AlgoBuzz Blog

Everything you ever wanted to know about security policy management, and much more.

Search
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt
Search in comments
Filter by Custom Post Type
Posts

Network Computing on AlgoSec: “takes the pain out of network security and risk management”

by

We’re delighted to receive another outstanding review of AlgoSec, this time in the leading UK IT title, Network Computing.  In the review, the tester asserted that “AlgoSec’s Security Management Solution takes the pain out of network security and risk management” and that its “The only product that aligns network security with critical business applications and processes.”

‘Key components … seamlessly integrate’

The AlgoSec solution is, as the tester points out, provides “end-to-end network security policy management, including auto-discovery, application connectivity provisioning, change management workflows plus automated firewall rule deployment.”

The tester was impressed by the seamless integration between the components of the solution, BusinessFlow, FireFlow and Firewall Analyzer as well as AlgoSec’s support for all leading brands of traditional and next generation firewalls, plus cloud security controls, routers, load balancers and web proxies.

‘Application owners will love BusinessFlow’

The Network Computing reviewer highlighted the way that BusinessFlow automatically discovers application connectivity and provides holistic visibility into the entire network across on-premise and cloud environments, while “its maps clearly show how all application servers, security devices and endpoints communicate with each other.” 

The review particularly liked the way that the AlgoSec solution ties security to applications, stating that “application owners will love BusinessFlow,” since it shows all apps, their status, and all the flows they use to function. The reviewer noted that AlgoSec “has succeeded admirably” in presenting information in a way that app owners can clearly understand, and liked how users can “drill down and see the devices involved, their security policies and all relevant firewall rules,” directly from the BusinessFlow dashboard.

Once they have updated an application’s connectivity, BusinessFlow automatically creates all of the underlying change requests and passes them directly to the FireFlow change management module.

‘Automated policy push … a boon for DevOps’
FireFlow then creates an initial change plan and detects where changes need to be made. Meanwhile, it provides “clear reasons for the change requests, runs risk analysis, determines whether any new risks could be introduced and applies smart validation to verify that the changes have been correctly made.”

The review highlighted that as part of this process, AlgoSec checks to see if security policy changes comply with industry and organization-defined regulations and if not, explains why they failed the checks.  It points out that the solution “provides out-of-the-box audit reports for all leading regulations including SOX, PCI, HIPAA, NERC, NIST and many more.”

The tester noted that “Automatic policy push and zero-touch provisioning are a boon for departments such as DevOps. If AlgoSec deems a request is risk-free, it can make all changes without further intervention,” but pointed out that all changes are subject to the same battery of tests and approval will still be required if any risks are detected.

‘Cleans up firewalls … avoids policy bloat’

The review explained that the solution can also be used to clean up firewall rules and prevent policy bloat by looking for existing rules that will work for change requests.  It noted that AlgoSec enables users to cleanly decommission applications, and remove all firewall rules associated with them too.

The review concluded that “AlgoSec’s Security Management Solution takes the pain out of network security and risk management.”  It added that the solution is ideal for a broad range of projects and processes, including application migrations to the cloud or other data centres, provisioning app connectivity, security policy change management, risk management, network segmentation, firewall auditing and even DevOps.

Check out the full review here.

Subscribe to Blog

Receive notifications of new posts by email.