AlgoSec – NSPM Solution Quick Review

AlgoSec NSPM solution (Network Security Policy Management) offers organizations streamline various aspects of managing security policies that govern devices such as firewalls, SIEMs, ADCs, etc. Founded in 2004 by Yuval and Avishai Wool, it serves 2000 global customers including Fortune 50.

Key Use Cases

Use CaseModulesDescription
Centralized security policy management and visibility across multi-vendor firewallsAlgoSec Firewall Analyzer (AFA)Automatically uncover and securely remove unused, duplicate, or conflicting rules.
Recertify expired rules based on security and application needs.
Consolidate and reorder rules for better performance of the Firewalls.
Identify and tighten overly permissive rules (Any/Any) without causing misconfigurations.
Continuous audit and ComplianceAlgoSec Firewall Analyzer (AFA)Instantly generate audit-ready reports for all major regulations, including PCI, ISO, and many others
Change Tracking & monitoringAlgosec Firewall Analyzer (AFA), Algosec Fireflow (AFF)Get a complete audit trail of all firewall changes and approval processes.
Automated policy push.
Automated change validation after the rule provisioning.
Application dependency mapping and Vulnerability ManagementAlgosec AppVizAuto-discover business applications and their connectivity requirements without requiring any prior knowledge.
Allow business owners to request connectivity in non-technical terms and automatically translate them to networking terms.
Easy-to-use workflows ensure a smooth, outage-free Firewall rule recertification

Software Deployment requirements

Following are the minimum specifications for AlgoSec virtual appliance deployment

ArchitectureCPUMemoryStorageNetwork Bandwidth
Algosec VMWare ApplianceMinimum 10 CPU Cores 2.2 GHz Each  36 GB  300 GB  1 Gbps

Connectivity and Port requirement examples

FromToPortReason
AlgoSecCisco L3 core switchSSHDevice Connectivity
AlgosecCisco FMCHTTPS/443Device connectivity (REST-API)
AlgoSecCisco FTDSSHBaseline compliance
Cisco L3 core switchAlgoSecUDP/2055Netflow traffic for application discovery
Administration systemAlgoSecHTTPS/443Appliance connectivity (GUI)
Administration systemAlgoSecSSHAppliance connectivity (SSH)
AlgoSecLDAPSTCP/636 or TCP/389LDAP integration
AlgoSecNTPUDP/123Time synchronization
AlgoSecDNSUDP/53DNS resolution
AlgoSecACI APIC443 

Competition and special attractions

The key competition for AlgoSec is Skybox and interestingly AlgoSec offers money back guarantee and also provides an ROI calculator

Pricing and Summary

Algosec key licensing is based on per device as shown in the below table. However, some of the modules follow a slightly different licensing model. E.g.: AppViz and AppChange are based on the number of applications the customer wants to manage. An HA/DR license is required for each cluster node in the HA/DR architecture

Licensing ModelExplanationExamples
Per FirewallA standalone FirewallCheckpoint, Cisco, Fortinet, PaloAlto etc
Per Firewall ClusterA group of 2 or more clustered firewallsCheckpoint, Cisco, Fortinet, PaloAlto, etc
Per Virtual firewall Virtual Firewall instance on the physical boxVDOMs
Cisco ACINumber of leaf switches
Public Cloudsubscription-based, number of instancesAmazon AWS

AlgoSec is well-recognized as a key player in the NSPM market. For more information please visit.

2 Comments

Add a Comment

Your email address will not be published. Required fields are marked *