Network World on AlgoSec: the “Most Innovative” Security Policy Management Solution

We’ve said it before and we’ll say it again – there is nothing better than an objective, independent 3rd party product review from a well-respected industry publication. So it goes without saying that we are delighted to receive yet another outstanding review, this time from Network World.  In a comparative assessment, the reviewer, John Breeden II asserted that they were “most impressed with AlgoSec” and that that “of all the products we tested, AlgoSec was the most innovative”.

‘Four components…..tightly integrated’

The AlgoSec Security Management solution features four components which are, as Breeden pointed out, “tightly integrated to the point that it’s easy to drift from one component to another”. Breeden also observed that “much of the setup was done using out-of-the-box templates”, simplifying the process overall, and that “the interface for AlgoSec will change depending on who is looking at it… with each user thereafter being shown a dashboard populated with only the data they are responsible for, and what they are authorized to see”.

‘Empowering application owners’

Breeden noted that AlgoSec had “put a lot of effort into empowering application owners” and highlighted the fact that only AlgoSec had created a solution that was “tailored to help non-security personnel assist in crafting security policies that affect their work”.

Breeden explained that AlgoSec specifically enables application owners to view “the health of the apps each was responsible for maintaining”, praising the solution for how it aims to simplify application connectivity management, as much as possible, for the application owners.  Breeden highlighted an example where an application was not functioning properly and noted that with AlgoSec “instead of being shown information about IP numbers or firewall configurations” users were told the reasons why, “in mostly plain English”. This capability, as Breeden recognized, enables users to “instigate the change even though they really didn’t know anything about firewall management, or even what device was ultimately blocking their app”, thereby reducing the security team’s workload.

‘Can handle the whole process automatically’

The review noted that the level of automation provided by AlgoSec can be customized based on the organization’s comfort level. It can provide simple help with rule changes up to “true zero touch deployments where applications and processes can be authorized without human intervention.” Moreover, Breeden noted that users can start slowly and build up their level of automation over time “as they become more comfortable with the concept of taking their hands off the wheel”.

‘Future-proofed against obsolescence’

Another innovative capability flagged in the review was AlgoSec’s focus on security policy hygiene, specifically that its ability to ensure that “that all rules can be future-proofed against obsolescence, and the suite won’t propagate new rules which overlap existing ones.”

The review noted that when a rule’s expiration date arrives, the person who originally requested the rule will receive an automated email notification asking if they still need the rule. If they do, the rule will be recertified for another specified time period. But if the rule is linked to a server or application that no longer exists or has been moved elsewhere, for example to the cloud, the owner can simply tell AlgoSec that the rule is no longer needed, and initiate a decommissioning process.  Breeden noted that this enables businesses to “avoid unnecessary clutter, or to stop the organization from taking on any risk that is no longer necessary”.

The review noted that the same level of care and automation also goes into the rule deployment process and it flags requests that are duplicates or too broad.

‘Extremely innovative…shoulders the burden of security’

Breeden concluded that the AlgoSec solution “is extremely innovative, allowing users to help shoulder the burden of security, automating the process of creating new firewall rules, reducing rule-based clutter and helping to safely deploy and decommission devices as needed.”

These are just some of the highlights of this great review. You can read the full review here.