Firewall Risk Management

Firewalls continue to serve as the first line of defense for preventing network attacks, but to ensure security they must be properly configured. Effective configuration has become an increasingly difficult task as most enterprise security policies consist of hundreds, if not thousands, of rules distributed across different firewall vendors, geographies and operations teams. Manual inspection of firewall rules is not only time-consuming, but involves a high probability of error- exposing organizations to increased risk.

Firewall Risk Analysis and Mitigation – Simplified

With support for all major firewall vendors, the AlgoSec Security Management Suite provides security teams with powerful capabilities to assess, manage and mitigate risk in the network security policy. Patented Deep Policy Inspection™ technology non-intrusively imports firewall rulesets, logs and routing information for analysis. Including network topology and all traffic variations in its analysis, the technology compares the security policy against industry best practices, regulatory standards and individual corporate policies.

AlgoSec Firewall Analyzer (AFA) delivers risk reports that display all risks in the firewall policy, complete with the rules that cause them. AFA also tracks and reports on a "security rating" it assigns based on a benchmark of hundreds of real-life configurations.

AlgoSec FireFlow intelligently automates the security policy change workflow, increasing the accuracy, accountability and governance of firewall changes. FireFlow also ensures policy changes adhere to corporate policies and do not add any new risks.

Key Risk Analysis Features:

• Comprehensive, prioritized view of all firewall risks, including risky rules and changes in risk levels.
• Automatic comparison against the largest risk database, which includes industry best practices (such as ISO and NIST) and regulatory standards (such as PCI-DSS).
• Customization of existing risk database, including the addition of corporate security policies.
• Topology-aware capabilities assess risk across complex device groups and matrices.
• Instant drill-downs to firewall rules expedite risk identification and remediation.
• Real-time notification of new risks.
• Automatic risk analysis of each change ensures compliance with regulatory and corporate policies and prevents new security holes.