AlgoSec FireFlow Heats Up Firewall MarketBy Sharon Linsenbach | Print
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
VARs and customers will have to wait to get their hands on FireFlow, the hot new software that automates network security policy workflow management.
Network security VARs, take note: AlgoSec's FireFlow network policy change workflow management software is the next hot-ticket item for customers. But VARs will have to wait until 2009 to get their hands on it.
AFA (AlgoSec Firewall Analyzer) was a big hit with Lightwave Security's customers, says Lightwave CEO Joseph Dell.
But while AFA analyzes firewall configurations and operations and provides security risk management, it left out a crucial piece of the puzzle: network security policy change life-cycle management.
OK, that's quite a mouthful. But it's really pretty simple, says Dr. Avishai Wool, co-founder and CTO of Algorithmic Security. FireFlow automates the life cycle of policy change requests all the way from submission through audit.
"This is one of the first things our customers asked for, way before the FireFlow product was announced; they wanted to automate their change management process," Dell says. He adds that change management is a hot networking and security topic for his customers, many of whom have been struggling to address policy change workflow management for years.
Why is this so important? Because with some companies dealing with as many as 50 to 100 security policy changes each week, effectively managing and tracking network security policy changes can mean the difference between secure and vulnerable.
Network security policy changes can be triggered because of new technology partnerships forged between companies, the introduction of new applications, redesigned networks, reassigned servers or employees joining or leaving the company, Wool says.
"The enterprise, and therefore its network security policy, has to be in a constant state of flux. Because of these changes, large organizations have to deal with a large volume of requests to change the way their firewalls in particular are configured," Wool says.
Companies often dedicate significant staff to handling these changes and tracking the change requests, but Wool says when the numbers move into the double and triple digits, it's easy to forget to implement a requested change, miss a change that needs to be made or incorrectly track a change that was made, all of which compromises security.
"I'm always looking for the next big thing, that significant emotional event that makes people want to buy a product immediately. As soon as I heard about AlgoSec I knew that was where I had to be," Dell says.
He says while enterprises all jumped on the firewall bandwagon 10 years ago, the crucial element now is managing not just network traffic but also corporate policy and policy changes.
"The care and feeding of these ever-changing firewalls is the part that's most frequently forgotten about," Dell says. Companies that have been struggling with change management over the last three or four years can use AFA and FireFlow to gain needed visibility and control over network security policy, not just for their own sakes but, in many cases, for the sake of compliance auditors, he says, for those end customers that are required to prove compliance with the Sarbanes-Oxley Act or HIPAA (Health Insurance Portability and Accountability Act), for instance.
FireFlow is compatible with products from Cisco Systems, Juniper Networks and Check Point Software Technologies, says Wool, making the solution compatible with 90 percent of the install base of firewalls worldwide. Since the market for firewall-specific workflow management solutions is new, the space is a wide open frontier for VARs and resellers, especially those that want to go back to existng customers for upsell and services sales.
Wool says while EMC, Hewlett-Packard and CA have very generic workflow management systems, they don't compete directly with FireFlow. Those systems are large, complex, difficult to install and manage and don't address firewall policy change management directly, according to Wool. FireFlow does, however, integrate with these workflow management systems for additional policy management insight, he says.
While AlgoSec announced the product June 16, it will only be available as a beta in the third quarter of 2008. It won't be generally available until early 2009, though Wool says AlgoSec is ramping up to get awareness out.
"We have about 200 worldwide customers currently on AFA, and they've shown a substantial amount of interest already," Wool says.
Dell adds that most, if not all, of his customers will want to get their hands on FireFlow, though they will have to cool their heels for a while. "Whereas before, sure, maybe we could shoehorn some policy change management functionality in, now we'll be able to say, 'Yes, we have a product that can do that for you,'" Dell says.