The AlgoSec Security Management Suite (ASMS) helps organizations securely accelerate application delivery by automating application connectivity and security policy across the hybrid network estate, including public cloud, private cloud, containers, and on-premises networks
Use ASMS to automate time-consuming security policy change with zero-touch, proactively assess risk, and ensure continuous compliance. Quickly provision, change, migrate, or decommission network connectivity, speeding delivery into production, and much more.
The following image shows how ASMS includes three separate, yet tightly integrated products:
AlgoSec Firewall Analyzer (AFA) is a device analysis solution that builds an end-to-end model of your network's security posture and Layer 3 connectivity.
AFA's network model, map, and detailed reports enable you to detect security holes in your device policies, helping you manage your network proactively and efficiently.
AFA also serves as the foundation of the AlgoSec Security Management Suite, and AFA administrators define settings and preferences that affect both FireFlow and AppViz.
FireFlow is a change management and ticketing system that automates changes throughout a security policy's lifecycle. FireFlow ensures that devices changes are approved, required, and implemented as intended.
FireFlow workflows are highly customizable, enabling administrators to design a system where requestors can define the networking change required exactly and efficiently.
AlgoSec AppViz aligns application owners and network security teams by enabling application-centric security policy management.
AppViz allows applications owners to view network connectivity based on business needs, and automatically computes and required changes to firewalls and routers. AppViz is available to customers who are already using FireFlow and triggers the relevant FireFlow change requests.
Layered on top of AppViz, AlgoSec AutoDiscovery enables you to discover the business flows already present in your network.
New in ASMS A32.20 For Builds from Nov 7 2022 HF (build 12.45.32) and later
All new AppViz deployments must be SaaS-based. However, existing AppViz customers can continue using the legacy on-prem version of AppViz. You cannot alternate between on-prem and SaaS-based AppViz
ASMS provides customized solutions for network security policy management across the following use cases:
|Change management & intelligent automation
|ASMS helps process security policy changes in minutes or hours, instead of days or weeks.
Use FireFlow's intelligent, highly customizable workflows to automate the entire security policy change process, from planning and design through proactive risk analysis, implementation on the device, validation, and auditing - all with zero touch.
An AFA analysis proactively assesses the impact of every proposed change to security policies, minimizing risk, preventing outages, and ensuring compliance.
AFA relies on the broadest risk knowledgebase in the industry, including best practices, regulations, and corporate-defined policies.
|Auditing and compliance
|AFA automatically generates pre-populated, audit-ready compliance reports for all the leading industry regulations, including PCI-DSS, HIPAA and SOX, as well as customized corporate policies.
AFA's monitoring also proactively checks all security policy changes for compliance regulations. This gives you the data you need to remediate problems before an audit, and ensures that you have continuous compliance across the network.
ASMS integrates seamlessly with leading SIEM solutions to tie security incidents directly to the actual business processes that are or may be impacted, including applications, servers, network and traffic flows, and security devices.
Use ASMS when defining and enforcing your micro-segmentation strategy inside the data center, ensuring that your strategy doesn't block critical business services and also meets compliance requirements.
AFA monitoring proactively checks every proposed firewall rule change request against the segmentation strategy to ensure that the change does not break the strategy, introduce risk, or violate compliance.
Extend automatic security policy management to the DevOps lifecycle, from build through QA and into production deployment.
Use ASMS to enable enhanced communication between security and DevOps teams, enabling a faster and risk-free deployment into production.
Drive business continuity with ASMS by automating the processes for provisioning, changing, or decommissioning connectivity on business applications.
|Cloud and data center migration
Use ASMS to simplify your application migration to the cloud by automatically discovering, mapping, and migrating connectivity.
After you applications are migrated, use ASMS to identify the firewall rules that can be safely deleted, the rules that are still in use and must not be removed, and optimize any remaining rules.
Drive your digital transformation by accelerating application delivery, while enhancing and extending security across the hybrid-cloud.
Use ASMS to proactively prioritize security policy change management based on business priorities and audit requirements. Map your vulnerability data to applications and processes, regardless of location.