Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment


Published on

Enterprises are not only migrating applications to the cloud from on-premise data centers, but they are developing multi-cloud strategies to take advantage of availability and cost structures as well as to avoid vendor lock-in. In fact, IDC has predicted that more than 85% of IT organizations will commit to multi-cloud architectures already by the end of this year.

In complex, multi-cloud and hybrid environments, security teams need to understand which network flows and security controls impact application connectivity, including cloud-specific security controls (Network ACL and security groups) as well as virtual and physical firewalls that protect cloud resources. They need to manage policies that maintain their compliance posture across multiple clouds and hybrid environments.

In this webinar, Yitzy Tannenbaum, Product Marketing Manager at AlgoSec, will illuminate security-policy issues in multi-cloud and hybrid environments and show you how to achieve:
• Visibility across the multi-cloud network topology to ensure deployment of security controls that support network-segmentation architecture
• Uniform security policy across complex multi-cloud and hybrid environments
• Automatic monitoring of multi-cloud and hybrid network-security configuration changes to analyze and
assess risk and to avoid compliance violations
• Instant generation of audit-ready reports for major regulations, including PCI, HIPAA, SOX and NERC, in the context of multi-cloud environments
• Automatic provisioning of application connectivity flows across a variety of security controls in hybrid environments

Published in: Software
  • Be the first to comment

Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment

  1. 1. Managing Security Policy Across Multi-Cloud and Hybrid Cloud Networks Yitzy Tannenbaum Product Marketing Manager
  2. 2. poll 2 | Confidential How many public cloud vendors does your organization leverage? • We are not yet in the cloud yet • 1 vendor • 2 vendors • 3 or more vendors While we wait for our audience to join please vote using the “Votes” tab in your BrightTALK panel
  3. 3. Welcome Have a question? Submit it via the chat This webinar is being recorded! Slides and recording will be sent to you after the webinar 3
  4. 4. Everyone’s moving to the cloud 4 | Confidential 2015 2016 2017 2018 2019 2020 050100150200 67 82 99 117 138 162 The Rapid Growth of Cloud Computing, 2015-2020 Worldwide Spending on public Cloud Computing, 2015-2020 ($B) Average Compound Growth Rate, YE2015-YE2020, 19% IT Spending Average Compound Growth Rate, YE2015-YE2020, 3% * Source: IDC, 2016 83% Of Enterprise Workloads Will Be In The Cloud By2020 - Forbes
  5. 5. Nearly 80% of IT organizations are currently deploying, or are planning to implement, multi-cloud environments. -IDC 01 Nearly a third of organizations work with three to four cloud vendors. - Microsoft 02 5 | Confidential
  6. 6. Cost efficient Different unique features Avoid lock in Why multi cloud? 6 | Confidential
  7. 7. poll 7 | Confidential What are the biggest challenges for your organization engaging with public cloud today? • Security • Governance & compliance • Lack of visibility • Lack of experience Please vote using the “Votes” tab in your BrightTALK panel
  8. 8. Cybersecurity Insiders 2018 Cloud Security Report Everyone’s concerned about cloud security 8 Public Cloud Challenges What are the biggest challenges for organizations engaged with public cloud today? (Somewhat/Extremely large) UnplannedOutages 0% 10% 20% 30% 40% 50% 60% 70% 31% 37% 40% 47% 57% 58% 60% 66% * Source: Forbes
  9. 9. Network are complex and heterogeneous 9 | Confidential SDN Multi Public Clouds On-Prem
  10. 10. MANAGING SECURITY IN THE CLOUD IS COMPLEX MULTIPLE LAYERS OF SECURITY CONTROLS Cloud Infra Security Controls • Security groups • Network ACLS Security Products by ISVs • NG Firewalls (Checkpoint, Palo- Alto .. ) • WAF (Imperva, F5 .. ) 10 Security Products by Cloud Providers
  11. 11. In a multi and hybrid network there are many stakeholders 11 | Confidential Multiple Stake Holders Cloud Teams IT/ Network Security CISO Security Operations Application Developers / DevOps
  12. 12. Which team is responsible for managing security in the public cloud 12 | Confidential
  13. 13. IT leaders report needing to increase their security staff by 24% to adequately manage their organization’s security threats. –McAfee ‘Winning the Game’ 01 80% of organizations affected by cyber security skills gap -2018 Cyberthreat Defense Report 02 13 | Confidential
  14. 14. | Confidential Unified control of your entire network estate 14
  15. 15. The challenges managing a hybrid multi cloud environment Visibility Change Management Risk analysis ComplianceGovernanceApplication Connectivity 15
  16. 16. Visibility Full visibility into the entire network including deeply understanding the network topology and discovering the network flows between: • Multi-cloud environments • Vpcs and v-nets • Regions of same cloud providers • On-premise and cloud providers • The cloud environment and the internet • Traditional firewall in the cloud • Native cloud controls (Microsoft Azure NSGs) • On-premise devices
  17. 17. A single pane of glass into your entire network 17 | Confidential Native Cloud Security Models Virtual appliance in the cloud Traditional FW
  18. 18. 18 | Confidential
  19. 19. Security Fundamentals Stay the Same Visibility Change Management Risk analysis ComplianceGovernanceApplication Connectivity 19
  20. 20. Change Management
  21. 21. ? 22
  22. 22. ?
  23. 23. Security Fundamentals Stay the Same Visibility Change Management Risk analysis ComplianceGovernanceApplication Connectivity 24
  24. 24. application connectivity • Manage, provision and monitor application connectivity • Keeping an application- centric view across the different networks and security domains • Review vulnerabilities and risks • Enable devops automation through extensive APIs
  25. 25. Security Fundamentals Stay the Same Visibility Change Management Risk analysis ComplianceGovernanceApplication Connectivity 26
  26. 26. Risk analysis
  27. 27. Security Fundamentals Stay the Same Visibility Change Management Risk analysis ComplianceGovernanceApplication Connectivity 28
  28. 28. Unified Compliance Reports
  29. 29. poll 30 | Confidential How much of your time is invested in audits? • Less than a week • 1-2 weeks • 2-4 weeks • 1-2 months • 2+ months !!! Please vote using the “Votes” tab in your BrightTALK panel
  30. 30. Manual Audits Slow Down Business and are Error-Prone 26% 29% 27% 12% 6% <1 week 1-2 weeks 2-4 weeks 1-2 months 2+ months Time devoted to firewall audits each year 31
  31. 31. ?
  32. 32. ?
  33. 33. summary • Networks are complex: • Multiple cloud vendors • On-prem, private and public cloud • Multiple stake-holders • Easy to achieve agility, harder to keep it secure • Visibility • Change management • Application connectivity • Risk analysis • Compliance • You can apply your security guidelines in the cloud if you choose the right tools 34
  34. 34. Q & A You are also welcome to request a demo and email questions
  36. 36. upcoming webinars NOVEMBER WEBINARS Breaking Out of the Perimeter without Breaking Security When: Nov 6th By: Yonatan Klein, Director of Product Management Have it All: Achieving Agility and Security with Automation When: Nov 19th By: Yoni Geva, Product Manager DECEMBER WEBINARS Focus on FinTech: Network Security Policy Management Best Practices When: Dec 12th By: Anner Kushnir, VP Technology Network Security Policy Management: Tips & Tricks When: Dec 17th By: Dania Peretz, Product Manager ---Sign up now ---
  37. 37. 38 Join our community Follow us for the latest on security policy management trends, tips & tricks, best practices, thought leadership, fun stuff, prizes and much more! Subscribe to our YouTube channel for a wide range of educational videos presented by Professor Wool c
  38. 38. THANK YOU! Questions can be emailed to