Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

2018 11-19 improving business agility with security policy automation final

176 views

Published on

The traditional network is bursting at the seams. Good old perimeter security, enforced by traditional firewall protection, is being joined by distributed firewalls, public clouds and a shared-responsibility security model.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

2018 11-19 improving business agility with security policy automation final

  1. 1. IMPROVING BUSINESS AGILITY WITH SECURITY POLICY AUTOMATION Yoni Geva, Product Manager yoni.geva@algosec.com
  2. 2. 2 WELCOME Have a question? Submit it via the chat This webinar is being recorded! Slides and recording will be sent to you after the webinar 2 marketing@algosec.com
  3. 3. 3 How difficult is it for your network teams to understand the business context of firewall rules? • Very • Slightly • This is not a challenge Please vote using the “votes from audience” tab in your BrightTALK panel POLL
  4. 4. GROWING EXPECTATIONS FROM IT AND SECURITY TEAMS
  5. 5. 5 RUN FASTER! • Constant demand for higher business agility • Technology enablers (DevOps, cloud, SDN) • Deliver in minutes/hours, not weeks/months PROTECT YOUR NETWORK BETTER! • Attacks and breaches are constantly on the rise, more sophisticated • Security must be stronger and tighter But also…
  6. 6. 6 THE BALANCING ACT - REALITY Trying to find the perfect balance: • Both agility and security are affected • Constant tension between Security and Apps teams Security Business Agility And if it fails … Shadow IT starts
  7. 7. 7 BUT WHAT IF YOU COULD… HAVE YOUR CAKE AND EAT IT TOO?
  8. 8. INFORMATIONMANAGING SECURITY WITH THE BUSINESS CONTEXT * Slide from AlgoSec webinar featuring Gartner The move to the cloud, mobile and digital business requires changes in how we approach security People Processes Application & Services Workspace OS Network Hardware TOP DOWN Information, process and Application-centric security Business-driven security BOTTOM UP Device and OS fixation, “lockdown” Asset-centric security
  9. 9. 9 ALGOSEC BUSINESS FLOW • Provision connectivity for business applications • Assess the impact of network changes • Easily migrate application to cloud environments • View risk and vulnerabilities for the business application • Securely decommission applications and policy rules
  10. 10. 10 WHY IS BUSINESS CONTEXT SO IMPORTANT? • Prioritize risk management by application criticality • Application sensitivity impact security levels • E.g. PCI • Security policy affected by application status Matching of business application to firewall rules
  11. 11. 11 AlgoSec enables companies to align security with their business processes Business-driven Agility Business-driven Visibility Business-driven Security BUSINESS DRIVEN SECURITY MANAGEMENT
  12. 12. 12 POLL How do application owners in your organization document the application flows? • We do not have documentation for most of the applications • Manually in Excel, Visio or Word • CMDB or other database • I don’t know, it’s not my responsibility Please vote using the “Votes” tab in your BrightTALK panel
  13. 13. 13 THE APPLICATION LIFECYCLE Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  14. 14. 14 THE SECURITY POLICY MANAGEMENT LIFECYCLE Auto-discover and map application connectivity and security infrastructure Allow application owners and architects to easily define their application connectivity needs DecommissionMaintainPlan & Assess Migrate & DeployDiscovery
  15. 15. 15 DESIGN OR DISCOVER EXISTING APPLICATIONS • Existing sources? • CMDB • Excel Spreadsheet • Firewall Rules • APM DB • Network discovery • Firewall logs • Network sensing • 3rd party network probing • Design a new application Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  16. 16. 16 APPLICATION & CONNECTIVITY AUTO-DISCOVERY • Various sources: network mirroring, PCAP files, NetFlow, sFlow Network sensing • Determine hosts • Determine active flows Analyze network traffic • Smart heuristics to identify web services, data bases, applications • Application identity “hints” Identify business applications Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  17. 17. 17 THE MAPPED BUSINESS APPLICATIONS Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  18. 18. 18 DISCOVERED APPLICATIONS Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  19. 19. 19 DISCOVERED APPLICATION FLOWS Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  20. 20. 20 OPTIMIZED FLOWS Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  21. 21. 21 THE SECURITY POLICY MANAGEMENT LIFECYCLE Design for segmentation Translate application connectivity into firewall rules Assess risk and compliance Auto-discover and map application connectivity and security infrastructure Allow application owners and architects to easily define their application connectivity needs Discovery DecommissionMaintainMigrate & DeployPlan & Assess
  22. 22. 22 UNFILTERED FLOWS FOR MICRO- SEGMENTATION If you place endpoints in different segments: • Write policy to allow the flow • … or application will break • Enables Micro-segmentation! Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  23. 23. 23 Design Enforce FULL CYCLE FROM DESIGN TO ENFORCEMENT Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  24. 24. 24 EASILY VISUALIZE AND REVIEW APPLICATION CONNECTIVITY Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  25. 25. 25 ANALYZE AND REVIEW APPLICATION CONNECTIVITY RISKS Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  26. 26. 26 AND … VULNERABILITIES Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  27. 27. 27 THE SECURITY POLICY MANAGEMENT LIFECYCLE Automated policy push Design for segmentation Translate application connectivity into firewall rules Assess risk and compliance Auto-discover and map application connectivity and security infrastructure Allow application owners and architects to easily define their application connectivity needs Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  28. 28. 28 MANAGING APPLICATION LIFECYCLE AS A PROJECT Move Application Payroll from testing to staging Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  29. 29. 29 EASILY MANAGE APPLICATION LIFECYCLE Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  30. 30. 30 REVIEW RISKS Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  31. 31. 31 OPEN CHANGE REQUEST • Easily tracked • Approval workflows Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  32. 32. 32 AUTOMATIC CALCULATION OF DEVICES IN PATH Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  33. 33. 33 AUTOMATIC CALCULATION OF DEVICES IN PATH Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  34. 34. 34 APPROVAL OF RISKS Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  35. 35. 35 TRANSLATION AND IMPLEMENTATION OF POLICY RULES Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  36. 36. 36 THE SECURITY POLICY MANAGEMENT LIFECYCLE Out-of-the box auditing and compliance reports Link firewall rules to applications Policy clean up and optimization Tie cyber attacks and vulnerabilities to business processes Prioritize risks and vulnerabilities Design for segmentation Translate application connectivity into firewall rules Assess risk and compliance Auto-discover and map application connectivity and security infrastructure Allow application owners and architects to easily define their application connectivity needs Automated policy push Discovery DecommissionPlan & Assess Migrate & Deploy Maintain
  37. 37. 37 RISK AND THE APPLICATION • Easily identify high risk applications • Present risk also to application owners and BU managers • Prioritize based on risk level, applications sensitivity and criticality Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  38. 38. 38 CONSIDER THE APPLICATION IN POLICY CLEAN UP Example: we are considering the effect of a new FTP related threat – which applications are at risk? Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  39. 39. 39 BRING BUSINESS- CENTRIC VULNERABILITY MODELING INTO REGULATORY COMPLIANCE Discovery DecommissionMaintainPlan & Assess Migrate & Deploy PCI sensitive applications…
  40. 40. 40 THE SECURITY POLICY MANAGEMENT LIFECYCLE Decommission redundant firewall rules and application connectivity Out-of-the box auditing and compliance reports Link firewall rules to applications Policy clean up and optimization Tie cyber attacks and vulnerabilities to business processes Auto-discover and map application connectivity and security infrastructure Allow application owners and architects to easily define their application connectivity needs Design for segmentation Translate application connectivity into firewall rules Assess risk and compliance Automated policy push Discovery DecommissionMaintainPlan & Assess Migrate & Deploy
  41. 41. Q & A You are also welcome to request a demo and email questions marketing@algosec.com
  42. 42. 42 SUMMARY • Taking the top-down, business-driven approach • Business-driven automation • Tying application information to security controls
  43. 43. 43 MORE RESOURCES WHITEPAPER SOLUTION BROCHURE PPT PROF. WOOL EDUCATIONAL VIDEOS www.algosec.com/resources
  44. 44. 44 UPCOMING WEBINARS https://www.algosec.com/webinars Taking Control of Your Complex Security Policy Across Hybrid and Multi-Cloud Environments When: Dec 4th By: Yitzy Tannenbaum, Product Marketing Manager & CSA Exclusive LIVE Panel: AlgoSec and AWS Sharing Best Practices When: Dec 11th By: Prof. Avishai Wool, CTO & Scott Ward, Principal Solutions Architect (AWS) More Things You Can Do with the AlgoSec Security Policy Management Suite When: Dec 17th By: Dania Peretz, Product Manager SIGN UP NOW
  45. 45. 4545 JOIN OUR COMMUNITY Follow us for the latest on security policy management trends, tips & tricks, best practices, thought leadership, fun stuff, prizes and much more! Subscribe to our YouTube channel for a wide range of educational videos presented by Professor Wool youtube.com/user/AlgoSeclinkedin.com/company/AlgoSec facebook.com/AlgoSec twitter.com/AlgoSec www.AlgoSec.com/blog
  46. 46. THANK YOU! Questions can be emailed to marketing@algosec.com

×