F5 and AlgoSec Enable Holistic Network Security Management

Frank Strobel Miniatura
Frank Strobel
Published April 21, 2020

Firewalls are one of the most fundamental devices in any organization’s security arsenal. F5’s BIG-IP Advanced Firewall Manager (AFM) offers a particularly powerful line of defense, protecting service provider and enterprise data centers against a wide range of incoming threats. It streamlines F5 deployments and simplifies security configurations with firewall policies that are oriented around applications, helping to keep them agile, secure, and available.

Nevertheless, as an organization grows, so does its network. The modern-day network is often made up of an on-premises data center as well as SDNs and public clouds. Each of these components has unique networking and security controls. It is not uncommon to find networks that leverage F5 BIG-IP, in addition to traditional on-premises firewalls, SDNs, and cloud security controls.

In such heterogeneous environments, it’s all too easy for the rules and objects associated with the devices that make up the network to proliferate. This can cause unnecessary duplication and complexity. It can also become difficult for security managers to have visibility across their entire complex multi-vendor network in real-time—which is something they need to have in order to carry out risk analysis and complete reports for compliance audits. And, this is before we even consider the other security devices, from other vendors, which a typical enterprise might also deploy throughout its infrastructure.

To address this challenge, AlgoSec has worked closely with F5 to extend the rich capabilities that customers already enjoy across their entire multi-vendor network security fabric. AlgoSec’s Security Management Solution is unique in fully supporting both F5’s BIG-IP AFM and BIG-IP Local Traffic Manager (LTM). This means that mutual customers get holistic visibility and orchestration of security management for their F5 deployments in addition to many other security devices across their network environment—whether they be physical, virtual, or cloud—in a single pane of glass.

Using AlgoSec together with BIG-IP AFM and LTM, organizations’ security and IT teams can:

  • View, analyze, and simulate complex network security environments across the entire security infrastructure including cloud, firewalls and SDN
  • Automatically generate audit-ready compliance reports across their F5 devices and entire multi-vendor network estate
  • Use AlgoSec to automatically discover which business applications are supported by each F5 policy rule
  • Easily audit, clean up, and optimize F5 Advanced Firewall Manager firewall rules and objects
  • Perform full risk analyses across the F5 deployment and entire multi-vendor network

In practice, this means that if any changes are planned to security policies or connectivity, network and security teams can assess how those changes will impact business applications and other security controls across the entire enterprise network fabric. This eliminates the risks of misconfigurations and application outages by allowing the impact of any changes to be assessed before they are made. It also ensures security policies are applied and maintained automatically and consistently, without the need for time-consuming, error-prone manual processes—accelerating change processes and enhancing business agility.

Why not find out more about AlgoSec can help to harmonize security management of your F5 deployments with the rest of your network? Visit F5’s use case page to learn how AlgoSec works with F5 AFM and LTM, or visit the AlgoSec website for more details.