In this webinar, Dania Ben Peretz, Product Manager at AlgoSec, shows you how to:
Automate your network security policy changes without breaking core network connectivity
Analyze and recommend changes to your network security policies
Push network security policy changes with zero-touch automation to your multi-vendor security devices
Maximize the ROI of your existing security controls by automatically analyzing, validating, and implementing network security policy changes – all while seamlessly integrating with your existing business processes
10. USING ALGOSEC CHANGE AUTOMATION
• Vendor-specific decisions – choose policy, zones, ACLs, objects
• Implement in an optimal way (avoid rule/object duplications)
• Enforce naming conventions and best practices
11. Operational
Framework Layer
Security LayerFirewalls Routers Web
Proxies
Load
Balancers
Security
Groups
Integration
Vulnerability
ScannersTicketing
Systems
GRC
Systems SIEM/SOAR
Systems
NETWORK SECURITY LOOKOUT
Application
Framework Layer
Integration
Authentication
Authorization
NetFlow
Source
Chat PlatformsBusiness
Applications
12. AUTOMATIC CHANGES AS
RESPONSE TO EVENTS
A serveris flagged as exposedto an attack
Fast impactanalysisandisolation arerequired
INTRODUCING:
ALGOSEC PLUGIN FOR YOUR SIEM SYSTEM
Get instant visibility into applicationsimpacted by this server
Immediately initiate isolation of the exposed server
Continue using the SIEM system interface
12
13. BUSINESS APPLICATIONS IMPACTED BY INCIDENT
• Critical application?
(priority, business impact)
• Firewalls in path for
internet connectivity
13
14. REMEDIATION – AUTOMATE SERVER ISOLATION
Change request to drop traffic
to/from infected server
14
15. Operational
Framework Layer
Security LayerFirewalls Routers Web
Proxies
Load
Balancers
Security
Groups
Integration
Vulnerability
ScannersTicketing
Systems
GRC
Systems SIEM/SOAR
Systems
NETWORK SECURITY LOOKOUT
Application
Framework Layer
Integration
Authentication
Authorization
NetFlow
Source
Chat PlatformsBusiness
Applications
17. Operational
Framework Layer
Security LayerFirewalls Routers Web
Proxies
Load
Balancers
Security
Groups
Integration
Vulnerability
ScannersTicketing
Systems
GRC
Systems SIEM/SOAR
Systems
NETWORK SECURITY LOOKOUT
Application
Framework Layer
Integration
Authentication
Authorization
NetFlow
Source
Chat PlatformsBusiness
Applications
18. APP FATIGUE
Too many applications
Need a single place to turn to
ChatOps model wasproven efficient!
19. NotificationSystems
Client runs a plugin/script to
execute it within the chatroom
RealHumanUsers Various Chatbots
WHAT DOES A CHATOPS ENVIRONMENT LOOK LIKE?
22. Operational
Framework Layer
Security LayerFirewalls Routers Web
Proxies
Load
Balancers
Security
Groups
Integration
Vulnerability
ScannersTicketing
Systems
GRC
Systems SIEM/SOAR
Systems
NETWORK SECURITY LOOKOUT
Application
Framework Layer
Integration
Authentication
Authorization
NetFlow
Source
Chat PlatformsBusiness
Applications
23. • Get vulnerability per IP
• Get specification of each vulnerability
• Detect if any business application is also vulnerable as a result
• Apply changes to application so it won’t expose it to possible
attacks accordingly
• Detect if current firewall’s policy exposes traffic to possible attacks
• Apply changes to risky rules that were detected as vulnerable
VULNERABILITIES IN BOTH APPLICATION AND
FIREWALLS RULE LEVEL
AppViz
Firewall
Analyzer
Vulnerability
Scanners
31. TO RECAP - ALGOSEC ECOSYSTEM
ACI
Integrate
Business Process
Manage
32. ConnectwithAlgoSec
Where YouAre
Q&A
32
Send us your questions
Request a Free Evaluation:
marketing@algosec.com youtube.com/user/AlgoSec
linkedin.com/company/AlgoSec
facebook.com/AlgoSec
twitter.com/AlgoSec
www.AlgoSec.com/blog