AlgoSecAlgoBot is your personal security policy management assistant. AlgoBot provides quick and easy access to core ASMS functionality from the comfort of your organization's existing chat platforms, including Desktop, Web, or Mobile options. AlgoBot is supported on Slack, Microsoft Teams, and Cisco Webex.
Chat with AlgoBot
Chat with AlgoBot to run traffic simulations, submit change requests, analyze application impact, and more!
Use AlgoBot commands to get information about:
The status of a change request
The connectivity status of an application
Owners of an application
Associated applications
Or do actions like:
Make a change request
Perform a traffic check
Enter @algobot help to view a full list of available commands and requests.
Send direct messages to AlgoBot from your chat platform. If there are more than the two of you in the chat, use the @algobot prefix so that AlgoBot knows you're talking to it.
Invite AlgoBot to any of your Slack channels. Once invited, AlgoBot listens to all commands you send to @algobot.
Note: Make sure that you have run an analysis in AFA before using AlgoBot. AlgoBot needs AFA data to be able to help you!
Here are some examples using AlgoBot:
Deploy AlgoBot
To deploy AlgoBot, first install AlgoBot on your chat platform, and then configure it on your ASMS server.
AlgoBotprerequisites and deployment configurations
As a Chat Bot, AlgoBot has to be notified of any new messages that the users may send over one of the supported chat platforms. To integrate AlgoBot with your organization's chat platforms, your system must meet the following prerequisites:
Internet access
The ASMS server must be able to access the internet and the chat platform servers.
Verify also that you have the following connectivity:
Important: The following list is based on Microsoft recommendations at time of publishing this web page. Since Microsoft regularly adjusts their list of URLs for connectivity, we recommend you consult their list if a problem occurs. To access the most comprehensive list, refer to the following URL provided by Microsoft.
ngrok is a useful tool to create secure tunnels to locally hosted applications using a reverse proxy. Microsoft recommends ngrok in their documentation.
*ngrok Subscription Enterprise level provides a stable custom endpoint. For example, during ASMS upgrades and reboots, Teams will maintain endpoint settings. The Enterprise level is recommended for a production environment.
For Free level subscription, in /usr/lib/systemd/system/ngrok.service, modify the following line by removing the string "--subdomain=<unique name>"):
ExecStart=/usr/local/bin/ngrok http 5000
Enable the service:
systemctl enable --now ngrok.service
The https or http endpoint provided by ngrok is output when the subscription command is run. Note, and save the ngrok https or http endpoint for later.
Copy the microsoft-teams-manifest.zip (located in /usr/share/algobot on the ASMS server) to a local directory on the machine you are configuring Teams.
If you haven’t yet added the Developer Portal app to Teams, do it now.
In the Developer Portal:
Select the Tools tab. Click Bot management.
Click + New Bot. Name the bot: AlgoBot. Click Add. The Bot page opens.
Add Bot endpoint address if available (you can always add it later), and click Save.
Click Client secrets. Click Add a client secret for your bot.
Note: Client secret is also known as App Password
The new client secret is generated. Copy and save it for later.
Click < Bots to return to the Bot Management page In Tools tab . Copy the BotID to use later.
Click the Teams Apps tab, select Import app. Browse for the microsoft-teams-manifest.zip file. The AlgoBot app page appears.
Select App features from the left menu. Click Bot.
The Bot Page appears.
Click Select an existing bot and choose the newly created algobot (alternatively you can manually enter theBot ID).
Select all 3 scopes in which people can use the command: Personal, Team, Group chat. Click Save.
Click Publish.
In the Developer Portal go to the Apps tab. Click the ellipsis (...) and select Download the app package from the AlgoBot app.
In Microsoft Teams, on the left side menu, click on Apps-> Manage your apps -> Upload an app. The Upload an App window opens.
Click Upload a custom app. Browse for the algobot.zip file (downloaded in step 4). The AlgoBot page appears.
On Cisco Webex, AlgoBot must use webhooks to be notified about new messages. Use ngrok to configure AlgoBot to accept webhook tunnels from the internet:
ngrok is a useful tool to create secure tunnels to locally hosted applications using a reverse proxy. Microsoft recommends ngrok in their documentation.
*ngrok Subscription Enterprise level provides a stable custom endpoint. For example, during ASMS upgrades and reboots, Teams will maintain endpoint settings. The Enterprise level is recommended for a production environment.
For Free level subscription, in /usr/lib/systemd/system/ngrok.service, modify the following line by removing the string "-subdomain=<unique name>"):
ExecStart=/usr/local/bin/ngrok http 5000
Enable the service:
systemctl enable --now ngrok-service
The https or http endpoint provided by ngrok is output when the subscription command is run. Note, and save the ngrok https or http endpoint for later.
Download this icon to your computer and upload to the Bot page Icon field.
Description
The following is an example description: AlgoBot, is an intelligent chatbot that handles network security policy management tasks for you. AlgoBot answers your questions, submitted in plain English, and personally assists with security policy change management processes – without requiring manual inputs or additional research.\n\nWith AlgoBot you can: \n- Offload day-to-day tasks from firewall and network administrators to provide faster and more intuitive service to internal customers\n- Reduce ticket resolution time by giving the Support team the tools to ask – and get immediate answers – to security connectivity questions\n- Respond to security incidents faster and more effectively\n- Give application owners visibility into their application’s network security connectivity\n- Improve the quality and speed of application deployments by allowing DevOps to incorporate security management directly into their processes.\n\nYou can communicate with AlgoBot in English, German, French or Portuguese from the comfort of a chat room or a mobile app.
Click Add Bot. The Congratulations message appears.
Click Copy Token.
In Cisco Webex, in your company Webex Space, click the People tab.
Enter the username (In our example, algobot1234@webex.bot) and click Add.
Sometimes due to caching issues, 0 search results are returned for every query . When this happens try pressing SHIFT+F5 several times to clear your browser’s cache.
You can search for a complete word or number string.
Note
The full text search is not case-sensitive. For example, a search for the word "run" will find matches for "Run" and "run." The full text search also matches with variant endings. For example, a search for the word "run" will also find matches for words such as, "runner," "running," and "runs."
You can search for phrases by enclosing their search terms in quotation marks (" "). This is useful when you want to restrict a search to locate terms that appear in an exact order.