AlgoSec - Automated Firewall Rule Usage Statistics

The AlgoSec Firewall Analyzer is the only comprehensive solution, with its exclusive topology-aware technology -- that will intelligently automate analysis of your firewall, router and VPN infrastructure. AlgoSec Firewall Analyzer is a unique solution that helps you proactively cover five important areas:

AlgoSec Firewall Analyzer copies the firewall policy and runs the analysis offline without any packet transmission.

AlgoSec Firewall Analyzer provides visibility into the firewall operational mode.

While other solutions may inform you about events that occurred in the past or at present, the AlgoSec Firewall Analyzer will alert you about events that may happen in the future. So you can practice prevention instead of crisis management.

Change Management
Today's constant demand for application and infrastructure changes poses a significant risk of compromising security in the process, and exposes organizations to new risks they might not even know about. That's why an ad hoc approach to change management is not recommended.

AlgoSec Firewall Analyzer and the AlgoSec FireFlow product provide comprehensive solutions that help report all the changes made to your firewall policies. With the AFA you can analyze the impact of these changes and review and verify that they are performed correctly. In addition a complete change history is logged. With the AFA, the change process becomes more efficient, safer and easier to control. With AlgoSec's FireFlow product you have an end-to-end Network Security Lifecycle Management solution that automates the change process from request to audit.

Risk Management
Analyzing complex firewall policies manually is time consuming and requires understanding of all possible options and combinations. As a result, many risks are not detected and impose a threat to the organization's security.

AlgoSec Firewall Analyzer Risk Management module automatically analyzes every type of packet that a firewall may encounter and performs a comprehensive analysis - not just a spot check. The number of theoretical combinations calculated by AlgoSec Firewall Analyzer is over 1,000,000,000,000,000,000,000,000,000,000.

Automated Audits
With AlgoSec Firewall Analyzer you can incorporate auditing into your work process. Simply define the schedule for analysis. AlgoSec Firewall Analyzer will automatically perform the analysis according to your defined triggers and e-mail the results to the relevant people upon completion.

Advanced Management
AlgoSec Firewall Analyzer provides operations, helpdesk and security teams with the ability to run online queries to diagnose whether the firewall is blocking operational traffic. In situations where a new exploit uses ports that could be blocked by the firewalls AlgoSec Firewall Analyzer lets you query all your firewalls to identify whether you are exposed, and which policies should be tightened up.

Policy Optimization
Firewalls work more efficiently and are easier to manage when the policies are uncluttered and free of unused rules and objects. AlgoSec Firewall Analyzer provides customers with the ability to optimize policies in an easy and safe way. Learn about:

Multi-Vendor Support
AlgoSec Firewall Analyzer analyzes all the leading firewalls in the enterprise market. The reports for all firewalls have the same look and feel. If you are migrating to another firewall configuration, or another vendor, you will find the AlgoSec reports invaluable to increase the efficiency and quality of this process.

When you run a PIX audit, a FWSM audit, a Checkpoint Firewall-1 audit, a Checkpoint Provider-1 audit, Juniper-Netscreen audit, or a Cisco IOS Access List (ACL) audit – you'll find the AlgoSec AFA very helpful.

Ease of Deployment
AlgoSec Firewall Analyzer can either be run on Windows with a VMware soft appliance or it can be installed on a Linux machine. For a Linux machine it typically takes 90 minutes to install and have a report ready. With a VMWare soft appliance, which contains a ready-to-use Linux platform preloaded with the AFA software, it is even faster. Reports are easily accessible via the network to authorized users. The reports are html based, and can be viewed by using any standard web browser.

AlgoSec Firewall Analyzer includes build in knowledge base and powerful customization suite that lets you within minutes – tailor the reports to reflect your corporate policy and specific business needs.

Firewall policies are rarely static. Changing business needs produce a constant stream of requests to change firewall rules. This has far reaching implications including slower performance and subsequently shortened hardware lifespans as well as increased risk and lack of compliance with corporate and industry standards.

Industry statistics show that between 20 to 30 percent of changes made to firewalls are not even necessary, adding to clutter and increasing potential risk to the organization as well as wasting valuable time and effort which translates into lost money. In addition, to achieve real security governance and compliance requires organizations to monitor all layers of their security, and in particular firewalls, to continuously ensure that all are performing as designed.

In general, to properly execute rule change requests, each request has to be approved, planned, tested, deployed and then audited. In a multi-firewall, multi-vendor environment, this manual and tedious process is often cumbersome and protracted.

Fortunately, the AlgoSec Firewall Analyzer (AFA) helps you streamline and automate firewall analysis and management.

AFA lets you know whether a request is needed, is aligned with corporate policies and should be approved and if so what firewalls and rules need to be updated. AFA reduces downtime caused by firewall configuration mistakes, and most importantly, helps businesses react faster to changing business conditions by cutting days off of the firewall change request process while safeguarding your enterprise.