BusinessFlow FireFlow Firewall Analyzer

Welcome to AlgoSec Security Management Suite

The AlgoSec Security Management Suite (ASMS) helps organizations securely accelerate application delivery by automating application connectivity and security policy across the hybrid network estate, including public cloud, private cloud, containers, and on-premises networks

Use ASMS to automate time-consuming security policy change with zero-touch, proactively assess risk, and ensure continuous compliance. Quickly provision, change, migrate, or decommission network connectivity, speeding delivery into production, and much more.

ASMS suite components

The following image shows how ASMS includes three separate, yet tightly integrated products:

AlgoSec Firewall Analyzer

AlgoSec Firewall Analyzer (AFA) is a device analysis solution that builds an end-to-end model of your network's security posture and Layer 3 connectivity.

AFA's network model, map, and detailed reports enable you to detect security holes in your device policies, helping you manage your network proactively and efficiently.

AFA also serves as the foundation of the AlgoSec Security Management Suite, and AFA administrators define settings and preferences that affect both FireFlow and AppViz.

For more details, see Welcome to AlgoSec Firewall Analyzer and AFA administration.

AlgoSec FireFlow

FireFlow is a change management and ticketing system that automates changes throughout a security policy's lifecycle. FireFlow ensures that devices changes are approved, required, and implemented as intended.

FireFlow workflows are highly customizable, enabling administrators to design a system where requestors can define the networking change required exactly and efficiently.

For details, see Welcome to FireFlow and FireFlow administration.

AlgoSec AppViz

AlgoSec AppViz aligns application owners and network security teams by enabling application-centric security policy management.

AppViz allows applications owners to view network connectivity based on business needs, and automatically computes and required changes to firewalls and routers. AppViz is available to customers who are already using FireFlow and triggers the relevant FireFlow change requests.

Layered on top of AppViz, AlgoSec AutoDiscovery enables you to discover the business flows already present in your network.

New in ASMS A32.20 For Builds from Nov 7 2022 HF (build 12.45.32) and later

All new AppViz deployments must be SaaS-based. However, existing AppViz customers can continue using the legacy on-prem version of AppViz. You cannot alternate between on-prem and SaaS-based AppViz

For more details, see Welcome to AppViz and Welcome to Application Discovery.

ASMS use cases and business objectives

ASMS provides customized solutions for network security policy management across the following use cases:

Change management & intelligent automation ASMS helps process security policy changes in minutes or hours, instead of days or weeks.

Use FireFlow's intelligent, highly customizable workflows to automate the entire security policy change process, from planning and design through proactive risk analysis, implementation on the device, validation, and auditing - all with zero touch.

Risk management

An AFA analysis proactively assesses the impact of every proposed change to security policies, minimizing risk, preventing outages, and ensuring compliance.

AFA relies on the broadest risk knowledgebase in the industry, including best practices, regulations, and corporate-defined policies.

Auditing and compliance AFA automatically generates pre-populated, audit-ready compliance reports for all the leading industry regulations, including PCI-DSS, HIPAA and SOX, as well as customized corporate policies.

AFA's monitoring also proactively checks all security policy changes for compliance regulations. This gives you the data you need to remediate problems before an audit, and ensures that you have continuous compliance across the network.

Incident response

ASMS integrates seamlessly with leading SIEM solutions to tie security incidents directly to the actual business processes that are or may be impacted, including applications, servers, network and traffic flows, and security devices.

Micro-segmentation

Use ASMS when defining and enforcing your micro-segmentation strategy inside the data center, ensuring that your strategy doesn't block critical business services and also meets compliance requirements.

AFA monitoring proactively checks every proposed firewall rule change request against the segmentation strategy to ensure that the change does not break the strategy, introduce risk, or violate compliance.

DevOps

Extend automatic security policy management to the DevOps lifecycle, from build through QA and into production deployment.

Use ASMS to enable enhanced communication between security and DevOps teams, enabling a faster and risk-free deployment into production.

Business continuity

Drive business continuity with ASMS by automating the processes for provisioning, changing, or decommissioning connectivity on business applications.

Cloud and data center migration

Use ASMS to simplify your application migration to the cloud by automatically discovering, mapping, and migrating connectivity.

After you applications are migrated, use ASMS to identify the firewall rules that can be safely deleted, the rules that are still in use and must not be removed, and optimize any remaining rules.

Digital transformation

Drive your digital transformation by accelerating application delivery, while enhancing and extending security across the hybrid-cloud.

Use ASMS to proactively prioritize security policy change management based on business priorities and audit requirements. Map your vulnerability data to applications and processes, regardless of location.