Euroclear automates firewall rule management with AlgoSec

Post-trade back-office process provider has made the management of firewalls more efficient through security management software

Post-trade back-office process provider Euroclear is using security management software from AlgoSec to manage its firewalls and automate security processes.  

Financial trading companies operate in environments where transactions are completed in microseconds through algorithmic trading, and post-trade processing must also be swift. At the same time, security is paramount to businesses in the financial services sector, which are regulated heavily. 

By using security policy management firm AlgoSec’s Security Management Suite, Belgium-based Euroclear, which processes financial trades after they are complete, has improved the visibility of security and automated security processes.

It started by using AlgoSec’s Firewall Analyser in 2012 to get a clear view of security across its infrastructure. It then rolled out AlgoSec’s FireFlow in 2013 to automate the management of firewall configuration changes, in a project that took six months to implement to support 150 security devices.

Benoît Delrieux, a security engineer at Euroclear, told a conference in France that identifying vulnerabilities created by firewall rule changes “is very complicated and even unfeasible”. But he said it is critical to do so when the infrastructure is complex and if the company operates in a regulated industry, such as financial services.

Before using the FireFlow software, Euroclear documented firewall change requests in Excel files and approved them via an informal process, with all changes performed manually. This process meant the company was able to handle no more than 20 changes a week.  

Delrieux said the company’s network segmentation didn’t help because it was complicated and required additional resources to analyse and process change requests.

Read more about security management

Using AlgoSec’s FireFlow, Euroclear analysed all existing firewall rules and removed about 80% of them. FireFlow is more effective when integrated with Firewall Analyzer. It uses Firewall Analyzer’s network mapping capabilities to detect and show the traffic flows.

Today, the Euroclear team can manage 50 change requests a week – and expect to manage up to 100 in the future.  

Algosec includes a matrix of security risks, and all changes are assessed based on these risks. If no risks are detected, the change is automatically approved. The system tracks the entire change process and provides a full audit trail.

This level of automation enables Euroclear to reduce risk, said Delrieux. “AlgoSec ensures we do not create rules that are too broad and, above al,l ensures that only allowed traffic through the right ports is approved.” Also, after implementation, every request is automatically verified to ensure it corresponds to the original request, he said.  

A version of this article first appeared on Le Mag IT. ...................................................................................................................... ...................................................

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close