Scribd
Upload
95 views29 pages

2 AFA Foundations - Overview A32

Uploaded by

Vinicius
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
95 views29 pages

2 AFA Foundations - Overview A32

Uploaded by

Vinicius
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 29

AlgoSec Firewall Analyzer

Foundations Course (Overview)


OBJECTIVES
By the end of this session, you will be able to understand and explain:

Explain how AlgoSec Firewall Analyzer works

Describe AlgoSec Firewall Analyzer’s capabilities

Describe AlgoSec Firewall Analyzer’s architecture

2 | Confidential
INTRODUCTION

3 | Confidential
INTRODUCTION
Main Features

With AlgoSec Firewall Analyzer you can manage:

Operation
Management
Risk and Change
Compliance Management

Policy
Optimization

4 | Confidential
DEVICES
Monitoring and Analysis

Audit
Rule Routing and AlgoSec Firewall Analyzer
Sets table Traffic
logs

Web Reports
Risk Compliance

Optimization Changes

Email alerts
5 | Confidential
INTRODUCTION
Available Platforms

Hardware Appliance VMware Appliance (VM) AWS AMI Image/Azure

Pre-installed ASMS

Linux Installer Kit


6 | Confidential
INTRODUCTION
AlgoSec Available Platforms

Number of
Model Devices Storage*
Hardware Appliance Supported*

2062 1-60 2*1.2TB

2203 60-550 5*1.2TB

2403 550-1200 8*1.2TB

7 | Confidential
CAPABILITIES

8 | Confidential
CAPABILITIES
Monitor All Policy Changes
1.All changes are tracked in near real-time
2.Receive automatic alerts on changes

9 | Confidential
CAPABILITIES
Security Rating Visibility
Identify and mitigate firewall policy risk

10 | Confidential
CAPABILITIES
Troubleshoot Network Issues
Traffic Simulation Query

11 | Confidential
CAPABILITIES
Troubleshoot Network Issues
Network Map

12 | Confidential
REVIEW QUESTIONS

1. Name the four main product capabilities


2. Describe AFA’s monitoring capabilities

13 | Confidential
CAPABILITIES
Dashboards

1. Easily view device status

2. Out-of-the-box dashboards
and charts

14 | Confidential
CAPABILITIES
Reporting Tool
A dedicated BI tool giving access to all key AlgoSec data

15 | Confidential
CAPABILITIES
Firewall Rule Set Optimization
Improve your system performance

Intelligent Rule Reordering

Rule Reordering Report

16 | Confidential
CAPABILITIES
Cleanup and Optimize Firewall Rule Sets

Identify overly permissive rules


tighten the rule by replacing “ANY” with actual business requirements

17 | Confidential
CAPABILITIES
Cleanup and Optimize Firewall Rule Sets

Intelligent Policy Tuner™


Identify overly permissive rules
tighten the rule by replacing
“ANY” with actual business requirements

18 | Confidential
CAPABILITIES
Audit and Compliance Reports

ASD- PCI
Basel II LGPD
ISM DSS

ISO
HIPAA GDPR HKMA
27001

NAS NIST NERC


SWIFT
TRM SP CIP

GLBA SOX BSI 200 FIEL


(Japan)

19 | Confidential
CAPABILITIES
Audit and Compliance Reports
Baseline Configuration Compliance

Ensure firewall configuration complies


with vendor recommendations
Audit and Compliance Reports

20 | Confidential
RULE DOCUMENTATION
Policy Tab

Searchable device security policy view using the vendor’s format

Provides infrastructure for defining fields to document each rule, e.g.


business owner, related applications, usage etc.

Displays application details from AppViz add-on

21 | Confidential
WEB SERVICES API
Key API Functionality
AlgoSec REST APIs enable remote access to a wide range of Firewall Analyzer operations

Object Data
Analysis &Reporting
• Retrieve object and interface data
• Start analysis & check status
• Add/edit devices
• Calculate risk check, trust traffic
• Identify missing routers
• Retrieve Baseline Compliance report REST API

And more
• Run Traffic Simulation Query
• Manage rule documentation
• Get unused rules
22 | Confidential
SOAP
REVIEW QUESTIONS

1. Explain what the IPT does

23 | Confidential
ARCHITECTURE

24 | Confidential
ARCHITECTURE
Geographical Distribution
Remote Agent Remote Agent

Remote appliances collect


data and transmit it to a
central management
appliance for processing.

Remote Agent
Central Manager

25 | Confidential
ARCHITECTURE
Load Sharing (Clustering)
For large environments:
Report generation workload is shared across multiple appliances.
Master

Load Balancer Load Balancer


26 | Confidential
ARCHITECTURE
HA / DR

Active Standby

High-Availability Disaster Recovery


1. Provide redundancy and 1. Preserve data in the case of
“always on” service failure at the primary site
2. Automatic synchronization 2. Automatic synchronization
3. Automatic failover 3. Manual failover
4. Typically located at the same site 4. Typically located at different sites

27 | Confidential
OBJECTIVES
You should now be able to:

Explain how AlgoSec Firewall Analyzer works

Describe AlgoSec Firewall Analyzer’s capabilities

Describe AlgoSec Firewall Analyzer’s architecture

28 | Confidential
THANK YOU

29 | Confidential

You might also like