SELECTING THE RIGHT
SECURITY POLICY
MANAGEMENT SOLUTION
Kyle Wickert
AlgoSec Worldwide Strategic Architect
WELCOME
Have a question? Submit it via the chat
This webinar is being recorded!
Slides and recording will be sent to you after the webinar
2
marketing@algosec.com
3
Intelligent
Automation –
It’s More Than
Just Defining
Policies
A Application-
Centric
Approach Sets
The Stage For
The Future
Managing A
Hybrid
Environment
Together – Cloud,
SDN, & On-
Premise
Using The Best Of
Existing Processes,
Combine With
New Automation
Techniques
SELECTING THE RIGHT SECURITY POLICY
MANAGEMENT SOLUTION
THE AGENDA
POLL #2:
IN REGARDS TO THE NETWORK SECURITY POLICY MANAGEMENT
SOLUTION, WHICH CATEGORY DO YOU SEE YOURSELF?
Please vote using the “Votes from Audience” tab in your BrightTALK panel
4
• This is my first time purchasing a Security Policy Management solution
• I’m looking to replace an existing solution
• I’m looking to expand my Network Security Policy Management solution
• My organization is expanding into the public or SDN and I’m looking to
understand more
5
HIGH LEVEL…
WRITEUP….
Intelligent Automation – It’s More Than Just
Defining Policies
 Intelligent Automation is about connectivity fulfillment vs point
policy creation
INTELLIGENT AUTOMATION
• Intelligent Automation is about
intelligently enhancing & automating
time consuming security processes
• Much More Than “Create Rule On This
Device”:
• Algorithms augment human known-how
• Actionable & intelligent analysis added
throughout the workflow
• Policy-Push is just the tip of the iceberg!
6
INTELLIGENT AUTOMATION WORKFLOW
7
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
INTELLIGENT AUTOMATION WORKFLOW
8
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
Leverage Traffic Simulation engine to
work across on-premise, SDN, and
cloud security controls to automatically
analyze traffic requests and discover
all devices and rules which need to be
changed!
Unnecessary ("already works")
changes should be instantly identified
and closed and requestors notified –
Real-world customers see 30% of
change requests automatically closed!
INTELLIGENT AUTOMATION WORKFLOW
9
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
Automatically assess every
proposed change – before it is
implemented – to ensure
compliance with regulatory and
corporate standards, and identify
any changes in risk levels. This
process should be proactive &
tailored to suit individual specific
compliance & enterprise security
standards
INTELLIGENT AUTOMATION WORKFLOW
10
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
Automatic & intelligent design of
technical implementation steps for
all requests, to ensure they are
designed in the most efficient
method possible avoiding future
policy cleanup efforts &
optimization challenges.
Automated implementation of
policy changes directly on the
device, cloud platform, or firewall
management platform, to save time
and remove manual errors
INTELLIGENT AUTOMATION WORKFLOW
11
Design Of Policy Should Be Aware Of Policy Hierarchy….
Intelligent design of
technical implementation
steps must factor in policy
complexities, including
awareness of policy
hierarchy, to correctly place
new policies
INTELLIGENT AUTOMATION WORKFLOW
12
Assume we wish to allow the following traffic:
The traffic is partially allowed, 1.1.1.1-2.2.2.2 is not allowed by any rule
Design of policies must
consider traffic which is
already permitted, which
enables improved design
considerations around
modification where needed
INTELLIGENT AUTOMATION WORKFLOW
Implementation
designs should
consider policy
structure, and
recommend policy
modifications, based
on Least Privileged
Access, where
suitable!
INTELLIGENT AUTOMATION WORKFLOW
14
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
Post-implementation peer-
review should be completely
automated, to further reduce
manual efforts. This ensures the
Network Analyst responsible for
the request implementation can
be confident the request was
implemented accurately. This
functionality is critical in
preventing the premature
closing of tickets & avoiding
defective policies being sent to
the business as completed
15
HIGH LEVEL…
WRITE UP…
A Application-Centric Approach Sets The Stage
For The Future
POLL #2:
IS YOUR ORGANIZATION CONSIDERING AN APPLICATION-CENTRIC APPROACH
WHEN LOOKING AT A NETWORK SECURITY POLICY MANAGEMENT SOLUTION?
Please vote using the “Votes from Audience” tab in your BrightTALK panel
16
• No, not really
• Yes, but no defined time-frame
• Yes, within the next year
• Yes, within the next 3 years
• Yes, within the next 5 years
 Network Security Policy Management Solutions must cater to
enabling & transforming the business
BUSINESS-CENTRIC APPROACH
• A Business-Centric Approach should be
focused on aligning processes, with
business goals & mindset
• Application context weaved through
solution
• “Plain English” connectivity provisioning
• Breakdown communication walls between
teams
17
BUSINESS-CENTRIC APPROACH
Application Owners
Security
Network Operations
BUSINESS-CENTRIC APPROACH
BUSINESS-CENTRIC APPROACH
BUSINESS-CENTRIC APPROACH
Kyle, I duplicated this slide – it’s a placeholder for what you want to flush out
22
HIGH LEVEL…
WRITE UP…
Using The Best Of Existing Processes, Combine
With New Automation Techniques
 Bottom line: WORDS
COMBINING AUTOMATION WITH EXISTING PROCESSES
• New automation technologies, should
be merged with existing process
• Avoid introduction of “manual steps” into
automation solutions
• Introduce zero-touch where possible, to
maximize value
• Streamline workflow by leveraging out-of-
box where possible
23
COMBINING AUTOMATION WITH EXISTING PROCESSES
• New automation
technologies, should
be merged with
existing process
• Avoid introduction of
“manual steps” into
automation solutions
• Introduce zero-touch
where possible, to
maximize value
• Streamline workflow
by leveraging out-of-
box where possible
24
COMBINING AUTOMATION WITH EXISTING PROCESSES
• Zero-Touch
25
COMBINING AUTOMATION WITH EXISTING PROCESSES
Existing
Change
Request/
Orchestration
Solution
Connectivity
Functional?
No
Yes Success
27
HIGH LEVEL…
WRITE UP…
Managing A Hybrid Environment Together –
Cloud, SDN, & On-Premise
 Bottom line: WORDS
MANAGE HYBRID ENVIRONMENTS
• Hybrid Environments should be
managed uniformly & seamlessly
within existing processes
• Cloud Platforms visibility focused on
security control points
• SDN Platforms
• Single Pane of Glass visibility to the hybrid
datacenter & applications moving across
28
MANAGE HYBRID ENVIRONMENTS
• Hybrid Environments
should be managed
uniformly &
seamlessly within
existing processes
• Cloud Platforms
visibility focused on
security control points
• SDN Platforms
• Single Pane of Glass
visibility to the hybrid
datacenter &
applications moving
across
29
AWS Estate –
Cloud
EnvironmentOn Prem –
Physical Network
VPN Tunnel /
DirectConnect
SELECTING THE RIGHT
SECURITY POLICY
MANAGEMENT SOLUTION
Kyle Wickert
AlgoSec Worldwide Strategic Architect
WELCOME
Have a question? Submit it via the chat
This webinar is being recorded!
Slides and recording will be sent to you after the webinar
31
marketing@algosec.com
32
Intelligent
Automation –
It’s More Than
Just Defining
Policies
A Application-
Centric
Approach Sets
The Stage For
The Future
Managing A
Hybrid
Environment
Together – Cloud,
SDN, & On-
Premise
Using The Best Of
Existing Processes,
Combine With
New Automation
Techniques
SELECTING THE RIGHT SECURITY POLICY
MANAGEMENT SOLUTION
THE AGENDA
POLL #2:
IN REGARDS TO THE NETWORK SECURITY POLICY MANAGEMENT
SOLUTION, WHICH CATEGORY DO YOU SEE YOURSELF?
Please vote using the “Votes from Audience” tab in your BrightTALK panel
33
• This is my first time purchasing a Security Policy Management solution
• I’m looking to replace an existing solution
• I’m looking to expand my Network Security Policy Management solution
• My organization is expanding into the public or SDN and I’m looking to
understand more
34
Consider how a Security Policy
Management Solution introduces
intelligent automation into your
processes, to streamline decision making
& work effort!
Intelligent Automation – It’s More Than Just
Defining Policies
 Intelligent Automation is about connectivity fulfillment vs point
policy creation
INTELLIGENT AUTOMATION
• Intelligent Automation is about
intelligently enhancing & automating
time consuming security processes
• Much More Than “Create Rule On This
Device”:
• Algorithms augment human known-how
• Actionable & intelligent analysis added
throughout the workflow
• Policy-Push is just the tip of the iceberg!
35
INTELLIGENT AUTOMATION WORKFLOW
36
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
INTELLIGENT AUTOMATION WORKFLOW
37
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
Leverage Traffic Simulation engine to
work across on-premise, SDN, and
cloud security controls to automatically
analyze traffic requests and discover
all devices and rules which need to be
changed!
Unnecessary ("already works")
changes should be instantly identified
and closed and requestors notified –
Real-world customers see 30% of
change requests automatically closed!
INTELLIGENT AUTOMATION WORKFLOW
38
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
Automatically assess every
proposed change – before it is
implemented – to ensure
compliance with regulatory and
corporate standards, and identify
any changes in risk levels. This
process should be proactive &
tailored to suit individual specific
compliance & enterprise security
standards
INTELLIGENT AUTOMATION WORKFLOW
39
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
Automatic & intelligent design of
technical implementation steps for
all requests, to ensure they are
designed in the most efficient
method possible avoiding future
policy cleanup efforts &
optimization challenges.
Automated implementation of
policy changes directly on the
device, cloud platform, or firewall
management platform, to save time
and remove manual errors
INTELLIGENT AUTOMATION WORKFLOW
40
Design Of Policy Should Be Aware Of Policy Hierarchy….
Intelligent design of
technical implementation
steps must factor in policy
complexities, including
awareness of policy
hierarchy, to correctly place
new policies
INTELLIGENT AUTOMATION WORKFLOW
41
Assume we wish to allow the following traffic:
The traffic is partially allowed, 1.1.1.1-2.2.2.2 is not allowed by any rule
Design of policies must
consider traffic which is
already permitted, which
enables improved design
considerations around
modification where needed
INTELLIGENT AUTOMATION WORKFLOW
Implementation
designs should
consider policy
structure, and
recommend policy
modifications, based
on Least Privileged
Access, where
suitable!
INTELLIGENT AUTOMATION WORKFLOW
43
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
Post-implementation peer-
review should be completely
automated, to further reduce
manual efforts. This ensures the
Network Analyst responsible for
the request implementation can
be confident the request was
implemented accurately. This
functionality is critical in
preventing the premature
closing of tickets & avoiding
defective policies being sent to
the business as completed
44
Organizations world-wide are undergoing
massive digital transformation, and
moving forward IT must cater to the
business by driving change from
applications downward. It is imperative
any Security Policy Management Solution
supports this methodology!
A Application-Centric Approach Sets The Stage
For The Future
POLL #2:
IS YOUR ORGANIZATION CONSIDERING AN APPLICATION-CENTRIC APPROACH
WHEN LOOKING AT A NETWORK SECURITY POLICY MANAGEMENT SOLUTION?
Please vote using the “Votes from Audience” tab in your BrightTALK panel
45
• No, not really
• Yes, but no defined time-frame
• Yes, within the next year
• Yes, within the next 3 years
• Yes, within the next 5 years
 Network Security Policy Management Solutions must cater to
enabling & transforming the business
APPLICATION-CENTRIC APPROACH
• A Application-Centric Approach should
be focused on aligning processes, with
business goals & mindset
• Application context weaved through
solution
• “Plain English” connectivity provisioning
• Breakdown communication walls between
teams
46
APPLICATION-CENTRIC APPROACH
Application Owners
Security
Network Operations
APPLICATION-CENTRIC APPROACH
Application Owners
APPLICATION-CENTRIC APPROACH
50
Many organizations maintain existing
network change processes which involve
manual steps & decision making. Injecting
these practices into a modern Security Policy
Management Solution can often slow
deployment. Organizations should take an
opportunity to take fresh look & optimize
processed, with automation “baked in”!
Using The Best Of Existing Processes, Combine
With New Automation Techniques
 LEVERAGING A COMBINATION TO EXISTING PROCESSES WITH
NEW AUTOMATION TECHNIQUES, IS KEY TO SUCCESS
COMBINING AUTOMATION WITH EXISTING PROCESSES
• New automation technologies, should
be merged with existing process
• Avoid introduction of “manual steps” into
automation solutions
• Introduce zero-touch where possible, to
maximize value
• Streamline workflow by leveraging out-of-
box where possible
51
COMBINING AUTOMATION WITH EXISTING PROCESSES
• Avoid introducing manual steps from legacy
processes, into a new automation solution!
• Streamline processes & leverage automation
to drive efficiencies for standard changes
52
Firewall Change
Coordinator
Network Review Security Review
Network
Implementation
Design
Firewall Change
Request CAB Board
Security Director
Approval
Network
Implementation
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
= Asynchronous Zero-Touch Enabled
COMBINING AUTOMATION WITH EXISTING PROCESSES
• Zero-Touch can be
leveraged to reduce
security approval
bottlenecks & speed
DevOps in specific
environments!
53
Initial Plan Risk Check
Work Order &
ActiveChange
SmartValidation
Traffic Change
Request Resolved Recertify
= Asynchronous Zero-Touch Enabled
IF <DEVICE> = DEV Automated Implementation!
IF <RISK> = NONE Automated Approval!
COMBINING AUTOMATION WITH EXISTING PROCESSES
Existing
Change
Request/
Orchestration
Solution
Connectivity
Functional?
No
Yes Success
• Leverage out-of-box
functionality to provide value
quickly!
• Traffic Simulation APIs
• Connectivity-As-Code for
DevOps
55
While Cloud & SDN technologies drive
drastic change & offer new innovative
opportunities, the learning curve can be
steep. An effective Security Policy
Management Solution should offer
capabilities to smooth this curve & speed
adoption of these critical technologies!
Managing A Hybrid Environment Together –
Cloud, SDN, & On-Premise
 MAINTAINING UNIFORM CONTROL & VISBILITY ACROSS ALL
ENVIRONMENTS IS KEY
MANAGE HYBRID ENVIRONMENTS
• Hybrid Environments should be
managed uniformly & seamlessly
within existing processes
• Cloud Platforms visibility focused on
security control points
• SDN & Cloud integration should be
seamlessly integrated, to ease learning
curve
• Single Pane of Glass visibility to the hybrid
datacenter & applications
56
MANAGE HYBRID ENVIRONMENTS
• “Security Set” approach
should be use to manage
cloud environments
• Enhanced visibility into control
points
• Allows clearer understanding of
layer protection provided to
cloud assets
• Enables clear visibility in large
enterprise cloud estates
57
MANAGE HYBRID ENVIRONMENTS
58
MANAGE HYBRID ENVIRONMENTS
• SDN & Cloud visibility must easily integrate
into the NSPM solution, to make
engineering resources effective quickly
• A familiar experience can drastically speed
up adoption of cloud & SDN!
59
MANAGE HYBRID ENVIRONMENTS
• Hybrid Environments
spread across Cloud
& SDN, should be
easily visible &
integrated
• Traffic Simulation
capabilities should be
supported across
SDN, On-Premise, &
Cloud to support
complete
automation!
60
AWS Estate –
Cloud
EnvironmentOn Prem –
Physical Network
VPN Tunnel /
DirectConnect
Join our Online Community
Q&A
61
Send us your questions
Request a Free Evaluation:
marketing@algosec.com youtube.com/user/AlgoSec
linkedin.com/company/AlgoSec
facebook.com/AlgoSec
twitter.com/AlgoSec
www.AlgoSec.com/blog
SUMMARY
• Intelligent automation is about connectivity
fulfillment vs point policy creation
• Network security policy management solutions
must cater to enabling & transforming the
business
• Leveraging a combination to existing processes
with new automation techniques, is key to
success
• Maintaining uniform control & visbility across
all environments is key
62
White Paper
https://www.algosec.com/resources
Prof. Wool Video Courses
PPT SlidesSolution Brochure
63
64
JOIN OUR COMMUNITY
Follow us for the latest on security policy management trends, tips & tricks,
best practices, thought leadership, fun stuff, prizes and much more!
Subscribe to our YouTube channel for a
wide range of educational videos
presented by Professor Wool
youtube.com/user/AlgoSeclinkedin.com/company/AlgoSec
facebook.com/AlgoSec
twitter.com/AlgoSec
www.AlgoSec.com/blog
THANK YOU!
Questions can be emailed to
marketing@algosec.com
THANK YOU!
Questions can be emailed to
marketing@algosec.com

2019 08-13 selecting the right security policy management solution

  • 1.
    SELECTING THE RIGHT SECURITYPOLICY MANAGEMENT SOLUTION Kyle Wickert AlgoSec Worldwide Strategic Architect
  • 2.
    WELCOME Have a question?Submit it via the chat This webinar is being recorded! Slides and recording will be sent to you after the webinar 2 marketing@algosec.com
  • 3.
    3 Intelligent Automation – It’s MoreThan Just Defining Policies A Application- Centric Approach Sets The Stage For The Future Managing A Hybrid Environment Together – Cloud, SDN, & On- Premise Using The Best Of Existing Processes, Combine With New Automation Techniques SELECTING THE RIGHT SECURITY POLICY MANAGEMENT SOLUTION THE AGENDA
  • 4.
    POLL #2: IN REGARDSTO THE NETWORK SECURITY POLICY MANAGEMENT SOLUTION, WHICH CATEGORY DO YOU SEE YOURSELF? Please vote using the “Votes from Audience” tab in your BrightTALK panel 4 • This is my first time purchasing a Security Policy Management solution • I’m looking to replace an existing solution • I’m looking to expand my Network Security Policy Management solution • My organization is expanding into the public or SDN and I’m looking to understand more
  • 5.
    5 HIGH LEVEL… WRITEUP…. Intelligent Automation– It’s More Than Just Defining Policies
  • 6.
     Intelligent Automationis about connectivity fulfillment vs point policy creation INTELLIGENT AUTOMATION • Intelligent Automation is about intelligently enhancing & automating time consuming security processes • Much More Than “Create Rule On This Device”: • Algorithms augment human known-how • Actionable & intelligent analysis added throughout the workflow • Policy-Push is just the tip of the iceberg! 6
  • 7.
    INTELLIGENT AUTOMATION WORKFLOW 7 InitialPlan Risk Check Work Order & ActiveChange SmartValidation Traffic Change Request Resolved Recertify
  • 8.
    INTELLIGENT AUTOMATION WORKFLOW 8 InitialPlan Risk Check Work Order & ActiveChange SmartValidation Traffic Change Request Resolved Recertify Leverage Traffic Simulation engine to work across on-premise, SDN, and cloud security controls to automatically analyze traffic requests and discover all devices and rules which need to be changed! Unnecessary ("already works") changes should be instantly identified and closed and requestors notified – Real-world customers see 30% of change requests automatically closed!
  • 9.
    INTELLIGENT AUTOMATION WORKFLOW 9 InitialPlan Risk Check Work Order & ActiveChange SmartValidation Traffic Change Request Resolved Recertify Automatically assess every proposed change – before it is implemented – to ensure compliance with regulatory and corporate standards, and identify any changes in risk levels. This process should be proactive & tailored to suit individual specific compliance & enterprise security standards
  • 10.
    INTELLIGENT AUTOMATION WORKFLOW 10 InitialPlan Risk Check Work Order & ActiveChange SmartValidation Traffic Change Request Resolved Recertify Automatic & intelligent design of technical implementation steps for all requests, to ensure they are designed in the most efficient method possible avoiding future policy cleanup efforts & optimization challenges. Automated implementation of policy changes directly on the device, cloud platform, or firewall management platform, to save time and remove manual errors
  • 11.
    INTELLIGENT AUTOMATION WORKFLOW 11 DesignOf Policy Should Be Aware Of Policy Hierarchy…. Intelligent design of technical implementation steps must factor in policy complexities, including awareness of policy hierarchy, to correctly place new policies
  • 12.
    INTELLIGENT AUTOMATION WORKFLOW 12 Assumewe wish to allow the following traffic: The traffic is partially allowed, 1.1.1.1-2.2.2.2 is not allowed by any rule Design of policies must consider traffic which is already permitted, which enables improved design considerations around modification where needed
  • 13.
    INTELLIGENT AUTOMATION WORKFLOW Implementation designsshould consider policy structure, and recommend policy modifications, based on Least Privileged Access, where suitable!
  • 14.
    INTELLIGENT AUTOMATION WORKFLOW 14 InitialPlan Risk Check Work Order & ActiveChange SmartValidation Traffic Change Request Resolved Recertify Post-implementation peer- review should be completely automated, to further reduce manual efforts. This ensures the Network Analyst responsible for the request implementation can be confident the request was implemented accurately. This functionality is critical in preventing the premature closing of tickets & avoiding defective policies being sent to the business as completed
  • 15.
    15 HIGH LEVEL… WRITE UP… AApplication-Centric Approach Sets The Stage For The Future
  • 16.
    POLL #2: IS YOURORGANIZATION CONSIDERING AN APPLICATION-CENTRIC APPROACH WHEN LOOKING AT A NETWORK SECURITY POLICY MANAGEMENT SOLUTION? Please vote using the “Votes from Audience” tab in your BrightTALK panel 16 • No, not really • Yes, but no defined time-frame • Yes, within the next year • Yes, within the next 3 years • Yes, within the next 5 years
  • 17.
     Network SecurityPolicy Management Solutions must cater to enabling & transforming the business BUSINESS-CENTRIC APPROACH • A Business-Centric Approach should be focused on aligning processes, with business goals & mindset • Application context weaved through solution • “Plain English” connectivity provisioning • Breakdown communication walls between teams 17
  • 18.
  • 19.
  • 20.
  • 21.
    BUSINESS-CENTRIC APPROACH Kyle, Iduplicated this slide – it’s a placeholder for what you want to flush out
  • 22.
    22 HIGH LEVEL… WRITE UP… UsingThe Best Of Existing Processes, Combine With New Automation Techniques
  • 23.
     Bottom line:WORDS COMBINING AUTOMATION WITH EXISTING PROCESSES • New automation technologies, should be merged with existing process • Avoid introduction of “manual steps” into automation solutions • Introduce zero-touch where possible, to maximize value • Streamline workflow by leveraging out-of- box where possible 23
  • 24.
    COMBINING AUTOMATION WITHEXISTING PROCESSES • New automation technologies, should be merged with existing process • Avoid introduction of “manual steps” into automation solutions • Introduce zero-touch where possible, to maximize value • Streamline workflow by leveraging out-of- box where possible 24
  • 25.
    COMBINING AUTOMATION WITHEXISTING PROCESSES • Zero-Touch 25
  • 26.
    COMBINING AUTOMATION WITHEXISTING PROCESSES Existing Change Request/ Orchestration Solution Connectivity Functional? No Yes Success
  • 27.
    27 HIGH LEVEL… WRITE UP… ManagingA Hybrid Environment Together – Cloud, SDN, & On-Premise
  • 28.
     Bottom line:WORDS MANAGE HYBRID ENVIRONMENTS • Hybrid Environments should be managed uniformly & seamlessly within existing processes • Cloud Platforms visibility focused on security control points • SDN Platforms • Single Pane of Glass visibility to the hybrid datacenter & applications moving across 28
  • 29.
    MANAGE HYBRID ENVIRONMENTS •Hybrid Environments should be managed uniformly & seamlessly within existing processes • Cloud Platforms visibility focused on security control points • SDN Platforms • Single Pane of Glass visibility to the hybrid datacenter & applications moving across 29 AWS Estate – Cloud EnvironmentOn Prem – Physical Network VPN Tunnel / DirectConnect
  • 30.
    SELECTING THE RIGHT SECURITYPOLICY MANAGEMENT SOLUTION Kyle Wickert AlgoSec Worldwide Strategic Architect
  • 31.
    WELCOME Have a question?Submit it via the chat This webinar is being recorded! Slides and recording will be sent to you after the webinar 31 marketing@algosec.com
  • 32.
    32 Intelligent Automation – It’s MoreThan Just Defining Policies A Application- Centric Approach Sets The Stage For The Future Managing A Hybrid Environment Together – Cloud, SDN, & On- Premise Using The Best Of Existing Processes, Combine With New Automation Techniques SELECTING THE RIGHT SECURITY POLICY MANAGEMENT SOLUTION THE AGENDA
  • 33.
    POLL #2: IN REGARDSTO THE NETWORK SECURITY POLICY MANAGEMENT SOLUTION, WHICH CATEGORY DO YOU SEE YOURSELF? Please vote using the “Votes from Audience” tab in your BrightTALK panel 33 • This is my first time purchasing a Security Policy Management solution • I’m looking to replace an existing solution • I’m looking to expand my Network Security Policy Management solution • My organization is expanding into the public or SDN and I’m looking to understand more
  • 34.
    34 Consider how aSecurity Policy Management Solution introduces intelligent automation into your processes, to streamline decision making & work effort! Intelligent Automation – It’s More Than Just Defining Policies
  • 35.
     Intelligent Automationis about connectivity fulfillment vs point policy creation INTELLIGENT AUTOMATION • Intelligent Automation is about intelligently enhancing & automating time consuming security processes • Much More Than “Create Rule On This Device”: • Algorithms augment human known-how • Actionable & intelligent analysis added throughout the workflow • Policy-Push is just the tip of the iceberg! 35
  • 36.
    INTELLIGENT AUTOMATION WORKFLOW 36 InitialPlan Risk Check Work Order & ActiveChange SmartValidation Traffic Change Request Resolved Recertify
  • 37.
    INTELLIGENT AUTOMATION WORKFLOW 37 InitialPlan Risk Check Work Order & ActiveChange SmartValidation Traffic Change Request Resolved Recertify Leverage Traffic Simulation engine to work across on-premise, SDN, and cloud security controls to automatically analyze traffic requests and discover all devices and rules which need to be changed! Unnecessary ("already works") changes should be instantly identified and closed and requestors notified – Real-world customers see 30% of change requests automatically closed!
  • 38.
    INTELLIGENT AUTOMATION WORKFLOW 38 InitialPlan Risk Check Work Order & ActiveChange SmartValidation Traffic Change Request Resolved Recertify Automatically assess every proposed change – before it is implemented – to ensure compliance with regulatory and corporate standards, and identify any changes in risk levels. This process should be proactive & tailored to suit individual specific compliance & enterprise security standards
  • 39.
    INTELLIGENT AUTOMATION WORKFLOW 39 InitialPlan Risk Check Work Order & ActiveChange SmartValidation Traffic Change Request Resolved Recertify Automatic & intelligent design of technical implementation steps for all requests, to ensure they are designed in the most efficient method possible avoiding future policy cleanup efforts & optimization challenges. Automated implementation of policy changes directly on the device, cloud platform, or firewall management platform, to save time and remove manual errors
  • 40.
    INTELLIGENT AUTOMATION WORKFLOW 40 DesignOf Policy Should Be Aware Of Policy Hierarchy…. Intelligent design of technical implementation steps must factor in policy complexities, including awareness of policy hierarchy, to correctly place new policies
  • 41.
    INTELLIGENT AUTOMATION WORKFLOW 41 Assumewe wish to allow the following traffic: The traffic is partially allowed, 1.1.1.1-2.2.2.2 is not allowed by any rule Design of policies must consider traffic which is already permitted, which enables improved design considerations around modification where needed
  • 42.
    INTELLIGENT AUTOMATION WORKFLOW Implementation designsshould consider policy structure, and recommend policy modifications, based on Least Privileged Access, where suitable!
  • 43.
    INTELLIGENT AUTOMATION WORKFLOW 43 InitialPlan Risk Check Work Order & ActiveChange SmartValidation Traffic Change Request Resolved Recertify Post-implementation peer- review should be completely automated, to further reduce manual efforts. This ensures the Network Analyst responsible for the request implementation can be confident the request was implemented accurately. This functionality is critical in preventing the premature closing of tickets & avoiding defective policies being sent to the business as completed
  • 44.
    44 Organizations world-wide areundergoing massive digital transformation, and moving forward IT must cater to the business by driving change from applications downward. It is imperative any Security Policy Management Solution supports this methodology! A Application-Centric Approach Sets The Stage For The Future
  • 45.
    POLL #2: IS YOURORGANIZATION CONSIDERING AN APPLICATION-CENTRIC APPROACH WHEN LOOKING AT A NETWORK SECURITY POLICY MANAGEMENT SOLUTION? Please vote using the “Votes from Audience” tab in your BrightTALK panel 45 • No, not really • Yes, but no defined time-frame • Yes, within the next year • Yes, within the next 3 years • Yes, within the next 5 years
  • 46.
     Network SecurityPolicy Management Solutions must cater to enabling & transforming the business APPLICATION-CENTRIC APPROACH • A Application-Centric Approach should be focused on aligning processes, with business goals & mindset • Application context weaved through solution • “Plain English” connectivity provisioning • Breakdown communication walls between teams 46
  • 47.
  • 48.
  • 49.
  • 50.
    50 Many organizations maintainexisting network change processes which involve manual steps & decision making. Injecting these practices into a modern Security Policy Management Solution can often slow deployment. Organizations should take an opportunity to take fresh look & optimize processed, with automation “baked in”! Using The Best Of Existing Processes, Combine With New Automation Techniques
  • 51.
     LEVERAGING ACOMBINATION TO EXISTING PROCESSES WITH NEW AUTOMATION TECHNIQUES, IS KEY TO SUCCESS COMBINING AUTOMATION WITH EXISTING PROCESSES • New automation technologies, should be merged with existing process • Avoid introduction of “manual steps” into automation solutions • Introduce zero-touch where possible, to maximize value • Streamline workflow by leveraging out-of- box where possible 51
  • 52.
    COMBINING AUTOMATION WITHEXISTING PROCESSES • Avoid introducing manual steps from legacy processes, into a new automation solution! • Streamline processes & leverage automation to drive efficiencies for standard changes 52 Firewall Change Coordinator Network Review Security Review Network Implementation Design Firewall Change Request CAB Board Security Director Approval Network Implementation Initial Plan Risk Check Work Order & ActiveChange SmartValidation Traffic Change Request Resolved Recertify = Asynchronous Zero-Touch Enabled
  • 53.
    COMBINING AUTOMATION WITHEXISTING PROCESSES • Zero-Touch can be leveraged to reduce security approval bottlenecks & speed DevOps in specific environments! 53 Initial Plan Risk Check Work Order & ActiveChange SmartValidation Traffic Change Request Resolved Recertify = Asynchronous Zero-Touch Enabled IF <DEVICE> = DEV Automated Implementation! IF <RISK> = NONE Automated Approval!
  • 54.
    COMBINING AUTOMATION WITHEXISTING PROCESSES Existing Change Request/ Orchestration Solution Connectivity Functional? No Yes Success • Leverage out-of-box functionality to provide value quickly! • Traffic Simulation APIs • Connectivity-As-Code for DevOps
  • 55.
    55 While Cloud &SDN technologies drive drastic change & offer new innovative opportunities, the learning curve can be steep. An effective Security Policy Management Solution should offer capabilities to smooth this curve & speed adoption of these critical technologies! Managing A Hybrid Environment Together – Cloud, SDN, & On-Premise
  • 56.
     MAINTAINING UNIFORMCONTROL & VISBILITY ACROSS ALL ENVIRONMENTS IS KEY MANAGE HYBRID ENVIRONMENTS • Hybrid Environments should be managed uniformly & seamlessly within existing processes • Cloud Platforms visibility focused on security control points • SDN & Cloud integration should be seamlessly integrated, to ease learning curve • Single Pane of Glass visibility to the hybrid datacenter & applications 56
  • 57.
    MANAGE HYBRID ENVIRONMENTS •“Security Set” approach should be use to manage cloud environments • Enhanced visibility into control points • Allows clearer understanding of layer protection provided to cloud assets • Enables clear visibility in large enterprise cloud estates 57
  • 58.
  • 59.
    MANAGE HYBRID ENVIRONMENTS •SDN & Cloud visibility must easily integrate into the NSPM solution, to make engineering resources effective quickly • A familiar experience can drastically speed up adoption of cloud & SDN! 59
  • 60.
    MANAGE HYBRID ENVIRONMENTS •Hybrid Environments spread across Cloud & SDN, should be easily visible & integrated • Traffic Simulation capabilities should be supported across SDN, On-Premise, & Cloud to support complete automation! 60 AWS Estate – Cloud EnvironmentOn Prem – Physical Network VPN Tunnel / DirectConnect
  • 61.
    Join our OnlineCommunity Q&A 61 Send us your questions Request a Free Evaluation: marketing@algosec.com youtube.com/user/AlgoSec linkedin.com/company/AlgoSec facebook.com/AlgoSec twitter.com/AlgoSec www.AlgoSec.com/blog
  • 62.
    SUMMARY • Intelligent automationis about connectivity fulfillment vs point policy creation • Network security policy management solutions must cater to enabling & transforming the business • Leveraging a combination to existing processes with new automation techniques, is key to success • Maintaining uniform control & visbility across all environments is key 62
  • 63.
    White Paper https://www.algosec.com/resources Prof. WoolVideo Courses PPT SlidesSolution Brochure 63
  • 64.
    64 JOIN OUR COMMUNITY Followus for the latest on security policy management trends, tips & tricks, best practices, thought leadership, fun stuff, prizes and much more! Subscribe to our YouTube channel for a wide range of educational videos presented by Professor Wool youtube.com/user/AlgoSeclinkedin.com/company/AlgoSec facebook.com/AlgoSec twitter.com/AlgoSec www.AlgoSec.com/blog
  • 65.
    THANK YOU! Questions canbe emailed to marketing@algosec.com
  • 66.
    THANK YOU! Questions canbe emailed to marketing@algosec.com

Editor's Notes

  • #23 “best practices” from Kyle the expert
  • #51 “best practices” from Kyle the expert
  • #64 Links: WP - The Network Security Policy Management Lifecycle: https://www.algosec.com/lp/network-security-policy-management-lifecycle/ Solution Brochure Webinar Slides
  • #65 Miki And, before we part – we welcome you to connect with us through our social networks in LinkedIn, Facebook, Twitter and our blog.