Optimization and Operations Management

The AlgoSec Firewall Analyzer (AFA) Optimization and Operations Module helps organizations address all aspects of their firewall operations, policy optimization and clean-up requirements. It is the baseline AlgoSec Firewall Analyzer software offering and is based on AlgoSec-patented technology.

The AFA Operations and Optimization Module replaces the manual, inefficient and potentially error-prone tasks related to managing complex firewall, router and VPN configurations.  It makes it easy for enterprises to provide trusted teams as well as outside consultants and analysts with unparalleled visibility into firewall configurations without accessing the production firewall consoles. It provides actionable information to enable team members to query firewall configurations, view policies offline from any web browser, and optimize performance while providing an audit trail.

Operations Management features include:

• Multi-vendor firewall analysis and reports for change tracking: Provides a visual display of firewall policy, topology, traffic, rules and objects for firewalls from multiple vendors including Check Point, Juniper, Cisco, and Fortinet. Includes analysis of the routing table and provides a connectivity diagram.
• Group reports for change tracking: Create a report on a group of firewalls with either predefined or ad-hoc firewall definitions.
• Customized report scheduling: Schedule an analysis on a per firewall or group of firewalls based on pre-defined intervals (daily, weekly, monthly, etc) and issue a report.
• Report comparisons: Compare any two reports – either the same firewall or different firewalls or different firewall vendors. Track the changes in a firewall policy between reports of any two dates.  Show the changes in traffic, rules, services, host groups, topology and objects.
• eMail notifications: Send emails to pre-assigned users following a firewall analysis with the summary of the analysis and the changes from previous reports.
• Queries: Query a specific firewall or a group of firewalls to determine which rules control traffic between specific sources and destinations. This enables help desk teams to easily troubleshoot and prevent disruptions. It also provides for seamless server IP migration and security checking.
• Real-time change monitoring and alerting: Continuously polls devices for policy changes and notifies administrators via email alerts and the Web GUI when a change is detected.
• Basic compliance: By exploring the policy and change history an auditor receives the required information to produce a report that complies with corporate and regulatory standards such as the Sarbanes-Oxley Act, Basel II Capital Accord, HIPAA, BS 7799 / ISO 17799, FISMA, Payment Card Security Standard (PCI DSS) and Cyber Security Standards (CIP).
• What-if analysis: Analyze a firewall policy before actually pushing it into production. Allows planned changes to be tested to ensure that the change in policy will produce the required results.

Optimization features include:

• Rule cleanup and audit: Identify unused, covered, timed out and disabled rules which are candidates for removal. List rules that may not conform to company security policies, including rules without comments, rules without logs and rules with comments that do not include a ticket number.
• ActiveChange™: Enables disabling of unused and covered rules on Check Point security gateways directly from AFA, saving time, avoiding mistakes and increasing the accuracy of policy changes.
• Usage analysis: Show unused rules, the most used and the least used rules.
• Rule consolidation: Detects similar rules that can be consolidated into one rule, further minimizing firewall policy.
• Intelligent rule re-ordering: Recommendation of new positions to the rules to increase the firewall performance. The recommended order retains the policy logic. Typically, by repositioning only a few of the most used rules a significant improvement in performance is seen.
• Intelligent Policy Tuner: Enhances overall security by identifying overly permissive rules and providing specific, actionable recommendations on exactly how to tighten the policy.
• Object cleanup and audit: List unused, unattached and empty objects which are candidates for removal.
• VPN cleanup and audit: Show VPN parameters including unused users, unattached users, expired users, unused groups, unattached groups and expired groups.
• VPN analysis: Present the VPN parameters also in the change history page and in email notifications.

In addition to the features listed above, the AlgoSec Firewall Analyzer Optimization and Operations Module includes:

• Graphical user interface
• Data collection setup
• User management and access control
• Reporting infrastructure

For more information register here for exclusive access to our Customer Extranet where you will find White Papers, Case Studies, Sample Reports and more.