AlgoSec Firewall Analyzer, Optimization Edition

The AlgoSec Firewall Analyzer (AFA), Optimization Edition is the market’s leading firewall policy optimization and clean up solution. It contains the full-feautre set of the Operations Management Edition and adds the optional Optimization software module which offers a rich set of reports and recommendations for improving the efficiency of the firewall configuration.

The Optimization Edition is comprised of AlgoSec’s Optimization Module and Core Module.

Optimization Module feature highlights:

• Rule cleanup and audit: Identify unused, covered, timed out and disabled rules which are candidates for removal. List rules that may not conform to company security policies, including rules without comments, rules without logs and rules with comments that do not include a ticket number.
• Usage analysis: Show unused rules, the most used and the least used rules.
• Intelligent rule re-ordering: Recommendation of new positions to the rules to increase the firewall performance. The recommended order retains the policy logic. Typically, by repositioning only a few of the most used rules a significant improvement in performance is seen.
• Object cleanup and audit: List unused, unattached and empty objects which are candidates for removal.
• VPN cleanup and audit: Show VPN parameters including unused users, unattached users, expired users, unused groups, unattached groups and expired groups.
• VPN analysis: Present the VPN parameters also in the change history page and in email notifications.

Core Module feature highlights:

• Firewall analysis and reports for change tracking: Visual display of the firewall policy, including topology, traffic, rules and objects. It also includes analysis of the routing table and provides a connectivity diagram. Shows changes from previous reports on the same firewall.
• Group reports for change tracking: Create a report on a group of firewalls with either predefined or ad-hoc firewall definitions.
• Customized report scheduling: Schedule an analysis on a per firewall or group of firewalls based on pre-defined intervals (daily, weekly, monthly, etc) and issue a report.
• Report comparisons: Compare any two reports – either the same firewall or different firewalls or different firewall vendors. Track the changes in a firewall policy between reports of any two dates.  Show the changes in traffic, rules, services, host groups, topology and objects.
• eMail notifications: Send emails to pre-assigned users following a firewall analysis with the summary of the analysis and the changes from previous reports.
• Queries: Query a specific firewall or a group of firewalls to determine which rules control traffic between specific sources and destinations. This enables help desk teams to easily troubleshoot and prevent disruptions. It also provides for seamless server IP migration and security checking.
• Real time change alerting: Continuously poll firewall policy changes and send email alerts when a change is detected.
• Basic compliance: By exploring the policy and change history an auditor receives the required information to produce a report that complies with corporate and regulatory standards such as the Sarbanes-Oxley Act, Basel II Capital Accord, HIPAA, BS 7799 / ISO 17799, FISMA, Payment Card Security Standard (PCI DSS) and Cyber Security Standards (CIP).
• What-if analysis: Analyze a firewall policy before actually pushing it into production. Allows planned changes to be tested to ensure that the change in policy will produce the required results.

In addition to the features listed above all editions provide the infrastructure software features for the AlgoSec Firewall Analyzer that include:

• Graphical user interface
• Data collection setup
• User management and access control
• Reporting infrastructure