Risk Management & Compliance

Risk Management & Compliance is the market’s leading firewall security risk and compliance management solution. It includes the full featuer set of the Operations Management Edition and adds the optional Risk Management software module. Built on AlgoSec's comprehensive knowledge-base of industry best practices for firewall configurations, it allows users to quickly assess the security posture of their firewall configurations and ensure all devices meet their specific security controls. It also includes automatically completed compliance reports.
The Risk Management Edition is comprised of AlgoSec’s Risk Module and Core Module.
Risk feature highlights:

• Deep risk analysis: Identifies every packet the firewall may encounter. Automatically maps topology and identifies the most serious threats based on industry best practices, prioritizes subsequent risks and offers guidance on what and how to remediate.
• Automatic assessment and turnkey compliance reports: Generates automatically populated per firewall compliance reports to assure continued adherence to external regulatory standards including SOX, PCI-DSS, J-SOX and ISO, supplying the end-user or auditor with out-of-the-box reports.
• Continuous security audit: Provide complete audit trail and replace error prone manual task to ensure configuration is aligned with security policy.
• Customize risk assessment: Add risk profiles based on internal corporate standards and easily customize out-of-the-box risk profiles with the AlgoSec wizard-driven Risk Profile Editor.
• eMail notifications: Send emails to pre-assigned users following a firewall risk analysis with the summary of the analysis and the changes to the security posture relative to previous reports.
• Offline Web interface: Offer offline policy store to deliver unprecedented visibility and insight to ensure current configurations match mandated policies.
• VPN analysis: Add risks associated to VPN rules and VPN objects to the Change History page and to email notifications.
• Compliance: Out-of-the-box and audit-ready compliance reports for the Sarbanes-Oxley Act, Basel II Capital Accord, ISO27001, and Payment Card Security Standard (PCI DSS) standard. As well, the AFA explores the policy and change history providing an auditor the required information to produce a report that complies with additional corporate and regulatory standards such as HIPAA, FISMA, and Cyber Security Standards (CIP).