BusinessFlow

AlgoSec BusinessFlow aligns application owners and network security teams by enabling application-centric security policy management. BusinessFlow allows application owners to request connectivity in application terms, and automatically computes any required changes to firewalls and routers, triggering the relevant change requests. BusinessFlow also enables network teams to understand the impact of any network changes on application availability. Security policy management for business applications can now be centralized and automated throughout their entire lifecycle, from deployment to ongoing maintenance and decommissioning. 

With BusinessFlow you can:

  • Visualize the connectivity requirements of every application in one centralized, up-to-date repository.
  • Quickly and easily deploy applications and maintain connectivity updates 
  • Understand the impact of network changes on application availability
  • Safely remove access for decommissioned applications 

Click to enlarge image

  • Features
  • Specifications

Automatic Translation of Connectivity Requirements to Firewall Rules

Quickly and accurately process changes for evolving application connectivity requirements by automatically computing the necessary changes to the underlying firewall rules and triggering the relevant change requests in AlgoSec FireFlow.

Network Change Impact Assessment 

Understand the impact that network changes, such as server migrations, may have on business applications and trigger the necessary firewall change requests to ensure application availability. 

Secure Decommission of Applications

Safely remove network access that is no longer required for decommissioned applications to ensure that the security policy is hardened without impacting the availability or performance of other business applications.

Central Application Connectivity Portal

A consolidated and up-to-date view of required application connectivity enables security and network teams to communicate more effectively with business application owners for accelerated service delivery.

Application Connectivity Mapping

Powerful discovery capabilities enable firewall and router access rules to be automatically mapped to existing applications, dramatically reducing the time and effort to populate the application repository. 

Complete Audit Trail of All Changes

Audits and proof of compliance are simplified by maintaining a complete history of every change made to the application supporting both internal and external compliance mandates.

Tight Integration with the AlgoSec Suite

BusinessFlow leverages AlgoSec Firewall Analyzer for policy analysis, traffic simulation and visualization, and AlgoSec FireFlow for security policy change management.

Integration with Existing CMDB Systems

BusinessFlow leverages information in existing CMDB systems to simplify implementation and management.


Supported Devices

Check Point

FireWall-1®, Provider-1®, SmartCenterv3.0 and up, NG, NGX, Software Blade Architecture (R7x) – including Application and Identity Awareness Software Blades
VSX All versions
Security Gateway VEAll versions

Cisco

PIX, ASA Seriesv4.4 and up
Firewall Services Module (FWSM)v1.0 and up
Cisco Router Access Control ListsAll versions
Cisco Layer-3 SwitchesAll versions
Cisco Security Managerv4.3
Nexus Routers, All versions

Juniper

NetScreen Seriesv5.0 and up
Network and Security Manager (NSM)v2008.1 and up
SRX SeriesAll versions

Fortinet

FortigateFortOS 3.x and up, including  VDOM
FortiManagerv4.x

Palo Alto Networks

 PAN-OSV4.X and up

McAfee

Firewall Enterprise (formerly Sidewinder)V7.x and up

 Blue Coat

  Proxy SG  V5.x and up

 

Supported Devices for Change Monitoring*

F5

Big-IP Family

Juniper

Secure Access SSL VPN

Linux

Netfilter/Iptables

Stonesoft

StoneGate

* Additional devices can be added via the AlgoSec Extension Framework.

System Requirements

The AlgoSec Security Management Suite can be delivered as software only, or preloaded on a virtual or physical appliance.

Physical appliances can be deployed in high-availability mode and support load-sharing for increased scalability.

Software

Memory2GB
CPU3Ghz
Storage300 GB
 (2GB and additional 50MB per report)
Operating SystemRed Hat Enterprise
Linux v4/v5
CentOS 4 - 5
Microsoft Windows
2000/XP/Vista (VMware)
BrowserInternet Explorer 7.0 or higher
Firefox 3.0 or higher

Virtual Appliance

VMware virtual appliance can run on a hosting Windows server with 1GB of RAM (2GB RAM or more is recommended).

AlgoSec Appliance

AlgoSec 1020 – low cost entry level, best for up to 150 firewalls
AlgoSec 1080 – High-performance, best for up to 1000 firewalls
AlgoSec 1160 – Enterprise level, best for up to 2000 firewalls

*The number of firewalls supported by each appliance may vary according to policy complexity and the amount of logs collected.