With AFA 5.0 software, customers can model the firewalls based on analyzing their rules, not by sending test packets or scanning the network. (.)

Algorithms in the software creates a global view of network firewalls and can determine whether if a perimeter firewall is lax about allowing in certain risky traffic, another firewall behind it will block it. The analysis involves all the firewalls and their routing as a whole protection scheme, not as separate, individual firewalls, AlgoSec says.

AFA 5.0 draws how firewalls are connected to each other based on current configurations. If one firewall seems to be allowing risky traffic into what is supposed to be a protected zone, the analyzer will find whether another firewall is or is not already protecting the zone from that traffic, the company says.

AFA platforms can analyze homogeneous or heterogeneous networks made of Check Point, Cisco and Juniper firewalls.

The software can simulate what traffic paths will be allowed to take if routing changes are made in corporate firewalls so network security executives can see the impact of proposed changes before they are implemented. With corporate firewall administrators receiving multiple change requests per week, the software can help sort which rules are needed and whether they accomplish the business goals being sought, the company says.