AlgoSec

Security Management Suite

Eric Wolf
Regional Director, Nordics

Company Overview
The Leader in Network Security Policy Management
Award Winning Security Management Suite
800+ customers in 45 countries.
13 of the Fortune 50
Fast growing - 95% growth in 2011
Technology Partners include Check Point, Cisco, Juniper, Fortinet, Palo
Alto Networks, Blue Coat, HP, CA

Obsession for Customer Satisfaction

Network Security Management Challenges

Complexity
Large , unmanageable
rulesets
Multiple Vendors and
Technologies
Rules/Applications are
never decommissioned
Increasing rate of change
Distributed, complex
Networks

Insufficient
Processes
Do not keep up with the
pace of business
Poor change management
Span multiple teams
(Ops, Security, Compliance)
Manual, disjointed and
error-prone
MSSP models introduce
additional challenges

Inefficient Operations
Lack of Compliance
Risk

Automating Network Security Management

Complexity

Insufficient
Processes

Inefficient Operations
Lack of Compliance
Risk

Visibility and
Control

Workflow
Automation

Efficient Operations
Continuous Compliance
Improved Security

Automating Network Security Management

Visibility and
Control
Streamline management
across multiple vendors and
technologies
Policy simulation
Intelligent Optimization
Risk and Compliance
Assessment

Workflow
Automation
Improved response time
Improved accuracy
Governance and
accountability
Improved alignment
internally/with MSSP

Efficient Operations
Continuous Compliance
Improved Security

AlgoSec Firewall Analyzer (AFA)

Intelligent Policy Analysis

Visibility across all leading firewalls,

routers and secure web gateways
Network Topology Intelligence
Policy cleanup & optimization
Intelligent Policy Tuner
Risk analysis
Regulatory Compliance Reports
Baseline Configuration Compliance
Change monitoring
Policy migration verification

AlgoSec FireFlow
Intelligent Change Workflow Automation

Customizable, automated workflows

Intelligent change simulation and
analysis
Proactive risk & compliance
assessment
Optimal implementation design
Automatic policy push
Complete audit trail
SLA Monitoring
Integration with existing systems
(BMC, HP)

How it Works - Deep Policy Inspection

More Results.
Better Accuracy.
Non-Intrusive
Topology-aware analysis
Single device , group, or
matrix analysis
Patented algorithms analyze
all traffic variations
Near real-time change
monitoring
Broadest knowledgebase for
risk and compliance

Network Topology Visibility

Topology Map
Automatically generated
Visually Customizable
Can include any device
with a routing table

10

Traffic Queries
See how the security
policy impacts traffic
Fast troubleshooting
What-If Analysis
Topology-Aware

11

Intelligent Policy Tuner

Tighten Permissive Rules
Identify overly permissive rules based on historical traffic analysis
Replace ANY with actual business requirements!

12

Policy Optimization and Cleanup

Unclutter, Secure and
Optimize your Policy

Identify covered rules

Discover unused objects
Consolidate similar rules
And much more

13

Risk Analysis
Identify and mitigate
firewall policy risk
Broadest out-of-the-box
risk knowledgebase
Easily build and edit
custom risk profiles
Identifies all risky rules
Provides risk details and
remediation guidance
Supports regulations
Security rating provides
instant visibility of
security posture

(benchmarked against real-world

configurations)

14

Automated Compliance Reports

Cut Auditing Efforts
by over 80%
Save time with prepopulated compliance
reports
Group reports
consolidate compliance
view with device-specific
drill down capabilities
Supported regulations

15

PCI DSS
SOX
ISO 27001
Basel II
NERC CIP
J-SOX

Baseline Configuration Compliance

Ensure Compliant Firewall
Configuration
Define and customize
platform/software/OS
configuration policy
Report baseline compliance for
each firewall

16

Change Monitoring
Monitor all changes
in the security policy
All changes are tracked
in near real time
Receive automatic alerts
on changes
Generate audit reports
Connect to virtually any
network device using
AlgoSec Extension
Framework (AEF)

17

Firewall Migration
Simplify Migration
Projects
Compare old policy to
new policy
Compare any two firewall
vendors
Validate correct policy
migration

18

FireFlow

19

Todays Change Management Process

Plan the
change

Execute the
change
Verify correct
execution to
avoid outages

Perform risk
assessment

Audit and
govern the
change
process

Validate that
the change is
needed

Clarify user
request

20

Manual
Process

Measure SLA

Tomorrows Change Management Process

FireFlow Intelligent Change Workflow Automation

Request
Analysis

Proactive Risk
Assessment

Optimal
Implementation
Design

Verify Correct
Execution

Audit the
Change Process
Recertify Rules

Security

Operations

Operations

Measure SLAs

Compliance Executive

21

Intelligent Request Verification

Translate vague requests into technical requirements
Topology-aware analysis verifies change is needed and identifies relevant
devices that need to be changed
Identifies and eliminates already works requests (20%-30% of requests)

22

Proactive Risk and Compliance Assessment

Automatically assess the risk of each change
Broadest knowledgebase of regulations, best practices and
your customized corporate policy
Optionally auto-reject risky requests

23

Intelligent Implementation Design

The most secure and efficient implementation recommendation
Details on which rules and objects to add or modify
Sub-requests are created for every device that needs changing

24

Automated Change Implementation

Save time and avoid manual error by automatically pushing the
policy firewalls
Full policy backup to ensure safety and roll-back capabilities

25

Auto-validation
Validates that changes exist on the network to get it right first time
Prevents premature closing of tickets
Informs requestor of implementation

26

Auto-Matching
All changes are automatically detected and matched to requests
Unaccounted changes and are discovered as well as changes that
are wider than the request

27

Complete Governance and SLA Tracking

Complete audit trail of all stages of the security change request
SLA and performance tracking

28

Flexible Workflows
Fully Customizable to Your Business Process

Customizable, role-based workflows

Assign different workflows to different requests
Support for dynamic and parallel workflow logic
Out-of-the-box workflows for:

29

Adding rules
Removing rules
Changing objects
Recertifying rules
Web Proxy (Blue Coat) changes

Integration with Change Management Systems

Integrate FireFlow with your existing change management
systems (E.g. BMC Remedy, HP Service Manager)
Integration can work in either direction:
Relevant tickets in master CMS automatically open a FireFlow ticket
FireFlow ticket automatically opens a ticket in the master CMS

Integration can continuously updated the ticket status.

30

Architecture
Enterprise-grade solution with support for:
Geographical Distribution

Load Sharing (Clustering)

High-Availability/DR

Secondary
Primary

Active

Standby

Secondary

Remote appliances collect data

and transmit it to a central
management appliance for
processing.

For large environments:

Report generation workload
shared across multiple appliances.

Automatic synchronization
Automatic failover
Support for Disaster Recovery

Why AlgoSec?
The Market Leader

Trusted by the most companies

Unrivaled expertise, obtained through
serving the worlds leading organizations

Intelligent Technology

Hear from Customers! AlgoSec.com/Testimonials

Automation

Focus on automating business processes

Broadest offering of automated workflows,
out-of-the-box
Quick and measurable ROI

Delivers the most actionable results and

highest accuracy
Superb ease-of-use, with real support for real
business needs

Customer Satisfaction

All purchases backed by the industry's only

money-back-guarantee
Easy to do business with
Learn more! AlgoSec.com/Satisfaction

Security Management. Made Smarter.

www.AlgoSec.com

Connect with AlgoSec on: