Operations Management and Optimization

The AlgoSec Firewall Analyzer (AFA) Operations Management and Optimization is the market’s leading Firewall Operations and Security Risk Management solution. It is a comprehensive offering that helps organizations address all aspects of their firewall operations management and policy optimization and clean0up requirements. It is based on AlgoSec’s patented technology.

Operations Management Optimization replaces the manual, inefficient and potentially error prone task of managing complex firewall, router and VPN configurations.  It makes it easy for enterprises to provide trusted team as well as outside consultants and analysts with unparalleled visibility into firewall configurations without accessing the production firewall consoles. It provides actionable information to enable team members to query firewall configurations, view policies offline from any web browser, and optimize performance while providing an audit trail.
 
Operational highlights follow:

• Firewall analysis and reports for change tracking: Visual display of the firewall policy, including topology, traffic, rules and objects. It also includes analysis of the routing table and provides a connectivity diagram. Shows changes from previous reports on the same firewall.
• Group reports for change tracking: Create a report on a group of firewalls with either predefined or ad-hoc firewall definitions.
• Customized report scheduling: Schedule an analysis on a per firewall or group of firewalls based on pre-defined intervals (daily, weekly, monthly, etc) and issue a report.
• Report comparisons: Compare any two reports – either the same firewall or different firewalls or different firewall vendors. Track the changes in a firewall policy between reports of any two dates.  Show the changes in traffic, rules, services, host groups, topology and objects.
• eMail notifications: Send emails to pre-assigned users following a firewall analysis with the summary of the analysis and the changes from previous reports.
• Queries: Query a specific firewall or a group of firewalls to determine which rules control traffic between specific sources and destinations. This enables help desk teams to easily troubleshoot and prevent disruptions. It also provides for seamless server IP migration and security checking.
• Real time change alerting: Continuously poll firewall policy changes and send email alerts when a change is detected.
• Basic compliance: By exploring the policy and change history an auditor receives the required information to produce a report that complies with corporate and regulatory standards such as the Sarbanes-Oxley Act, Basel II Capital Accord, HIPAA, BS 7799 / ISO 17799, FISMA, Payment Card Security Standard (PCI DSS) and Cyber Security Standards (CIP).
• What-if analysis: Analyze a firewall policy before actually pushing it into production. Allows planned changes to be tested to ensure that the change in policy will produce the required results.

Optimization feature highlights follow:

• Rule cleanup and audit: Identify unused, covered, timed out and disabled rules which are candidates for removal. List rules that may not conform to company security policies, including rules without comments, rules without logs and rules with comments that do not include a ticket number.
• Usage analysis: Show unused rules, the most used and the least used rules.
• Intelligent rule re-ordering: Recommendation of new positions to the rules to increase the firewall performance. The recommended order retains the policy logic. Typically, by repositioning only a few of the most used rules a significant improvement in performance is seen.
• Object cleanup and audit: List unused, unattached and empty objects which are candidates for removal.
• VPN cleanup and audit: Show VPN parameters including unused users, unattached users, expired users, unused groups, unattached groups and expired groups.
• VPN analysis: Present the VPN parameters also in the change history page and in email notifications.

In addition to the features listed above, the AFA solutions include:

• Graphical user interface
• Data collection setup
• User management and access control
• Reporting infrastructure