Sunday, May 12, 2013

Firewall Analysis Saves Time Keeping Application Paths Clear report is out!

The Firewall Analysis Saves Time Keeping Application Paths Clear report is complete and available!

Please contact me for more info. The teaser is:

Firewalls rely on IT-defined rules in allowing authorized application traffic to flow unencumbered between data centers and users while preventing undesirable traffic from entering the corporate network. These rules, which can number in the thousands per firewall, prescribe allow/deny decisions based on sources, destinations, and the services provided. The more complex the network, the more complex the firewall rule sets, and the more likely IT will encounter disruptive side-effects when changing firewall rules to secure application access.

The primary reason to analyze firewall rule sets is to identify logic errors opening security gaps, violating compliance policies for segmenting regulated data, preventing subsequent rules from firing, or rules becoming obsolete due to changes in business services. This leads to business benefits in managing network complexity such as:

• Drive operational costs out of making changes to firewall rule sets by reducing errors, automating compliance reporting, and recommending effective rules based on application requirements.
• Accelerate application deployment cycle times by streamlining firewall change processes to a matter of hours.
• Enable an orderly evolution to application-centric security management for next generation firewalls as well as traditional deployed firewalls.
• Model the impact of new rules before a change is approved to protect against errors that could block application paths.
• Maintain a secure audit log of firewall rules changes to document all changes for compliance reporting.

Firewalls connect businesses to the Internet. It is the one security technology that truly enables a stronger business by securing application paths to users. The Ogren Group believes it is critically important for organizations to apply technology to help manage accuracy and instill a change process to control operating costs with increasing complexity in networks and firewall rule sets.

It is far from certain that firewall analysis will be more than a niche market with room for multiple vendors. Firewall analysis vendors are branching into application security motivated by next generation firewall concepts, enterprise security management to reduce operational costs, and threat assessment based on path analysis. The Ogren Group applauds AlgoSec, SolarWinds and Tufin for their vision and execution in Firewall Analysis.

In this report, the Ogren Group presents the features, life cycle, and market strategy of Firewall Analysis. The report concludes with recommendations for vendors and the enterprise buyers they covet.


  1. I had the pleasure of helping AlgoSec with a webcast built around their annual "State of Network Security" survey. It is really good stuff! Look for the replay on if you missed it the first time around.

  2. AlgoSec has posted a copy of this report behind a registration. Check it out here ...

    AlgoSec is one of the leading vendors in Firewall Analysis and I definitely recommend that you place them on your short list for ewvaluation.