Founded in 2003, AlgoSec enables security and operations teams to intelligently manage security policies across firewalls, routers, VPNs and related devices, increasing operational efficiency and improving risk mitigation for organizations worldwide. Today, more than 800 enterprises, MSSPs and auditors in over 40 countries and across all industry verticals use AlgoSec solutions. From mid-sized enterprises and Fortune 500 companies to all Big Four auditing firms, organizations choose AlgoSec for its unique combination of superior technology and commitment to customer satisfaction.

In the following interview, Dr. Avishai Wool, CTO and Co-Founder of AlgoSec, discusses 1:1 with Rake Narang, Editor-in-Chief of Info Security Products Guide, what an organization should consider before making the move to next-generation security devices.

Rake Narang, Editor-in-Chief: How are social networks, online communities and multiple devices increasing the possibilities of uncharted security threats to enterprises?

Dr. Avishai Wool: Social media, mobile devices such as smartphones, and the cloud all play a major role in extending the perimeter of an organization beyond its historical boundaries. More accessibility to systems and ultimately information ensures that the business never sleeps. However it also provides much more opportunity for access and sensitive information to fall into the wrong hands. No longer can we have a one size fits all network policy because the network has become very complex to effectively manage. Segmenting access policy by users and applications is a good way to more granularly enable the business while also securing it, but this also presents more complexity and complexity typically leads to security gaps that threats are lurking for and targeting.

Rake Narang: What is the difference between traditional network security devices and next-generation network security devices?

Dr. Avishai Wool: Traditional firewalls enable administrators to define security policies based primarily on a connection’s source IP address, destination IP address, and service. But with the increased use of applications, the demand for mobility, virtualization and use of the cloud, as well as the evolution of sophisticated threats, we’re seeing the shift to more granular security policies – by application and user.

Next-generation firewalls enable administrators to define application and user aware policies. This provides the admins with more control, especially over port-hopping applications that cannot effectively be managed with a traditional firewall policy.

Rake Narang: What should an organization consider before making the move to next-generation security devices?

Dr. Avishai Wool: It is clear that at least for certain parts of the network, next-generation firewalls make a whole lot of sense. However, generally speaking, more granular network security policies equal more complexity. So the big question becomes, how can organizations take advantage of the clear benefits of NGFWs while minimizing the complexity, administrative burden and risk from improper configurations?

You must think through your policy decisions and understand their impact. If you decide to whitelist at the application level (i.e. block outbound TCP/80 and only allow those web-applications you know about), how many more change requests per week will you be processing? Can your existing team handle the extra load without degradation to turnaround time? Will you require additional headcount? What is the impact if you define policy via a blacklisting approach, via rules like “block social networks, file sharing and video streaming, and allow all other web traffic”? How do you manage these next-generation devices in the context of your broader network (i.e. you still have traditional firewalls, secure web gateways, etc.).

In today’s environment and with NGFWs, IT must understand what applications are needed by what users and provide access. Without careful design and maintenance, a poorly optimized NGFW policy could take what was a single rule allowing http, and become a policy that includes 10,000 new rules, one per application – creating more opportunity for error and risk.

Company: AlgoSec
300 Colonial Center Parkway
Suite 100
Roswell, GA 30076 U.S.A.

Founded in: 2003
CEO: Yuval Baron
Public or Private: Private
Products and Services: AlgoSec is the market leader in network security policy management. AlgoSec enables security and operations teams to intelligently automate the policy management of firewalls, routers, VPNs, proxies and related security devices, improving operational efficiency, ensuring compliance and reducing risk.