The AlgoSec Firewall Analyzer (AFA) is a Linux-based offering that collects configuration information from corporate firewalls (the vendor states that Cisco, Check Point and Juniper/NetScreen are supported) and provides specific types of analysis for the collected data. Analysis results are provided via HTML-based reports accessible via a Web browser. The vendor states that the information is collected from the firewalls in a non-intrusive fashion (leveraging SSH and OPSEC communications) and that the analysis of the data is then performed offline, without requiring direct packet exchanges against the firewalls themselves. The analysis itself can be performed on a scheduled basis, with results E-mailed to appropriate personnel.

Three primary software modules are offered in the AlgoSec Firewall Analyzer suite: Firewall Operations Management, Policy Optimization and Risk Management.

The Firewall Operations Management module is focused primarily on change management issues, including the reporting of all changes made to firewall configurations, historical logging of changes, automated comparisons of firewalls (even if the firewalls are from different vendors), etc. This module is included in all AFA packages.

The Policy Optimization module enables administrators to optimize their firewall gear by detecting and reporting particular types of firewall inefficiencies. Included in these checks are the detection of unused rules or objects (based on actual traffic or logs); rules that will never logically be used (because they are already enforced by other rules); disabled rules; and expired rules. The module also provides rule re-ordering recommendations.

Finally, the Risk Management module concerns itself with the analysis of firewall policies as compared to regulatory compliance standards and best practice data. Out-of-the-box, automatically created PCI-DSS and SOX compliance reports are included as a part of this module.

New to the AFA Suite is the inclusion of VPN Analysis features, which are included as a part of the Policy Optimization and Risk Management modules. VPN Analysis features include support for the viewing of VPN rules, users, groups, and communities (with such metrics as authentication method, group assignments, expiration dates, and encryption characteristics); listings of expired users; and listings of unattached groups or users (those groups or users that are not associated with any rules).

AFA is offered in four bundles: The base Operations Management Edition; the Optimization Edition, which adds to the Operations Management Edition the Policy Optimization module; the Risk Management Edition, which adds to the Operations Management Edition the Risk Management module; and the Enterprise Edition which combines all three modules.

Contact the vendor for further information.

product submission by EITPlanet Staff

E-Mail this page to a colleague
send info about AlgoSec Firewall Analyzer

Suggest a link
for the AlgoSec Firewall Analyzer fact sheet