AlgoSec – NSPM Solution Quick Review
AlgoSec NSPM solution (Network Security Policy Management) offers organizations streamline various aspects of managing security policies that govern devices such as firewalls, SIEMs, ADCs, etc. Founded in 2004 by Yuval and Avishai Wool, it serves 2000 global customers including Fortune 50.
Key Use Cases
| Use Case | Modules | Description |
| Centralized security policy management and visibility across multi-vendor firewalls | AlgoSec Firewall Analyzer (AFA) | Automatically uncover and securely remove unused, duplicate, or conflicting rules. Recertify expired rules based on security and application needs. Consolidate and reorder rules for better performance of the Firewalls. Identify and tighten overly permissive rules (Any/Any) without causing misconfigurations. |
| Continuous audit and Compliance | AlgoSec Firewall Analyzer (AFA) | Instantly generate audit-ready reports for all major regulations, including PCI, ISO, and many others |
| Change Tracking & monitoring | Algosec Firewall Analyzer (AFA), Algosec Fireflow (AFF) | Get a complete audit trail of all firewall changes and approval processes. Automated policy push. Automated change validation after the rule provisioning. |
| Application dependency mapping and Vulnerability Management | Algosec AppViz | Auto-discover business applications and their connectivity requirements without requiring any prior knowledge. Allow business owners to request connectivity in non-technical terms and automatically translate them to networking terms. Easy-to-use workflows ensure a smooth, outage-free Firewall rule recertification |
Software Deployment requirements
Following are the minimum specifications for AlgoSec virtual appliance deployment
| Architecture | CPU | Memory | Storage | Network Bandwidth |
| Algosec VMWare Appliance | Minimum 10 CPU Cores 2.2 GHz Each | 36 GB | 300 GB | 1 Gbps |
Connectivity and Port requirement examples
| From | To | Port | Reason |
| AlgoSec | Cisco L3 core switch | SSH | Device Connectivity |
| Algosec | Cisco FMC | HTTPS/443 | Device connectivity (REST-API) |
| AlgoSec | Cisco FTD | SSH | Baseline compliance |
| Cisco L3 core switch | AlgoSec | UDP/2055 | Netflow traffic for application discovery |
| Administration system | AlgoSec | HTTPS/443 | Appliance connectivity (GUI) |
| Administration system | AlgoSec | SSH | Appliance connectivity (SSH) |
| AlgoSec | LDAPS | TCP/636 or TCP/389 | LDAP integration |
| AlgoSec | NTP | UDP/123 | Time synchronization |
| AlgoSec | DNS | UDP/53 | DNS resolution |
| AlgoSec | ACI APIC | 443 |
Competition and special attractions
The key competition for AlgoSec is Skybox and interestingly AlgoSec offers money back guarantee and also provides an ROI calculator
Pricing and Summary
Algosec key licensing is based on per device as shown in the below table. However, some of the modules follow a slightly different licensing model. E.g.: AppViz and AppChange are based on the number of applications the customer wants to manage. An HA/DR license is required for each cluster node in the HA/DR architecture
| Licensing Model | Explanation | Examples |
| Per Firewall | A standalone Firewall | Checkpoint, Cisco, Fortinet, PaloAlto etc |
| Per Firewall Cluster | A group of 2 or more clustered firewalls | Checkpoint, Cisco, Fortinet, PaloAlto, etc |
| Per Virtual firewall | Virtual Firewall instance on the physical box | VDOMs |
| Cisco ACI | Number of leaf switches | |
| Public Cloud | subscription-based, number of instances | Amazon AWS |
AlgoSec is well-recognized as a key player in the NSPM market. For more information please visit.
NSX-T ALB AVI Series : Part01
VMware vSAN Solution Analysis
Securing Internet Access Using Cisco Umbrella
About Author
Muhammad Marakkoottathil(MM)
Expert in the field of SDN, cloud computing, virtualization, active-active data center design & migration. Passionate about helping organizations to achieve their digital transformation objectives with strong 15+ years of experience in design, deployment, and managing heterogeneous network solutions across the industry verticals. Major Industry Certifications: Cisco CCIE, CCDP, VMware VCAP-NV_DESIGN, TOGAF, ITIL, NUTANIX NCSE, Google Cloud Architect, Azure Fundamentals More info please visit my page @ LinkedIn: https://www.linkedin.com/in/contactmm/
Greetings,
Tried to reach your desk number, We are urgently looking out for SAP & IT services Partnership to expand and support your existing service team with our LOW COST IT SERVICE PARTNERSHIP MODEL. please contact us below for more information.
Let me know when can we do a quick talk. Kindly reply with date and time zone as we operate from Singapore + Asia
Kind Regards,
Miltan
Whats app +65 8679 6684
Hi Miltan,
Thanks for reaching out. will call you today.
regards
Shafeeda Muhammad