Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Webinar: How automation can transform the way you manage your network security policy final

1,107 views

Published on

Making security policy changes manually is a slow, laborious process which is fraught with risks; it can take several days—sometimes weeks—to process a single change in a complex enterprise environment. When hundreds of changes are required each month, it can be an impossible task!

In this webinar, Yonatan Klein, Director of Product Management at AlgoSec, will discuss how automation can take your security policy management to the next level; delivering the most stringent security change management and control processes, while providing visibility and helping to maximize business agility across your disparate, ever-changing, hybrid cloud enterprise network.

Join the webinar to learn how you can use automation to:

• Discover and map application connectivity to centralize and optimize security policy management
• Migrate application connectivity across data centers, to the cloud, and throughout the DevOps lifecycle
• Ensure your disaster recovery processes for firewalls are secure and up-to-date
• Take an application-centric approach to simplifying firewall rule recertification processes

Attend this webinar to discover how you can reduce the time and effort you spend on managing security, while keeping your all your stakeholders happy – network and security operations teams, application owners, and even C-level executives.

Published in: Technology
  • Be the first to comment

Webinar: How automation can transform the way you manage your network security policy final

  1. 1. Network Security Policy Management Automation for Transformation Yonatan Klein, Director Product Management
  2. 2. WHAT WE’LL COVER TODAY Managing Network Connectivity throughout the application lifecycle Managing Disaster Recovery – automatically and securely 01 02 03 Mapping rules and flows to business processes and applications Making rule recertification an efficient, application-centric process04 Summary and Q&A05 2
  3. 3. WHAT IS NETWORK SECURITY POLICY MANAGEMENT 3 | Confidential
  4. 4. 4 | Confidential GETTING STARTED WITH NETWORK SECURITY POLICY MANAGEMENT: Map applications and connectivity needs
  5. 5. MAP YOUR DATA-CENTER ASSETS: GETTING A SINGLE SOURCE OF TRUTH • CMDB? • Excel Spreadsheet? • Firewall Rules? 5 | Confidential
  6. 6. APPLICATION & CONNECTIVITY AUTO-DISCOVERY 6 | Confidential • Various sources: network mirroring, PCAP files, NetFlow, sFlow Network sensing • Determine hosts • Determine active flows Analyze network traffic • Smart heuristics to identify web services, data bases, applications • Application identity “hints” Identify business applications
  7. 7. THE MAPPED BUSINESS APPLICATIONS 7 | Confidential
  8. 8. DISCOVERED APPLICATIONS 8 | Confidential
  9. 9. DISCOVERED APPLICATION FLOWS 9 | Confidential
  10. 10. OPTIMIZED FLOWS 10 | Confidential
  11. 11. APPLICATION AND CONNECTIVITY DISCOVERY Manual Process Reliable, complete single source of truth? Otherwise manual process to identify each host and flow Manage information in excel ? With Automation Flows identified automatically Heuristics and hints help identify matching applications Integrated into Algosec BusinessFlow AlgoSec BusinessFlow manages application information and corresponding flows and network rules 11 | Confidential Connectivity needs identified, optimized
  12. 12. 12 | Confidential APPLICATION MIGRATION - AUTOMATED
  13. 13. APPLICATION MIGRATION Data center migration 13 | Confidential App migration to the public cloud App migration between data centers Consolidation due to M&A Application lifecycle: Test -> Pre-Production -> Production
  14. 14. Which Application Migration Projects Are You Undertaking In Your Organization? • Data Center Migration • Application Migrations To The Public Cloud • Application Migrations Between Data Centers • Application Life-cycle (e.g. Dev/Test->Pre-Prod->Prod) • Other POLL Please vote using the “votes from audience” tab in your BrightTALK panel 14
  15. 15. APP. MIGRATION AUTOMATED WORKFLOW 15 | Confidential Create a migration workflow Map source to target IPs Evaluate potential vulnerability and risk impact Apply the changes 01 02 03 04 Migration Done! 05 App Decomission Workflow Mark flow to decomission ABF automatically validates no impact on other apps Apply the changes Decommission Done! 01 02 03 04 05
  16. 16. CALCULATE REQUIRED FLOW CHANGES 16 | Confidential
  17. 17. AUTOMATICALLY IDENTIFY DEVICES IN PATH
  18. 18. PROJECT DASHBOARD 18 | Confidential
  19. 19. APPLICATION MIGRATION 19 | Confidential Manual Process Find all flows related to application Locate all effected firewalls Find all relevant rules With Automation Start a migration workflow - Match source network object with target Execute changes: create new flows Execute changes: decommission old flows Change management process for new rules Repeat process for old rule decommission
  20. 20. 20 | Confidential DISASTER RECOVERY DEVICE PAIRS
  21. 21. DISASTER RECOVERY DEVICES / PATHS • Firewalls may be deployed in a geographic redundancy model to ensure reliable and secure connectivity. • For devices without a central management system, maintaining the pair synced is a real challenge • AlgoSec allows you to define DR-Sets: groups of devices that must always share the same policy • Maintain consistency without any manual work and human errors 21| Confidential CM RA1 Device A Geographical distribution architecture Device B
  22. 22. DR SETS – HOW IT LOOKS 22 | Confidential
  23. 23. 23 | Confidential APPLICATION-CENTRIC RULE RE-CERTIFICATION
  24. 24. How many times a year do you recertify your firewall rules? • On a project basis • Once a year • Twice a year • Once every 2 years • Other POLL Please vote using the “votes from audience” tab in your BrightTALK panel 24 1.On a project basis
  25. 25. WHY FIREWALL RULES BECOME REDUNDANT An application is decommissioned An application is upgraded and uses different services/ ports An endpoint is moved to a different datacenter Decommissioning of outdated rules is best practice: • Security: reduce attack surface and risk • Compliance: periodic reviews are mandated
  26. 26. 26 | Confidential TRADITIONAL METHODOLOGY REVIEW the firewall logs and determine when the rule was last used READ the comments to see who requested the rule and which application it serves VALIDATE that the application is not in use with the relevant contact REMOVE the rule or extend the expiration date
  27. 27. FIREWALL RULE BASE
  28. 28. AN APPLICATION CENTRIC APPROACH 28 | Confidential
  29. 29. AN APPLICATION CENTRIC APPROACH 29 | Confidential Application Telepresence has expired Telepresence Dear Yonatan,
  30. 30. AN APPLICATION CENTRIC APPROACH 30 | Confidential
  31. 31. RULE DECOMMISSIONING Manual Process Manage each rule separately Bombarded by rule recertification notifications Problematic to track rules to originating purpose With Automation Business application expiration date Timely configured notification – per application Single click to decommission or extend expiration date
  32. 32. SUMMARY • Identifying assets and their connectivity is not trivial • Auto-discovery is key for informed connectivity management • Network security operations are complex • Automation helps meet customers needs and ensures a secure network • A high-end solution is designed to automate key use-cases with business- centric security policy management capabilities • Example for common use-cases managed by Algosec: • Firewall devices in DR mode • Application life-cycle and migration • Application-centric approach to rule recertification 32 | Confidential
  33. 33. MORE RESOURCES www.algosec.com/resources WHITEPAPERS DATASHEET 33
  34. 34. Thank you! Questions can be emailed to marketing@algosec.com

×