AlgoSec BusinessFlow aligns application owners and network security teams by enabling application-centric security policy management. BusinessFlow allows application owners to request connectivity in application terms, and automatically computes any required changes to firewalls and routers, triggering the relevant change requests. BusinessFlow also enables network teams to understand the impact of any network changes on application availability. Security policy management for business applications can now be centralized and automated throughout their entire lifecycle, from deployment to ongoing maintenance and decommissioning.
With BusinessFlow you can:
Click to enlarge image
Automatic Translation of Connectivity Requirements to Firewall Rules
Quickly and accurately process changes for evolving application connectivity requirements by automatically computing the necessary changes to the underlying firewall rules and triggering the relevant change requests in AlgoSec FireFlow.
Network Change Impact Assessment
Understand the impact that network changes, such as server migrations, may have on business applications and trigger the necessary firewall change requests to ensure application availability.
Secure Decommission of Applications
Safely remove network access that is no longer required for decommissioned applications to ensure that the security policy is hardened without impacting the availability or performance of other business applications.
Central Application Connectivity Portal
A consolidated and up-to-date view of required application connectivity enables security and network teams to communicate more effectively with business application owners for accelerated service delivery.
Application Connectivity Mapping
Powerful discovery capabilities enable firewall and router access rules to be automatically mapped to existing applications, dramatically reducing the time and effort to populate the application repository.
Complete Audit Trail of All Changes
Audits and proof of compliance are simplified by maintaining a complete history of every change made to the application supporting both internal and external compliance mandates.
Tight Integration with the AlgoSec Suite
Integration with Existing CMDB Systems
BusinessFlow leverages information in existing CMDB systems to simplify implementation and management.
|FireWall-1®, Provider-1®, SmartCenter||v3.0 and up, NG, NGX, Software Blade Architecture (R7x) – including Application and Identity Awareness Software Blades|
|Security Gateway VE||All versions|
|PIX, ASA Series||v4.4 and up|
|Firewall Services Module (FWSM)||v1.0 and up|
|Cisco Router Access Control Lists||All versions|
|Cisco Layer-3 Switches||All versions|
|Cisco Security Manager||v4.3|
Nexus Routers, All versions
|NetScreen Series||v5.0 and up|
|Network and Security Manager (NSM)||v2008.1 and up|
|SRX Series||All versions|
|Fortigate||FortOS 3.x and up, including VDOM|
Palo Alto Networks
|PAN-OS||V4.X and up|
|Firewall Enterprise (formerly Sidewinder)||V7.x and up|
|Proxy SG||V5.x and up|
Supported Devices for Change Monitoring*
|Secure Access SSL VPN|
* Additional devices can be added via the AlgoSec Extension Framework.
The AlgoSec Security Management Suite can be delivered as software only, or preloaded on a virtual or physical appliance.
Physical appliances can be deployed in high-availability mode and support load-sharing for increased scalability.
(2GB and additional 50MB per report)
|Operating System||Red Hat Enterprise |
CentOS 4 - 5
|Browser||Internet Explorer 7.0 or higher|
Firefox 3.0 or higher
|VMware virtual appliance can run on a hosting Windows server with 1GB of RAM (2GB RAM or more is recommended).|
AlgoSec 1020 – low cost entry level, best for up to 150 firewalls
*The number of firewalls supported by each appliance may vary according to policy complexity and the amount of logs collected.