Change Management
Approximately 20% to 30% of firewall changes organizations make are unnecessary. Not only does this introduce clutter and risk to an organization it is a time consuming, labor intensive and costly exercise.
The AlgoSec Firewall Analyzer (AFA) allows organizations to avoid the introduction of these unnecessary and often redundant changes to their firewall environment. With the AFA spearheading the firewall change management process, organizations save time, labor and money.
AlgoSec does this via its exclusive and powerful Query capability.
AlgoSec's solution enables organizations to quickly and easily query their firewall infrastructure, across multiple vendors and devices, to learn whether a change is even needed as perhaps the rule or policy exists. It reveals the operational and security implications, allowing organizations to ensure business continuity. AlgoSec’s powerful Query capability also enables companies, with a few clicks of the mouse, to easily troubleshoot should a business disruption occur.
This provides key team members, including firewall operations managers, administrators, help desk personnel and security officers, unprecedented abilities to understand the operational and security impact of changes prior to executing them, allowing the organization to more effectively manage and audit their environments.
AlgoSec’s solution is automated, offline and does not impact your production network. How it works:
- AFA continuously, and automatically analyzes every change and its operational and security impact on your network
- Each firewall policy change and its effect are kept in an offline policy store and all analyses are conducted relative to this history
- Configuration and policy changes are automatically analyzed
- AFA automatically sends reports detailing changes, who made them, when, which firewalls were affected and the potential operational and security impact
- Reports, customized per firewall and user, are sent to specified IT staff members, with levels of detail adjusted to each recipient
- Each change is automatically checked for compliance with industry best practices and your corporate policy
Intuitive Graphical Interface
AFA’s graphical interface and unique topology map based on routing tables and continuously updated makes firewall change management easy, clearly showing every change and its impact on operations and security. The reports are web-based and accessible on-demand as well via automatic email reports triggered by pre-set criteria.
AlgoSec also offers side-by-side policy comparison reports on individual firewalls, groups of firewalls and tiers (matrices) of firewalls providing a historical view of changes to policy.
Changes to Risk Profile:
Changes to Rules:
|
|
Changes
|
Rule
|
Service
|
Action
|
Source
NAT
|
Destination
NAT
|
Chande
Time
|
Changed
By
|
|
16
|
|
13
|
*
|
*
|
Authenti-cated
|
PASS
|
21Mar2006
17:37:15
|
john
|
|
16
|
|
13
|
Algosec_inside
|
FiremonRcc
|
Blubster
|
PASS
|
|
|
|
17
|
|
14
|
Algosec_inside
|
FiremonRcc
|
Blubster
|
DROP
|
21Mar2006
17:37:43
|
sam
|
|
17
|
|
14
|
LocalMachine
|
algo_ngx
|
bootp
|
DROP
|
|
|
|
18
|
|
15
|
LocalMachine
|
algo_ngx
|
bootp
|
PASS
|
21Mar2006
17:37:52
|
dani
|
The AFA change management helps you comply with corporate and regulatory requirements including Sarbanes-Oxley Act (SOX), Basel II Capital Accord, HIPAA, BS 7799 / ISO 17799 and 27001, FISMA, IAVA, Payment Card Security Standard PCI DSS.
AlgoSec's FireFlow - Intelligent Workflow for Network Security
In addition to the flagship AFA product and powerful Query capability which enables companies to effectively manage change to their firewall policy, AlgoSec also offers an end-to-end change management workflow solution in its companion FireFlow product which automates the entire change process from ticket request to audit.
Using AlgoSec's AFA product or FireFlow product to manage your change request and implementation process provides you the required change tracking, analysis and audit you need out-of-the-box.
AlgoSec’s FireFlow™ solution goes beyond standard change reporting management. It provides unparalleled visibility, insight and analysis into the network security policy change lifecycle. An end-to-end solution, FireFlow automates the change lifecycle process from submission to audit. It ensures that security policy changes are approved, necessary and implemented as intended.
|
