows, while ensuring the integrity of the security policy and network access.