Firewall Audit Solution

Firewalls are increasingly an enterprises first and continued line of defense. As firewalls become more complex, streamlining the audit process, and ensuring risks and clutter are not injected into the rule base becomes an extremely labor-intensive and time consuming task for the enterprise.

Many organizations have found that manually auditing firewalls is a cumbersome, error-prone process. The overwhelming number of rules, and the constant influx of change requests makes it difficult for enterprises to effectively audit their configurations let alone comply with corporate and industry standards.

AlgoSec Firewall Analyzer technology automatically and continuously collects information from multiple firewalls across multiple vendors, including Check Point, Cisco and Juniper, and analyzes their compliance with industry best practices or customized policies as well as analyzing their usage statistics. With AlgoSec technology, IT Operations professionals can optimize their rule base to eliminate unused, duplicated and ineffective rules and objects – ensuring their configuration is free of clutter which can inject risk. Risk Management professionals can discover and remedy policy violations that introduce risk and lead to non-compliance. Both teams can ensure that configuration is aligned with policy and that changes are necessary, do not introduce risk and clutter and are implemented as intended.

Key Features:

• Automated and continuous audit, saving time and labor
• Improved firewall management despite constant influx of changes
• Automated change management lifecycle process to ensure changes are necessary, do not inject risk and are implemented as intended  
• Support for multi firewall vendors, including Check Point, Cisco and Juniper Netscreen
• Group and individual firewall reports
• Market leading analytics engine built on best practice policies based on scores of standards including NIST, NSA, PCI DSS, ISO 27001, NSA, FISMA, SOX and more
• Side-by-side firewall comparison reports between past, present and future configurations of a firewall or groups of firewalls
• Audit reports
• Rule usage analysis and Intelligent Rule Reordering analysis to boost performance
• Policy violation and risk discovery
• "What-if" analyses to ensure no risks are introduced prior to implementing changes
• Querying capabilities to ensure business continuity through quick and effective troubleshooting
• Automatically completed compliance reports for PCI DSS, ISO 27001 and SOX out-of-the-box

Key Benefits for IT Operations:

• Optimized Performance eliminates clutter by identifying duplicated, disabled, expired, and unused rules and objects and provides guidance for rule reordering.
• Enhanced Management maximizes efficiency by enabling queries across multiple firewall platforms and verifying that business processes will not be impacted by changes.
• Improved Change Management optimizes workflow by offering “what if” analyses across firewall platforms, Cisco®, Juniper® Netscreen™ and Check Point®, before implementing change requests.
• Ensured Regulatory Compliance aligns configurations with standards: SOX, PCI-DSS, ISO 27001, ISO 27001, HIPAA, FISMA, IAVA, Cyber Security Standards (CIP), Basel II, and NIST 800-41.
• Intuitive Graphical Interface provides offline view from any web browser in same format as the leading firewall platforms.

Key Benefits for Risk Management:

• Deep Risk Analysis automatically maps topology and identifies the most serious threats based on industry best practices, prioritizes subsequent risks and offers guidance on what and how to remediate.
• Automated Assessment and Compliance generates automatically populated per firewall compliance reports, assuring continued adherence to internal corporate policies and external regulatory standards.
• Continuous Security Audit provides complete audit trail and replaces error prone manual task to ensure configuration is aligned with policy.
• Offline Web Interface provides offline policy store delivering unprecedented visibility and insight to ensure current configurations match mandated policies and continuous firewall rule changes.