Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewalls and Cloud Security Controls


Published on

In this webinar, Jonathan Gold Shalev, Senior Product Manager, will discuss how you to harness the power of Cisco ACI with a holistic, business-driven, security-management approach covering all the organization’s network security controls. Join this webinar to understand how to:

Gain visibility into the Cisco ACI security environment as part of the overall network security posture
Deliver applications fast by automating network-wide changes including changes to the ACI Fabric, and taking care of security controls with a zero-touch workflow
Assess and continuously assure the compliance of your ACI Fabric
Generate audit-ready regulatory compliance reports for the entire Cisco ACI Fabric along with the rest of your network

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewalls and Cloud Security Controls

  1. 1. Accelerate Application Deployment Across Your Cisco ACI Fabric On-Premise Firewalls and Cloud Security Controls Jonathan Gold-Shalev Senior Product Manager
  2. 2. Welcome Have a question? Submit it via the chat This webinar is being recorded! Slides and recording will be sent to you after the webinar 2
  3. 3. Agenda AlgoSec Overview Visibility to the ACI Contracts and EPGs Zero-touch application delivery across the hybrid network Continuous Risk and Compliance Assessment of the ACI Fabric How to reduce the scope of your audit and instantly generate audit-ready reports 3
  4. 4. AlgoSec enables companies to align security with their business processes Business-driven Agility Business-driven Visibility Business-driven Security BUSINESS DRIVEN SECURITY MANAGEMENT      4
  5. 5. Business-Driven Security Business-Driven Agility Business-Driven Network Security Policy Management Unified Visibility Across Cloud, SDN & On-Premise Enterprise Networks BUSINESS-DRIVEN SECURITY MANAGEMENT Use cases 5 Auditing & Compliance Risk Management Business Continuity Cloud Migration Change Management Incident Response DevOpsMicro- Segmentation Digital Transformation
  6. 6. The AlgoSec ecosystem Integrate Business Process For a complete list of supported devices visit Manage
  7. 7. • Thinking about it • Actively Testing • Moved to production in the last 6 months • In Production for more than 6 months POLL #1: Where are you with deploying ACI in Your Network? Please vote using the “Votes from Audience” tab in your BrightTALK panel 7
  8. 8. Visibility to the ACI Contracts 8
  9. 9. Solution architecture 9 Perimeter & Upstream FWs ACI Data Center Data Center FWs (L4-L7 services) • Visibility & Compliance • Automatic Provisioning • Business Applications
  10. 10. Visibility to the ACI Contracts (and more) Security Policy Visibility Across The Entire Network • Browse and filter the ACI Contracts • Understand whether the Contracts allow/block certain traffic • View alongside other security policies 10 Real Time Monitoring Of Changes • Application Profiles, Contracts, EPGs and Filters • React fast to out of band changes in underlying firewalls
  11. 11. Security Policy Visibility 11
  12. 12. Security Policy Visibility 12
  13. 13. Real-Time Change Monitoring 13
  14. 14. Real-Time Change Monitoring 14
  15. 15. Risk and Compliance Assessment 15
  16. 16. • Continuous visibility to the network risk posture of your ACI fabric • Group reporting for the security posture of the entire network • Based on the organization’s Risk Profile • Regulatory Compliance (e.g., PCI, GDPR) • C-Level charts and dashboards • What-if risk analysis to avoid new risks during change management Risk and compliance Assessment 16
  17. 17. ACI Tenant Report 17
  18. 18. Risk Assessment 18
  19. 19. Risk Assessment 19
  20. 20. Regulatory Compliance 20
  21. 21. Group Reporting 21
  22. 22. C-Level Reporting – Risk Level Over Time 22
  23. 23. Zero-touch application delivery across the hybrid network 23
  24. 24. • We are still not in production • 5-10 changes a month • 5-10 changes a week • More than tens per week POLL #2: How Frequently do you change ACI contracts? Please vote using the “Votes from Audience” tab in your BrightTALK panel 24
  25. 25. • Business application owners discover and define the application flows • Instant visibility whether or not each flow is allowed in the network • Change requests submitted in simple flow language • Change requests are translated to network language • Go through a zero-touch and fully-audited workflow until implemented • Application discovery, definition and change are all available via APIs Application Connectivity Management 25 Security Is No Longer A Bottleneck!
  26. 26. Application Connectivity Visibility 26
  27. 27. • Automatic detection of security controls requiring change • Proactive what-if risk analysis for every request • Automatic generation of Implementation instructions • Automatic push of the recommended changes to the security controls • Validation - the traffic is allowed and properly implemented • Full audit of every step of the workflow • Security is no longer a bottleneck Zero-Touch Fully-Audited Workflow 27
  28. 28. Application Connectivity Visibility 28
  29. 29. Changing a Flow in an Application 29
  30. 30. Changing a Flow in an Application 30
  31. 31. Identifying the Devices Requiring Change 31
  32. 32. Traffic Simulation Results 32
  33. 33. What-If Risk Analysis 33
  34. 34. Implementation 34
  35. 35. 35 Zero-Touch • Application creation / change is available via APIs • The change workflow can run zero-touch • Fully customizable to define exceptions • Certain devices require manual approval • Certain risk levels need manager approval • And many more • Fully integrated with DevOps solutions for rapid application delivery
  36. 36. Cisco aci app center The AlgoSec App 36
  37. 37. AlgoSec’s Connectivity and Compliance App 37 Instant visibility to the ACI PCI compliance level Verification that a contract is allowed throughout the network In case it is not – easily submit a change request to allow it Instant visibility to the ACI risk level 01 03 0402
  38. 38. 38
  39. 39. Q & A Request a Demo, or send your questions to:
  40. 40. summary • Visibility to the ACI Contracts and EPGs • Continuous Risk and Compliance Assessment of the ACI Fabric • Zero-touch application delivery across the hybrid network • ACI App Center - the AlgoSec App 40
  41. 41. Blog Posts Joint Solution Prof. Wool Video Courses PPT Slides • … 41 Datasheets
  42. 42. UPCOMING EVENTS 42 SEPTEMBER & OCTOBER WEBINARS ALGOSUMMIT AMERICAS OCT 15-18 The premier event for AlgoSec customers and channel partners • Sept 17 – Selecting the Right Security Policy Management Solutions (Kyle Wickert, Worldwide Strategic Architect) • Oct 11 – Automated Security Policy Management Allows Financial Institutions to make the Triple Play (Asher Benbenisty, Director of Product Marketing) • Oct 25 – Managing Effective Security Policies Across Hybrid and Multi-Cloud Environments (Yitzy Tannenbaum, Product Marketing Manager)
  43. 43. 43 Join our community Follow us for the latest on security policy management trends, tips & tricks, best practices, thought leadership, fun stuff, prizes and much more! Subscribe to our YouTube channel for a wide range of educational videos presented by Professor Wool c
  44. 44. THANK YOU! Questions can be emailed to