What's New in ASMS A32.50

Release date: January 2023

 

Welcome to AlgoSec Security Management Suite (ASMS) version A32.50. This latest release further extends application connectivity visibility into the multi-cloud and across the entire hybrid environment.

Highlights of A32.50 on the devices front include: Zscaler visibility, ACI enhancements, Application activation for Cisco Firepower, and NSX-T ActiveChange. ASMS now officially supports Remote Agents and Load Units deployment over Azure.

A32.50 also includes a host of new APIs for AFA and FireFlow, as well as additional PCI 4.0 and updated SWIFT compliance reports.

AlgoSec‘s IaC (Infrastructure-as-Code) Connectivity Risk Analysis is an exciting security plug-in platform that checks code for potential vulnerabilities right in the source control applications. This gives developers remediation steps without a need to move to different applications or wait for a security admin to manually review and approve that the code is risk free.

Finally, since enhancements to our SaaS offerings are so interconnected with ASMS advances, we’d like to highlight some of our latest and most-outstanding SaaS features:

  • Advanced filtering capabilities for policy and risks (CloudFlow)

  • Azure Firewall visibility (CloudFlow)

  • GCP inherited and local policies (CloudFlow)

Application Connectivity

AppViz | Enhancements

We’ve added the following enhancements to AppViz:

  • Application Flows | handling

    • Edit multiple flows

    • Select multiple subscribed flows

    • Partial text search

    • Import flows (csv)

  • Permissions for automatic connectivity check

  • Performance Improvements

    • Application flow loading

    • Adding shared / subscribe flows

    • Object sync

New Application Discovery standalone sensor deployment software is available

See Welcome to AppViz.

Appviz as a Service

AppViz is now available as a service, which brings the following benefits::

  • Rapid deployment of new capabilities

  • Instant Access to Latest Capabilities

  • Unlimited Scalability

  • Accelerated Development & Future Proof

  • Unique Roadmap for Cloud Functionality

    • Cloud Flow Log Discovery

    • Native ObjectFlow Integration

SECURITY ESTATE VISIBILITY

Bulk Add / Edit / Delete devices (EA)

This Early Availability feature offers you the following advantages over the legacy bulk add/ edit capabilities.

Support for:

  • Bulk delete devices

  • Bulk management devices

  • Additional brands

  • To define optional fields

  • Comment-out of specific bulk rows

See Add/Update/Delete devices in bulk from xslx file.

Reporting | New Device Changes Dashboard

The Reporting Tool Device Changes Dashboard provides a summary of individual changes to devices and allows for tracking trends across the entire network. This key information is most useful in decision making and auditing.

  • Provides counts of various types of changes to devices, including rules, policy objects, topology, risks, VPNs, audit logs, configurations, and more. These counts can be obtained from individual analysis reports or over a specified date range

  • Provides data about how many changes each user has made (Changed by)

  • Provides data about devices with highest change rate

  • Provides data about device changes trend over time

UX Enhancement | Report Risks and Risky Rules pages

We’ve added a new grid view in report Risks (EA) and Risky Rules pages:

  • Sortable columns

  • Filter by

  • Group by and column

  • Pinned columns

  • Choose which columns appear

See Grid view for Risks reports (EA).

Policy & Compliance

  • New PCI-DSS 4.0 compliance reports

  • Updated SWIFT compliance report to July 2021 version

Additionally, you can now change the default compliance on the Home page of reports. See Set default regulatory compliance standard for report HOME pages.

Enterprise Grade

New APIs in both AFA and FireFlow

Firewall Analyzer FireFlow
Get covered rules Get Initial plan For Traffic CR
Get device interfaces (EA) Recalculate initial plan
Get NAT rules (EA) Confirm devices
  Get ticket details by generic Request ID
  Create generic ticket change request
  Get objects added by a specified change request
  Get rule removal

Stronger ASMS password validation for local users

We’ve improved ASMS internal user management with stronger password requirements for local users and a customizable password policy. After upgrade to A32.50, at first login of every local user, the user is required to the change their password to follow these stronger requirements. See Password requirements and Configure the Password policy (for local users).

Also, we've deployed a new account lockout policy to defend against brute force attacks. For more information, see Configure the Account Lockout policy (for local users)​ and Unlock locked local accounts.

Security update for incoming emails (AFF)

We’ve deployed a security update in FireFlow for OATH2 Exchange online (for incoming emails). See Configure for incoming emails using Microsoft Graph API.

ASMS deployment over Azure | support for Load and Geo Distribution

Now ASMS deployment over Azure officially supports Load Distribution Units and Remote Agents. See Supported deployments per architecture structure.

Devices & Orchestration

Zscaler visibility support

AlgoSec‘s support for Zscaler is designed for Firewall control policy. Visibility support includes:

  • Policy Visibility

  • Risks

  • Traffic Simulation Query

  • Policy optimization (non-traffic log-based)

  • Change history

  • Regulatory compliance

See Add Zscaler Internet Access (ZIA).

Cisco ACI Service Graph improvements

AFA enhancements to Service Graph support for Cisco ACI devices include:

  • Automated collection of service graph data

  • Identification and presentation of additional paths from service graph

Cisco Firepower application activation

Visibility support includes:

  • Infrastructure for multi-brand support

  • App-id mapping

  • Application-default services

  • Regulatory compliance

  • FireFlow

  • Traffic Simulation Query

VMWare NSX-T| ActiveChange support

We’ve added new automation capabilities for policy enforcement including enhanced ActiveChange support for VMware NSX-T (distributed firewall).

See Add VMware NSX-T data centers.

FortiManager | SD-WAN support

We’ve added new support for FortiManager SD-WAN zones and interfaces. SD-WAN rules are now visible.

Cloud

CloudFlow| Recent enhancements

In recent months we’ve added the following new feature to CloudFlow:

  • Azure Firewall visibility

  • GCP Inherited policy

  • Network Policy tree

  • Advanced filtering capabilities for policy and risks

  • Assets protection and unprotected assets

  • Tailored risk calculation using ASMS risks profiles

  • Risk-affected assets details

  • IaC Connectivity Risk Analysis

See CloudFlow documentation.

Shift-Left | IaC Connectivity Risk Analysis

AlgoSec‘s IaC (Infrastructure-as-Code) Connectivity Risk Analysis is an extensible security plug in platform that checks code for potential vulnerabilities.

This allows developers clear visibility into risks right in the source control applications, and gives them clear remediation steps without a need to move to different applications or wait for security admin to manually review and approve that the code is risk free.

Use the Connectivity Risk Analysis to accelerate application delivery by taking a proactive, preventive, and collaborative approach within your CI/CD pipeline. Works with GitHub and GitLab.

See IaC Connectivity Risk Analysis.

ObjectFlow | Recent enhancements:

In recent months we’ve added the following new feature to ObjectFlow:

  1. Flagging and filtering capabilities for Dynamic Objects 

  2. Objects Connectivity Check

  3. Similar Object Groups analysis

See ObjectFlow documentation.

​Saas Services | SSO login

We’ve deployed log in to SSO-enabled tenants with a single click in AppViz, CloudFlow and ObjectFlow. To set up SSO on a tenant, see Manage Single Sign-On (SSO).