Use Case

Unify Security Policy Management Across All Your Networks

Algosec logo

Challenges

  • Manual and error-prone change management processes that delay time-to-market.
  • Cumbersome and time-consuming auditing preparation processes and audit failures.
  • Documenting all firewall changes, reviews, and approvals.
  • Getting a consistent view of security across the network.
  • Migrating app connectivity to the cloud and preventing outages.
  • Identifying risk and compliance violations before they impact business agility.

Key Benefits

  • User access can be managed and administered centrally
  • A uniform security policy across on-premises, cloud, and hybrid environments.
  • Deploy applications faster by automating security change management.
  • Avoid security device misconfigurations that cause outages.
  • Reduce the costs and efforts of firewall auditing.
  • Facilitate communication between security teams and application owners.

In today’s continually evolving business environment, IT often struggles to gain visibility and control into the elements that make up their network. Visibility is critical to ensure compliance with security policies and regulatory guidelines. Effective security policy management that accommodates today’s dynamic organizations is a challenge for many IT departments.

F5 and AlgoSec partnered to bring together AlgoSec’s business-driven security policy management with F5’s industry-leading BIG-IP. As a result, customers can benefit from AlgoSec’s security policy visibility and lifecycle management capabilities combined with the best-validated networking and security solutions in the industry via F5 BIG-IP.

The F5 and AlgoSec integration provides the following benefits for BIG-IP Local Traffic Manager (LTM) and BIG-IP Advanced Firewall Manager (AFM) modules:

  • Change monitoring to track changes on BIG-IP (virtual server configuration, AFM policy, topology visualization, etc.)
  • Visualization of security rules
  • Topology visualization and routing queries across the BIG-IP virtual server and IP pools
  • Traffic simulation and “what-if” analysis
  • Risk analysis
  • Regulatory compliance
  • Baseline configuration compliance
  • Audit readiness
  • Generate AFM policy and virtual server change recommendations

Joint solution description

AlgoSec seamlessly integrates with F5 BIG-IP LTM and BIG-IP AFM modules to provide customers with unified security policy management across networks. Through a single pane of glass, AlgoSec provides a holistic view of security across your network infrastructure. AlgoSec Firewall Analyzer delivers visibility and analysis of BIG-IP LTM and BIG-IP AFM. It automates and simplifies security operations. including troubleshooting, auditing, and risk analysis.

Unified visibility for hybrid environments

AlgoSec automatically pulls information from a wide range of devices to generate an interactive network topology map. This map includes BIG-IP hosts, as well as other network security elements like on-premises firewalls and cloud security controls. Using this map, you can understand the impact of BIG-IP on traffic, quickly troubleshoot connectivity issues, plan changes, and perform “what-if” traffic queries.

This visibility can help you understand if there’s a virtual server that handles this type of traffic, where the traffic is directed, and whether a policy blocks or allows the traffic. AlgoSec performs traffic simulation queries while taking into account network and security controls such as BIG-IP LTM NAT and load balancing, BIG-IP AFM rules, and more.

Security policy change management

Using an intelligent, highly customizable workflow, AlgoSec automates the entire security policy change process for BIG-IP AFM policy—from planning and design through submission, proactive risk analysis, implementation, validation, and auditing. With AlgoSec, you can avoid guesswork and manual errors, reduce risk, and enforce compliance.

Audit and compliance

AlgoSec automatically generates pre-populated, audit-ready compliance reports for the most popular industry regulations as well as customized corporate policies, helping reduce audit preparation efforts and costs by as much as 80 percent. AlgoSec also uncovers gaps in your compliance posture and proactively checks all changes for compliance violations, so you can remediate problems before an audit and ensure continuous compliance.

BIG-IP AFM policy optimization

AlgoSec provides actionable recommendations to help you clean up and reduce risk across your environment. AlgoSec uncovers unused or duplicate rules, initiates a recertification process for expired rules, and provides recommendations on how to consolidate rules for better performance—all without impacting business requirements.

About AlgoSec

AlgoSec enables the world’s largest and most complex organizations to manage security based on what matters most—the applications that power their business. Over 1,800 of the world’s leading organizations, including 20 of the Fortune 50, have relied on AlgoSec to automate and orchestrate network security policy management across cloud and on-premises networks and to drive business agility, security, and compliance. Learn more at algosec.com.

Connect with F5

F5 Labs

The latest in application threat intelligence.

DevCentral

The F5 community for discussion forums and expert articles.

F5 Newsroom

News, F5 blogs, and more.