Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

automated network security policy changes for speed and compliance

402 views

Published on

In this webinar, Asher Benbenisty, Director of Product Marketing at AlgoSec, will show how even the most complex security policies can be updated automatically and coherently across the network without introducing new problems. Webinar participants will learn how to achieve:

Powerful and convenient policy automation without human intervention
Rapid application delivery that improves business agility
Reduced risk while updating network security policies

Published in: Software
  • Be the first to comment

  • Be the first to like this

automated network security policy changes for speed and compliance

  1. 1. AUTOMATED NETWORK SECURITY POLICY CHANGES FOR SPEED AND COMPLIANCE Asher Benbenisty Director of Product Marketing Miki Weiser Director of Digital Marketing
  2. 2. WELCOME Have a question? Submit it via the chat This webinar is being recorded! Slides and recording will be sent to you after the webinar 2
  3. 3. JACK – CISO AT A BIG RETAILER
  4. 4. JACK’S CHALLENGES NETWORK SECURITY COMPLEXITY CHANGES TO THE NETWORK SECURITY HACKER ATTACKS
  5. 5. THE STATE OF JACK’S NETWORK ON-PREMISE
  6. 6. RUN FASTER! Constant demand for better business agility Deliver in minutes/hours, not weeks/months Technology enablers Continuous Integration/ Deployment, DevOps Virtualization Cloud, Software Defined Networking (SDN)
  7. 7. PROTECT YOUR NETWORK BETTER! • Attacks and breaches are constantly on the rise, and getting more sophisticated • Security must be stronger and tighter • Otherwise, you can expect • Service outages • Critical data leakage • Audits will fail • Your name in the news • Lack of enablers for Network Security
  8. 8. Which challenge is most prominent in your organization? • Network complexity • Increased number of change requests coming from business units • Increase in hacker attempts • Lack of technology enablers for the network security team Please vote using the “Votes from Audience” tab in your BrightTALK panel
  9. 9. STANDARDIZE & AUTOMATE • Standardize your network security change process • Keep an audit trial of the change process • Automate the change process
  10. 10. STANDARDIZE YOUR CHANGE PROCESS Request a network change Map devices in path Check for risks involved Plan the rules Implement the change on the devices Validate the change
  11. 11. MAP DEVICES IN PATH Find which security devices are in the path and are blocking the requested traffic • Firewall policies • Router ACLs • SDN segmentation • Cloud security groups
  12. 12. CHECK FOR RISKS INVOLVED • Define allowed connectivity between zones • Whatever is not pre-approved should raise a risk
  13. 13. PLAN THE RULES • Vendor-specific decisions – choose policy, zones, ACLs, objects • Implement optimally (avoid rule/object duplications) • Enforce naming conventions and best practices
  14. 14. IMPLEMENT THE CHANGE ON THE DEVICES • Push change to device management (via APIs) or directly to the device (CLI), as available REST API
  15. 15. VALIDATE THE CHANGE Verify that the change was implemented successfully and that the requested traffic is now allowed
  16. 16. STANDARDIZE & AUTOMATE • Standardize your network security change process • Keep an audit trail of the change process • Automate the change process
  17. 17. DOCUMENTATION AND LOGGING • Full audit trail • Including human approvals • Compliance and audits • Troubleshooting • Ability to undo changes
  18. 18. STANDARDIZE & AUTOMATE • Standardize your network security change process • Keep an audit trial of the change process • Automate the change process
  19. 19. AUTOMATION Automate every step along the change process • Enable zero-touch changes within minutes – business agility • Save time even when human intervention is required • Avoid typos and mistakes • Full and accurate documentation (for audit, undo change)
  20. 20. In the network security world, what do you find most difficult to achieve ? • Standardization of the change process • Full documentation of the change process • Automation of the change process Please vote using the “votes from audience” tab in your BrightTALK panel
  21. 21. GETTING STARTED
  22. 22. DEFINE YOUR SECURITY POLICY • Segmentation • Low risk • Specific environments, business applications, firewalls, requestors • Compliance with organization policy • Compliance with regulatory standards
  23. 23. TRUST DOES NOT COME IN A DAY • Start with more control • Gradually increase degree of automation • Share quantitative data with all stakeholders • Monitor and fine-tune
  24. 24. FINE-TUNING • Study statistics • What percentage of changes required human intervention? • Why? • How many SLA breaches? • Consider widening pre-approved policy, if needed Change Requests
  25. 25. SUMMARY 25 • Today, network security teams are facing 3 main challenges: • Network complexity • Need to perform rapid changes • Increased sophistication and numbers of hacker attacks • Standardization & automation of the change cycle help Jack (and you) overcome the hurdles
  26. 26. MORE RESOURCES 26 www.algosec.com/resources WHITEPAPERS DATASHEET GARTNER WEBINAR PPT PROF. WOOL COURSE
  27. 27. Q & A
  28. 28. https://www.algosec.com/webinars
  29. 29. Join us October 15-18, Jersey City The premier event for AlgoSec customers and channel partners For more info: https://www.algosec.com/algosummit/
  30. 30. THANK YOU! marketing@algosec.com Asher Benbenisty Director of Product Marketing Miki Weiser Director of Digital Marketing

×