Firewall Auditing and Compliance

Automating the firewall auditing process has never been more pressing. According to Forrester Research, "Performing a manual firewall audit in today’s network environment has become nearly impossible." Firewalls and related security technologies are becoming increasingly subject to regulatory and corporate security compliance. To avoid costly fines and re-audits, organizations are investing significant resources in internal and external firewall audits.

 

Reduce Auditing Efforts by As Much As 80 Percent

The AlgoSec Security Management Suite is used by more than 800 of the world's leading organizations, including all "Big Four" auditing firms, to accelerate and increase the accuracy of the auditing process. Supporting all major firewall vendors, AlgoSec even provides the ability to analyze groups of devices with a single report, eliminating the need to run individual compliance reports for each device.

AlgoSec Firewall Analyzer (AFA) provides automatically populated firewall compliance reports for the widest variety of regulatory standards. Reports provide instant visibility into the compliance state of your network security policy, complete with actionable information on remediation. Organizations can also add their own custom policies and generate reports that demonstrate compliance to internal auditors.

 

AlgoSec supports the following regulations right out of the box:

  • Payment Card Industry Data Security Standard (PCI DSS)
  • Sarbanes Oxley (SOX)
  • ISO 27001
  • North American Electric Reliability Corporation (NERC)
  • The Basel Capital Accord (Basel II)
  • Federal Information Security Management Act (FISMA)
  • Japan's Financial Instruments and Exchange Law (J-SOX)

 

Firewall auditClick to Enlarge PCI-DSS Report

 AlgoSec FireFlow increases the accuracy, visibility and governance of the entire policy change lifecycle. FireFlow generates audit reports that track each step of the policy change approval process and ensures new changes do not break any regulatory or corporate requirements.

Key Audit and Compliance Features: 

  • Automatically populated report templates for all key regulations, such as PCI-DSS and SOX.
  • Customizable reports for internal corporate security standards.
  • Topology-aware and group intelligence capabilities provide comprehensive visibility across groups of devices.
  • Automatic identification of non-compliant rules with specified actions for remediation.
  • Audit trail of all performed changes with detailed information on approval workflow.