BUSINESS-DRIVEN SECURITY MANAGEMENT

across Cloud, SDN, On-Premise and Hybrid Environments

Business-Driven Agility

Intelligently automates security change processes – with zero-touch – to drive business continuity and digital transformation initiatives, while preventing outages and compliance violations.

Business-Driven Security

Proactively identifies risks, and ties cyber-attacks to business processes for effective prioritization and fast remediation that ensures security and compliance.

Business-Driven Visibility

Provides unified visibility of security across the entire enterprise – including public and private clouds, software-defined and on-premise networks, and applications and their connectivity flows.

Delivering Business-Driven Security Management

Through a business-driven approach, the AlgoSec Security Management solution intelligently automates and orchestrates network security policy management to make enterprise organizations more agile, more secure and more compliant. With AlgoSec, you can automatically discover, map and migrate business application connectivity, proactively analyze risk from the business perspective, tie cyber-attacks to business processes and process network security changes with zero touch – across any cloud, SDN and on-premise networks.

SOLUTIONS

Business-Driven Security Management

Managing your network security policy across on-premise firewalls and cloud security controls is a delicate balancing act. On the one hand you need to reduce risk by minimizing the attack surface, on the other hand you must enable productivity by provisioning connectivity for your critical business applications. However, network security policy management processes have always been complex, time-consuming, and riddled with errors. They don’t have to be. On premise and in the cloud, AlgoSec simplifies and automates network security policy management to make your enterprise more agile, more secure and more compliant – all the time. AlgoSec supports all the leading brands of traditional and next generation firewalls and cloud security controls, as well as routers, load balancers and web proxies, to deliver unified security policy management across any heterogeneous cloud, SDN or on-premise enterprise network. AlgoSec also integrates with the leading IT service management, SIEM, identity management and orchestration systems, as well as vulnerability scanners.

A Unique Lifecycle Approach to Security Policy Management

AlgoSec is unique in that it manages the entire security policy lifecycle to ensure ongoing, secure connectivity for your business applications. Through a single pane of glass you can auto-discover application connectivity requirements, proactively analyze risk, rapidly plan and execute network security changes and securely decommission firewall rules – all with zero-touch and seamlessly orchestrated across your heterogeneous public or private cloud, and on-premise network environment.

Cloud Security Policy and Configuration Management Made Simple
AlgoSec CloudFlow delivers full visibility and control of security and compliance in public cloud environment and enables an effective management of the security-control layers across the hybrid and multi-cloud estate.

CloudFlow’s central management provides instant visibility, risk assessment and compliance analysis, enabling enforcement of company and regulatory policies, as well as proactive detection of misconfigurations in the cloud.

  • AlgoSec CloudFlow Helps You:   Obtain full visibility across the entire hybrid and multi-cloud estate
    Improve cloud-security posture to avoid breaches
    Achieve compliance assurance and constant audit-readiness
    Secure change management at the speed of cloud deployment
    Reduce manual labor, errors and associated risks and costs
    Minimize the attack surface and protect against vulnerabilities
  • The Business Impact:   Maintenance of cloud security posture through enhanced visibility to avoid security breaches
    Automatic audit-compliance assurance – ensures audit-readiness
    Rapid deployment of network security change management to ensure ongoing compliance while reducing manual labor and costs
  • Application Discovery and Connectivity Management

    AlgoSec BusinessFlow makes it easy to discover, provision, maintain and securely decommission network connectivity for your critical business applications. By automatically discovering and mapping application connectivity requirements to the underlying network infrastructure, BusinessFlow accelerates business application delivery, minimizes outages and enforces security and compliance across virtual, cloud and physical networks.

  • AlgoSec BusinessFlow Helps You:   
    • Visualize and instantly provision connectivity for business applications
    • Assess the impact of network changes on application availability to minimize outages
    • Easily migrate application connectivity to cloud environments
    • View risk and vulnerabilities from the business application perspective
    • Securely remove network access for decommissioned applications
    • Foster collaboration across application delivery and network security teams to support DevSecOps initiatives
  • Automatically Discover and Map Application Connectivity Flows

    BusinessFlow automatically discovers and maps your enterprise applications and services and their connectivity flows – without requiring any prior knowledge or manual configuration by security, networking or applications experts. Through this map, you can monitor application connectivity, see and edit flows and troubleshoot connectivity issues.

    Process Application Changes Quickly and Accurately

    With BusinessFlow, application owners can request connectivity in non-networking terms and BusinessFlow then automatically computes the necessary changes to the underlying firewall and access rules, and generates the relevant change requests in AlgoSec FireFlow.

    Assess the Impact of Network Changes on Application Availability and Avoid Downtime

    Through BusinessFlow you can immediately see which business applications and underlying connectivity flows will be impacted by firewall rule changes or planned server/device downtime.

    Simplify Large-Scale Server Migration Projects

    Through its built-in workflows, BusinessFlow automatically identifies all the applications that will be affected by a planned migration or decommissioning project. It then generates the necessary change requests to the underlying network traffic flows, all while ensuring the integrity of the security policy and network access.

    Support Business Application Lifecycle and DevOps Connectivity Management

    To enable DevOps and speed up the secure deployment of business applications into production, AlgoSec manages the application connectivity migration process from development through to production. As part of this process, AlgoSec maps, clones and adjusts connectivity for each environment in the application lifecycle, as well as provides advanced monitoring and impact analysis for each stage in the migration process.

    Safely Decommission Application Connectivity to Tighten Your Security Policy

    Through BusinessFlow’s unique analysis it is easy to identify network access that can be safely removed from decommissioned applications, as well as rules that should not be removed because they are used by other applications.

    Understand Risk from the Business Perspective

    BusinessFlow integrates with leading vulnerability scanners to help you prioritize your risk based on what your business values most – the applications that power it.

    Security Policy Change Automation
    AlgoSec FireFlow helps you process security policy changes in a fraction of the time, so you can respond to business requirements with the agility they demand. FireFlow automates the entire security policy change process — from design and submission to proactive risk analysis, implementation, validation and auditing. Its intelligent automated workflows eliminate guesswork and help you save time, avoid manual errors and reduce risk.

  • AlgoSec FireFlow Helps You:   • Process firewall changes with zero-touch automation
    • Eliminate mistakes and rework, and improve accountability for change requests
    • Proactively assess the impact of network changes to ensure security and continuous compliance
    • Automate rule recertification processes
    • Enhance your existing change management system with intelligent network and security automation
    • Enforce compliance, and automatically document the entire change management lifecycle
  • Zero-Touch Security Policy Change Management

    Users can set their change management workflow to run automatically from planning through to resolution, unless an exception or pre-defined event occurs – thereby significantly speeding up the security policy change management process while maintaining control and ensuring accuracy throughout the process.

    Intelligently Design Firewall Rules to Reduce Clutter and Complexity

    FireFlow automatically discovers all devices and rules which are impacted by a change request. It then intelligently designs or updates any necessary firewall rules, utilizing existing rules and objects whenever possible to reduce policy clutter and complexity.

    In addition, FireFlow instantly identifies and closes unnecessary (“already works”) change requests, which helps prevent up to 30% of unnecessary changes.

    Proactively Analyze Change Requests to Ensure Compliance and Mitigate Risk

    FireFlow automatically analyzes every proposed change – before it is implemented – to identify risks and ensure compliance with regulatory and corporate standards.

    FireFlow leverages the broadest risk knowledge base which includes industry best practices, regulations such as PCI-DSS, HIPAA and SOX, as well as corporate-defined policies.

    Save Time and Avoid Manual Errors with Automatic Policy Push

    FireFlow can automatically implement policy changes directly on a device. This zero-touch process saves time and prevents manual errors.

    Prevent Unauthorized, Rogue Changes

    FireFlow automatically validates the successful implementation of change requests to prevent premature closing of tickets. Additionally FireFlow correlates change requests with actual changes made to detect unauthorized changes and ensure that changes are implemented exactly as specified.

    Track and Audit the Entire Change Lifecycle

    FireFlow tracks every step of the change workflow, providing detailed reports that measure accountability and SLAs, and simplify auditing and compliance processes.

    Integrate with Existing IT Service Management (ITSM) Solutions

    FireFlow seamlessly integrates with IT Service Management (ITSM) solutions, such as ServiceNow, BMC Remedy and HP so you can continue to open change requests within your existing systems. FireFlow complements these systems with intelligent automation that enables you to process firewall changes more quickly and accurately.

    Network Abstraction and Policy Analysis

    AlgoSec Firewall Analyzer delivers visibility and analysis of complex network security policies across on premise and cloud networks. It automates and simplifies security operations including troubleshooting, auditing and risk analysis. Using Firewall Analyzer, you can optimize the configuration of firewalls, routers, web proxies and related network infrastructure to ensure security and compliance.

  • AlgoSec Firewall Analyzer Helps You:   • Centrally manage network security policies even across multi-vendor hybrid cloud environments
    • Visualize complex networks with a dynamic network topology map
    • Clean up and optimize firewall policies quickly and efficiently
    • Identify and mitigate risky firewall rules
    • Reduce firewall auditing time and costs by up to 80% with automated compliance reports
    • Easily enforce network segmentation
  • Instantly Visualize Your Network Security Policy

    Firewall Analyzer automatically pulls information from a wide range of devices to generate an interactive network topology map. Through this map you can understand the impact of network security policies on traffic, quickly troubleshoot connectivity issues, plan changes and perform “what-if” traffic queries.

    Clean Up and Optimize Firewall Rulesets

    Firewall Analyzer provides a wide range of actionable recommendations to help you clean up and optimize the security policy. Firewall Analyzer can uncover unused, duplicate, overlapping or expired rules, consolidate and reorder rules, and tighten overly permissive “ANY” rules, without impacting business requirements.

    Prepare for Your Next Audit in Hours, Not Weeks

    Firewall Analyzer automatically generates pre-populated, audit-ready compliance reports for all leading industry regulations, including PCI DSS, HIPAA, SOX, NERC, FISMA and ISO, as well as custom corporate policies, to reduce audit preparation efforts and costs by as much as 80%.

    Easily Define and Enforce Network Segmentation

    Firewall Analyzer makes it easy to define and enforce network segmentation throughout your network and across all leading firewall platforms. With Firewall Analyzer you can quickly confirm that your existing network security policy does not violate your network segmentation strategy or block critical business services, and meets compliance requirements.

    Assess Your Risk

    Firewall Analyzer discovers and prioritizes all risks and their associated rules in your network security policy. Firewall Analyzer relies upon the broadest risk knowledgebase, which includes industry regulations and best practices, as well as customized corporate policies, to ensure that all risks are uncovered.

    Mitigate Risk with Baseline Configuration Compliance

    Firewall Analyzer minimizes the risk that devices will be exploited, by continuously monitoring them against custom-defined or recommended device configuration baselines which are provided for each product.

    The First Intelligent Chatbot for Network Security Policy Management

    AlgoBot, is an intelligent chatbot that handles network security policy management tasks for you. AlgoBot answers your questions, submitted in plain English, and personally assists with security policy change management processes – without requiring manual inputs or additional research.

  • With AlgoBot you can:    
  • Offload day-to-day tasks from firewall and network administrators to provide faster and more intuitive service to internal customers
  • Reduce ticket resolution time by giving the Support team the tools to ask – and get immediate answers – to security connectivity questions
  • Respond to security incidents faster and more effectively
  • Give application owners visibility into their application’s network security connectivity
  • Improve the quality and speed of application deployments by allowing DevOps to incorporate security management directly into their processes.
  • You can communicate with AlgoBot in English or in French, via Slack or Skype for Business, from the comfort of a chatroom or a mobile app.
  • [/

  • ]

    Self-Service Security Policy Management

    AlgoBot offloads day-to-day tasks from firewall and network administrators, by automatically answering typical security policy management questions and handling maintenance tasks. Ideal for a wide range of stakeholders including security teams and cyber analysts, application owners and developers, help desk, support, network, server and IT teams, AlgoBot can, for example:

  • Check if traffic is currently allowed between IP addresses, servers and applications
  • Open change requests to allow network connectivity
  • Check on the status of a change request
  • Check if a business application has a network connectivity problem
  • Identify all applications associated with a specific IP address
  • Identify applications impacted by a security incident
  • Easy and Convenient Access to the AlgoSec Security Management Solution

    AlgoBot gives firewall and network administrators an easy and convenient way to access the AlgoSec Security Management Solution, to quickly take care of security policy management maintenance tasks. Using AlgoBot, firewall and network administrators can, for example:

  • Troubleshoot network connectivity issues and security incidents
  • Check the status of change requests and approve changes
  • Identify business applications affected by routine server or firewall maintenance, or server migrations
  • Identify all applications associated with a specific IP address, together with the relevant contact people for each application and other application-specific information
  • Isolate a compromised server from the network in response to an ongoing security incident