The document discusses key considerations for selecting a network security policy management solution. It emphasizes the importance of intelligent automation throughout the workflow to streamline processes. An application-centric approach is also highlighted to better align security with business needs. When combining new automation technologies with existing processes, organizations should look to optimize workflows by reducing manual steps and introducing zero-touch automation where possible. Effective solutions also provide uniform management and visibility across hybrid environments involving cloud, SDN and on-premises infrastructure.

1. SELECTING THE RIGHT
SECURITY POLICY
MANAGEMENT SOLUTION
Kyle Wickert
AlgoSec Worldwide Strategic Architect

2. WELCOME
Have a question? Submit it via the chat
This webinar is being recorded!
Slides and recording will be sent to you after the webinar
2
marketing@algosec.com

3. 3
Intelligent
Automation –
It’s More Than
Just Defining
Policies
A Application-
Centric
Approach Sets
The Stage For
The Future
Managing A
Hybrid
Environment
Together – Cloud,
SDN, & On-
Premise
Using The Best Of
Existing Processes,
Combine With
New Automation
Techniques
SELECTING THE RIGHT SECURITY POLICY
MANAGEMENT SOLUTION
THE AGENDA

4. POLL #2:
IN REGARDS TO THE NETWORK SECURITY POLICY MANAGEMENT
SOLUTION, WHICH CATEGORY DO YOU SEE YOURSELF?
Please vote using the “Votes from Audience” tab in your BrightTALK panel
4
• This is my first time purchasing a Security Policy Management solution
• I’m looking to replace an existing solution
• I’m looking to expand my Network Security Policy Management solution
• My organization is expanding into the public or SDN and I’m looking to
understand more

5. 5
HIGH LEVEL…
WRITEUP….
Intelligent Automation – It’s More Than Just
Defining Policies

6.  Intelligent Automation is about connectivity fulfillment vs point
policy creation
INTELLIGENT AUTOMATION
• Intelligent Automation is about
intelligently enhancing & automating
time consuming security processes
• Much More Than “Create Rule On This
Device”:
• Algorithms augment human known-how
• Actionable & intelligent analysis added
throughout the workflow
• Policy-Push is just the tip of the iceberg!
6

7. INTELLIGENT AUTOMATION WORKFLOW
7
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify

8. INTELLIGENT AUTOMATION WORKFLOW
8
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
Leverage Traffic Simulation engine to
work across on-premise, SDN, and
cloud security controls to automatically
analyze traffic requests and discover
all devices and rules which need to be
changed!
Unnecessary ("already works")
changes should be instantly identified
and closed and requestors notified –
Real-world customers see 30% of
change requests automatically closed!

9. INTELLIGENT AUTOMATION WORKFLOW
9
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
Automatically assess every
proposed change – before it is
implemented – to ensure
compliance with regulatory and
corporate standards, and identify
any changes in risk levels. This
process should be proactive &
tailored to suit individual specific
compliance & enterprise security
standards

10. INTELLIGENT AUTOMATION WORKFLOW
10
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
Automatic & intelligent design of
technical implementation steps for
all requests, to ensure they are
designed in the most efficient
method possible avoiding future
policy cleanup efforts &
optimization challenges.
Automated implementation of
policy changes directly on the
device, cloud platform, or firewall
management platform, to save time
and remove manual errors

11. INTELLIGENT AUTOMATION WORKFLOW
11
Design Of Policy Should Be Aware Of Policy Hierarchy….
Intelligent design of
technical implementation
steps must factor in policy
complexities, including
awareness of policy
hierarchy, to correctly place
new policies

12. INTELLIGENT AUTOMATION WORKFLOW
12
Assume we wish to allow the following traffic:
The traffic is partially allowed, 1.1.1.1-2.2.2.2 is not allowed by any rule
Design of policies must
consider traffic which is
already permitted, which
enables improved design
considerations around
modification where needed

13. INTELLIGENT AUTOMATION WORKFLOW
Implementation
designs should
consider policy
structure, and
recommend policy
modifications, based
on Least Privileged
Access, where
suitable!

14. INTELLIGENT AUTOMATION WORKFLOW
14
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
Post-implementation peer-
review should be completely
automated, to further reduce
manual efforts. This ensures the
Network Analyst responsible for
the request implementation can
be confident the request was
implemented accurately. This
functionality is critical in
preventing the premature
closing of tickets & avoiding
defective policies being sent to
the business as completed

15. 15
HIGH LEVEL…
WRITE UP…
A Application-Centric Approach Sets The Stage
For The Future

16. POLL #2:
IS YOUR ORGANIZATION CONSIDERING AN APPLICATION-CENTRIC APPROACH
WHEN LOOKING AT A NETWORK SECURITY POLICY MANAGEMENT SOLUTION?
Please vote using the “Votes from Audience” tab in your BrightTALK panel
16
• No, not really
• Yes, but no defined time-frame
• Yes, within the next year
• Yes, within the next 3 years
• Yes, within the next 5 years

17.  Network Security Policy Management Solutions must cater to
enabling & transforming the business
BUSINESS-CENTRIC APPROACH
• A Business-Centric Approach should be
focused on aligning processes, with
business goals & mindset
• Application context weaved through
solution
• “Plain English” connectivity provisioning
• Breakdown communication walls between
teams
17

18. BUSINESS-CENTRIC APPROACH
Application Owners
Security
Network Operations

19. BUSINESS-CENTRIC APPROACH

20. BUSINESS-CENTRIC APPROACH

21. BUSINESS-CENTRIC APPROACH
Kyle, I duplicated this slide – it’s a placeholder for what you want to flush out

22. 22
HIGH LEVEL…
WRITE UP…
Using The Best Of Existing Processes, Combine
With New Automation Techniques

23.  Bottom line: WORDS
COMBINING AUTOMATION WITH EXISTING PROCESSES
• New automation technologies, should
be merged with existing process
• Avoid introduction of “manual steps” into
automation solutions
• Introduce zero-touch where possible, to
maximize value
• Streamline workflow by leveraging out-of-
box where possible
23

24. COMBINING AUTOMATION WITH EXISTING PROCESSES
• New automation
technologies, should
be merged with
existing process
• Avoid introduction of
“manual steps” into
automation solutions
• Introduce zero-touch
where possible, to
maximize value
• Streamline workflow
by leveraging out-of-
box where possible
24

25. COMBINING AUTOMATION WITH EXISTING PROCESSES
• Zero-Touch
25

26. COMBINING AUTOMATION WITH EXISTING PROCESSES
Existing
Change
Request/
Orchestration
Solution
Connectivity
Functional?
No
Yes Success

27. 27
HIGH LEVEL…
WRITE UP…
Managing A Hybrid Environment Together –
Cloud, SDN, & On-Premise

28.  Bottom line: WORDS
MANAGE HYBRID ENVIRONMENTS
• Hybrid Environments should be
managed uniformly & seamlessly
within existing processes
• Cloud Platforms visibility focused on
security control points
• SDN Platforms
• Single Pane of Glass visibility to the hybrid
datacenter & applications moving across
28

29. MANAGE HYBRID ENVIRONMENTS
• Hybrid Environments
should be managed
uniformly &
seamlessly within
existing processes
• Cloud Platforms
visibility focused on
security control points
• SDN Platforms
• Single Pane of Glass
visibility to the hybrid
datacenter &
applications moving
across
29
AWS Estate –
Cloud
EnvironmentOn Prem –
Physical Network
VPN Tunnel /
DirectConnect

30. SELECTING THE RIGHT
SECURITY POLICY
MANAGEMENT SOLUTION
Kyle Wickert
AlgoSec Worldwide Strategic Architect

31. WELCOME
Have a question? Submit it via the chat
This webinar is being recorded!
Slides and recording will be sent to you after the webinar
31
marketing@algosec.com

32. 32
Intelligent
Automation –
It’s More Than
Just Defining
Policies
A Application-
Centric
Approach Sets
The Stage For
The Future
Managing A
Hybrid
Environment
Together – Cloud,
SDN, & On-
Premise
Using The Best Of
Existing Processes,
Combine With
New Automation
Techniques
SELECTING THE RIGHT SECURITY POLICY
MANAGEMENT SOLUTION
THE AGENDA

33. POLL #2:
IN REGARDS TO THE NETWORK SECURITY POLICY MANAGEMENT
SOLUTION, WHICH CATEGORY DO YOU SEE YOURSELF?
Please vote using the “Votes from Audience” tab in your BrightTALK panel
33
• This is my first time purchasing a Security Policy Management solution
• I’m looking to replace an existing solution
• I’m looking to expand my Network Security Policy Management solution
• My organization is expanding into the public or SDN and I’m looking to
understand more

34. 34
Consider how a Security Policy
Management Solution introduces
intelligent automation into your
processes, to streamline decision making
& work effort!
Intelligent Automation – It’s More Than Just
Defining Policies

35.  Intelligent Automation is about connectivity fulfillment vs point
policy creation
INTELLIGENT AUTOMATION
• Intelligent Automation is about
intelligently enhancing & automating
time consuming security processes
• Much More Than “Create Rule On This
Device”:
• Algorithms augment human known-how
• Actionable & intelligent analysis added
throughout the workflow
• Policy-Push is just the tip of the iceberg!
35

36. INTELLIGENT AUTOMATION WORKFLOW
36
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify

37. INTELLIGENT AUTOMATION WORKFLOW
37
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
Leverage Traffic Simulation engine to
work across on-premise, SDN, and
cloud security controls to automatically
analyze traffic requests and discover
all devices and rules which need to be
changed!
Unnecessary ("already works")
changes should be instantly identified
and closed and requestors notified –
Real-world customers see 30% of
change requests automatically closed!

38. INTELLIGENT AUTOMATION WORKFLOW
38
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
Automatically assess every
proposed change – before it is
implemented – to ensure
compliance with regulatory and
corporate standards, and identify
any changes in risk levels. This
process should be proactive &
tailored to suit individual specific
compliance & enterprise security
standards

39. INTELLIGENT AUTOMATION WORKFLOW
39
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
Automatic & intelligent design of
technical implementation steps for
all requests, to ensure they are
designed in the most efficient
method possible avoiding future
policy cleanup efforts &
optimization challenges.
Automated implementation of
policy changes directly on the
device, cloud platform, or firewall
management platform, to save time
and remove manual errors

40. INTELLIGENT AUTOMATION WORKFLOW
40
Design Of Policy Should Be Aware Of Policy Hierarchy….
Intelligent design of
technical implementation
steps must factor in policy
complexities, including
awareness of policy
hierarchy, to correctly place
new policies

41. INTELLIGENT AUTOMATION WORKFLOW
41
Assume we wish to allow the following traffic:
The traffic is partially allowed, 1.1.1.1-2.2.2.2 is not allowed by any rule
Design of policies must
consider traffic which is
already permitted, which
enables improved design
considerations around
modification where needed

42. INTELLIGENT AUTOMATION WORKFLOW
Implementation
designs should
consider policy
structure, and
recommend policy
modifications, based
on Least Privileged
Access, where
suitable!

43. INTELLIGENT AUTOMATION WORKFLOW
43
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
Post-implementation peer-
review should be completely
automated, to further reduce
manual efforts. This ensures the
Network Analyst responsible for
the request implementation can
be confident the request was
implemented accurately. This
functionality is critical in
preventing the premature
closing of tickets & avoiding
defective policies being sent to
the business as completed

44. 44
Organizations world-wide are undergoing
massive digital transformation, and
moving forward IT must cater to the
business by driving change from
applications downward. It is imperative
any Security Policy Management Solution
supports this methodology!
A Application-Centric Approach Sets The Stage
For The Future

45. POLL #2:
IS YOUR ORGANIZATION CONSIDERING AN APPLICATION-CENTRIC APPROACH
WHEN LOOKING AT A NETWORK SECURITY POLICY MANAGEMENT SOLUTION?
Please vote using the “Votes from Audience” tab in your BrightTALK panel
45
• No, not really
• Yes, but no defined time-frame
• Yes, within the next year
• Yes, within the next 3 years
• Yes, within the next 5 years

46.  Network Security Policy Management Solutions must cater to
enabling & transforming the business
APPLICATION-CENTRIC APPROACH
• A Application-Centric Approach should
be focused on aligning processes, with
business goals & mindset
• Application context weaved through
solution
• “Plain English” connectivity provisioning
• Breakdown communication walls between
teams
46

47. APPLICATION-CENTRIC APPROACH
Application Owners
Security
Network Operations

48. APPLICATION-CENTRIC APPROACH
Application Owners

49. APPLICATION-CENTRIC APPROACH

50. 50
Many organizations maintain existing
network change processes which involve
manual steps & decision making. Injecting
these practices into a modern Security Policy
Management Solution can often slow
deployment. Organizations should take an
opportunity to take fresh look & optimize
processed, with automation “baked in”!
Using The Best Of Existing Processes, Combine
With New Automation Techniques

51.  LEVERAGING A COMBINATION TO EXISTING PROCESSES WITH
NEW AUTOMATION TECHNIQUES, IS KEY TO SUCCESS
COMBINING AUTOMATION WITH EXISTING PROCESSES
• New automation technologies, should
be merged with existing process
• Avoid introduction of “manual steps” into
automation solutions
• Introduce zero-touch where possible, to
maximize value
• Streamline workflow by leveraging out-of-
box where possible
51

52. COMBINING AUTOMATION WITH EXISTING PROCESSES
• Avoid introducing manual steps from legacy
processes, into a new automation solution!
• Streamline processes & leverage automation
to drive efficiencies for standard changes
52
Firewall Change
Coordinator
Network Review Security Review
Network
Implementation
Design
Firewall Change
Request CAB Board
Security Director
Approval
Network
Implementation
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
= Asynchronous Zero-Touch Enabled

53. COMBINING AUTOMATION WITH EXISTING PROCESSES
• Zero-Touch can be
leveraged to reduce
security approval
bottlenecks & speed
DevOps in specific
environments!
53
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
= Asynchronous Zero-Touch Enabled
IF <DEVICE> = DEV Automated Implementation!
IF <RISK> = NONE Automated Approval!

54. COMBINING AUTOMATION WITH EXISTING PROCESSES
Existing
Change
Request/
Orchestration
Solution
Connectivity
Functional?
No
Yes Success
• Leverage out-of-box
functionality to provide value
quickly!
• Traffic Simulation APIs
• Connectivity-As-Code for
DevOps

55. 55
While Cloud & SDN technologies drive
drastic change & offer new innovative
opportunities, the learning curve can be
steep. An effective Security Policy
Management Solution should offer
capabilities to smooth this curve & speed
adoption of these critical technologies!
Managing A Hybrid Environment Together –
Cloud, SDN, & On-Premise

56.  MAINTAINING UNIFORM CONTROL & VISBILITY ACROSS ALL
ENVIRONMENTS IS KEY
MANAGE HYBRID ENVIRONMENTS
• Hybrid Environments should be
managed uniformly & seamlessly
within existing processes
• Cloud Platforms visibility focused on
security control points
• SDN & Cloud integration should be
seamlessly integrated, to ease learning
curve
• Single Pane of Glass visibility to the hybrid
datacenter & applications
56

57. MANAGE HYBRID ENVIRONMENTS
• “Security Set” approach
should be use to manage
cloud environments
• Enhanced visibility into control
points
• Allows clearer understanding of
layer protection provided to
cloud assets
• Enables clear visibility in large
enterprise cloud estates
57

58. MANAGE HYBRID ENVIRONMENTS
58

59. MANAGE HYBRID ENVIRONMENTS
• SDN & Cloud visibility must easily integrate
into the NSPM solution, to make
engineering resources effective quickly
• A familiar experience can drastically speed
up adoption of cloud & SDN!
59

60. MANAGE HYBRID ENVIRONMENTS
• Hybrid Environments
spread across Cloud
& SDN, should be
easily visible &
integrated
• Traffic Simulation
capabilities should be
supported across
SDN, On-Premise, &
Cloud to support
complete
automation!
60
AWS Estate –
Cloud
EnvironmentOn Prem –
Physical Network
VPN Tunnel /
DirectConnect

61. Join our Online Community
Q&A
61
Send us your questions
Request a Free Evaluation:
marketing@algosec.com youtube.com/user/AlgoSec
linkedin.com/company/AlgoSec
facebook.com/AlgoSec
twitter.com/AlgoSec
www.AlgoSec.com/blog

62. SUMMARY
• Intelligent automation is about connectivity
fulfillment vs point policy creation
• Network security policy management solutions
must cater to enabling & transforming the
business
• Leveraging a combination to existing processes
with new automation techniques, is key to
success
• Maintaining uniform control & visbility across
all environments is key
62

63. White Paper
https://www.algosec.com/resources
Prof. Wool Video Courses
PPT SlidesSolution Brochure
63

64. 64
JOIN OUR COMMUNITY
Follow us for the latest on security policy management trends, tips & tricks,
best practices, thought leadership, fun stuff, prizes and much more!
Subscribe to our YouTube channel for a
wide range of educational videos
presented by Professor Wool
youtube.com/user/AlgoSeclinkedin.com/company/AlgoSec
facebook.com/AlgoSec
twitter.com/AlgoSec
www.AlgoSec.com/blog

65. THANK YOU!
Questions can be emailed to
marketing@algosec.com

66. THANK YOU!
Questions can be emailed to
marketing@algosec.com