AlgoSec Firewall Analyzer

Intelligent Firewall Policy Audit and Analysis

AlgoSec Firewall Analyzer (AFA) is a policy audit and analysis solution that helps security and operations teams manage firewalls and network security devices more effectively. AFA supports all major firewall vendors, and intelligently automates the labor-intensive and error-prone tasks associated with firewall operations, auditing and risk analysis.

By providing control over today's most complex security policies - across both physical and hypervisor-level firewalls - AFA increases operational efficiency, ensures compliance and improves security.

 

  • Features
  • Specifications

Firewall Operations

Change Monitoring

AFA monitors all changes to the network security policy in real-time and creates detailed firewall audit reports. Network administrators can opt to receive email notifications of unauthorized or risky changes.

Using the AlgoSec Extension Framework (AEF), AFA can monitor changes in a wide variety of devices including routers, switches, load balancers and proxies.

 

Network Topology Intelligence

AFA analyzes routing tables and automatically detects all interfaces, subnets and zones, allowing operations team to run powerful traffic queries. ("Which firewalls and rules are blocking traffic from point A to point B?"). Additionally, AFA generates a dynamic, interactive network map* to help visualize and analyze complex networks.

* Topology map available Q1 2012

 

AlgoSec - Risk and Compliance

View Demo (2:36)

AlgoSec - Topology Intelligence (Available Q1 2012)

View Demo (2:43)

Policy Optimization and Cleanup

AFA provides the richest set of recommendations for optimizing and cleaning up cluttered policies.

  • Discover unused rules and objects, as well as shadowed, duplicate and expired rules.
  • Reorder rules for optimal firewall performance.
  • Intelligent Policy Tuner™ tightens overly permissive rules without impacting business requirements.
 

AlgoSec - Risk and Compliance

View Demo (2:40)

Risk Analysis

AFA instantly discovers and prioritizes all risks and potentially risky rules in the firewall policy by drawing on its knowledgebase. AFA provides the largest risk knowledgebase available, including industry regulations, best practices, and customizable corporate security policies.

AFA also assigns and tracks a security rating for each device and group of devices, allowing organizations to quickly pinpoint devices that require attention, and measure the effectiveness of the security policy over time.

 

AlgoSec - Risk Analysis

View Demo (2:47)

Auditing and Compliance

AFA generates automatically populated compliance reports for industry regulations, including PCI-DSS, SOX, NERC and ISO. These detailed reports easily demonstrate firewall compliance. If the network security policy does not adhere to regulatory or corporate standards, the reports identify the exact rules and devices that cause gaps in compliance.

 

AlgoSec - Auditing and Compliance

View Demo (2:29)

 

Supported Devices

Check Point

FireWall-1®, Provider-1®, SmartCenterv3.0 and up
VSX All versions
Security Gateway VEAll versions

Cisco

PIX, ASA Seriesv4.4 and up
Firewall Services Module (FWSM)v1.0 and up
Cisco Router Access Control ListsAll versions
Cisco Layer-3 SwitchesAll versions

Juniper

NetScreen Seriesv5.0 and up
Network and Security Manager (NSM)v2008.1 and up
SRX SeriesAll Versions

Fortinet

FortigateFortOS 3.x and up, including  VDOM
FortiManagerv4.x
 

 Supported Devices for Change Monitoring*

BlueCoat

Proxy Server and WebFilter

F5

Big-IP Family

Juniper

Secure Access SSL VPN

Linux

Netfilter/Iptables

McAfee

Sidewinder

Stonesoft

StoneGate

Palo Alto Networks

PA Series

* Additional devices can be added via the AlgoSec Extension Framework.

 

System Requirements

The AlgoSec Security Management Suite can be delivered as software only, or preloaded on a virtual or physical appliance.

Physical appliances can be deployed in high-availability mode and support load-sharing for increased scalability.

Software

Memory2GB
CPU3Ghz
Storage300 GB
 (2GB and additional 50MB per report)
Operating SystemRed Hat Enterprise
Linux v4/v5
CentOS 4 - 5
Microsoft Windows
2000/XP/Vista (VMware)
BrowserInternet Explorer 7.0 or higher
Firefox 3.0 or higher

Virtual Appliance

VMware virtual appliance can run on a hosting Windows server with 1GB of RAM (2GB RAM or more is recommended).

AlgoSec Appliance

AlgoSec 1020 – low cost entry level, best for up to 150 firewalls
AlgoSec 1080 – High-performance, best for up to 1000 firewalls
AlgoSec 1160 – Enterprise level, best for up to 2000 firewalls