AlgoSec Firewall Management Made Smarter
   
 
Overview
Policy Optimization
Rule & Object Cleanup
Risk Management
Change Management
Cisco PIX to ASA Migration
Server IP Migration
Automated Audit
Managed Services
Security Compliance
White Papers
 

Change Management

Administrative change management is not enough for firewall policies. The actual rule change may be different from the planned change. Thus there may be a discrepancy between the approved, documented change and the real rule-set.

Knowing that a rule has changed is just the tip of the iceberg; IT teams need to know whether the change introduced any new risks, was necessary and was implemented as intended.

Currently, when a new rule is deployed, the feedback loop is open:

  • Administrative change management processes do not necessarily reflect reality.
  • There is no feedback on the effect the changed rule has on the network's security.

change-open loop

 

The AlgoSec Firewall Analyzer (AFA) closes the management loop. It automatically documents the real policy changes. It also highlights network security risks, and, as a result, leaves no "hidden risks." AlgoSec' also offers an end-to-end change management workflow solution in its companian FireFlow product which automates the entire change process from ticket request to audit.

Using AlgoSec's flagship AFA product or FireFlow product to manage your change request and implementation process provides you the required change tracking, analysis and audit you need out-of-the-box.



 

The AlgoSec AFA tracks the history of the changes in your firewalls and routers:

  • See which rules were modified, when and by whom.
  • See which service definitions and host group definitions were modified.
  • See which risks were introduced by these changes.
  • Receive daily e-mail about all these changes, or shortly after a new policy has been installed.

 

  • Changes in Risks

    Changes in Risks

     
  • Changes in Rules

      Changes Rule Service Action Source
    NAT    		 Destination
    NAT    		 Chande
    Time    		 Changed
    By
    16 13 * * Authenticated PASS 21Mar2006
    17:37:15    		 john
    16   13 Algosec_inside FiremonRcc Blubster PASS    
    17 14 Algosec_inside FiremonRcc Blubster DROP 21Mar2006
    17:37:43    		 sam
    17   14 LocalMachine algo_ngx bootp DROP    
    18 15 LocalMachine algo_ngx bootp PASS 21Mar2006
    17:37:52    		 dani

The AFA change management helps you comply with corporate and regulatory requirements including Sarbanes-Oxley Act (SOX), Basel II Capital Accord, HIPAA, BS 7799 / ISO 17799 and 27001, FISMA, IAVA, Payment Card Security Standard PCI DSS.
 
Why AlgoSec
Get A FREE Evaluation
Satisfaction Guarantee
How To Buy