SlideShare a Scribd company logo
HOW TO AVOID
BUSINESS OUTAGES
FROM MISCONFIGURED
NETWORK DEVICES
TOPICS COVERED TODAY
• Understanding the problem: misconfigured network
devices
• Typical change control processes
• The Gap between Business and IT Security
• Data center migration
2 | Confidential
THE BALANCING ACT
3
Security
Agility
Firewall Breaches
5% Vulnerabilities
95%Misconfiguration
THE BALANCING ACT
Security
Agility
Prevent Cyber
Attacks
Firewall Breaches
Data Center Automation5% Vulnerabilities
95%Misconfiguration
THE BALANCING ACT
5
Security
Agility
Prevent Cyber
Attacks
Enable Business
Applications
Resource Timeto
Provision
Server Minutes
Storage Minutes
Security
Access Days/Weeks
JUST SOME CONTEXT…
6 | Confidential
JUST SOME CONTEXT…
7 | Confidential
HOW CAN A DEVICE BE MISCONFIGURED?
SECURITY DEVICE CHANGE CONTROL PROCESS
• Understand and map your enterprise infrastructure
topology before you make a change
• Proactively assess the impact of a change to ensure it does
not break connectivity, affect compliance or create a
security hole
• Avoid common mistakes when making changes to your
network security devices and firewalls
• Monitor all changes in case there is an outage. You can
easily reverse the newest implemented change if
necessary
• Translate business requirements into the network and
security policies that are implemented on firewalls
24 | Confidential
TYPICAL SECURITY DEVICE CHANGE CONTROL PROCESS
25 | Confidential
Plan
Approve
ImplementValidate
Close
Request
1 2
3
4
6
5
TYPICAL SECURITY DEVICE CHANGE CONTROL PROCESS
26 | Confidential
Plan
Approve
ImplementValidate
Close
Request
1 2
3
4
6
5
In some cases, “Recertify”…
but that’s a topic for
another day
TYPICAL SECURITY DEVICE CHANGE CONTROL PROCESS
27 | Confidential
Plan
Approve
ImplementValidate
Close
Request
1 2
3
4
6
5
• Identify what devices need to be changed
• In our example, there are three devices
• CheckPoint
• Juniper
• AWS Server
• How did we know?
VISIBILITY INTO THE PLANNING STAGE
• We understand the topology of the network and the
security policies associated with the devices in the path
28 | Confidential
Plan
Approve
ImplementValidate
Close
Request
TYPICAL SECURITY DEVICE CHANGE CONTROL PROCESS
29 | Confidential
1 2
3
4
6
5
• Always perform a risk check BEFORE you approve
• Understanding the risk during the approval phase gives
you a chance to “replan” the change or deny it if it will
cause undue risk to the environment
Plan
Approve
ImplementValidate
Close
Request
TYPICAL SECURITY DEVICE CHANGE CONTROL PROCESS
30 | Confidential
1 2
3
4
6
5
• During the implementation phase
consider how to insert the new
security rule into the device’s current
policy
• Add a new rule?
• Modify an existing rule?
• Create new objects?
• Automatically document the rule change
Plan
Approve
ImplementValidate
Close
Request
TYPICAL SECURITY DEVICE CHANGE CONTROL PROCESS
32 | Confidential
1 2
3
4
6
5
• Check the request and validate it is
implemented correctly before
notifying stakeholders
• Was the original request
implemented:
• In good working order for the entire path,
so the requester does not ask for the
same information again!
• Exactly as requested?
• With an overly permissive rule (ie. “any”
vs https service)
Plan
Approve
ImplementValidate
Close
Request
TYPICAL SECURITY DEVICE CHANGE CONTROL PROCESS
33 | Confidential
1 2
3
4
6
5
Need to figure out why the
change was not
implemented correctly
GAP BETWEEN BUSINESS AND IT SECURITY
• A simplistic summary of the Business and IT relationship:
1. The business created value for customer’s and has stored this data in databases and
allowed users to access the data via applications
2. IT maintains the infrastructure to support the data (databases) and applications.
3. IT Security maintains secure access to data and applications so these assets don’t
compromise the value of the business
• Without 1, 2 & 3 above, a business would not exist
• Applications provide a vehicle to create additional value for their
customers
• Applications and “data” MUST be secure and maintainable
• Application developers and database administrators request security
infrastructure changes as business requirements adapt to new customer
and market demands
• The security change management process has to improve - just like
provisioning a web or database server….It only takes minutes now…
40 | Confidential
A SIMPLE DIAGRAM WILL DO….PLEASE!!!
• The current challenge is that
Information security talk a
different language than
application developers and
database administrators
(DBA’s) who are requesting application changes
• Security architects must bridge the gap between a secure
business application and operational disasters
• How many organizations can document their business
applications so the security team has a prayer in
understanding how their applications works?
41 | Confidential
A SIMPLE DIAGRAM WILL DO….PLEASE!!!
• The diagram to the right can be
dynamically created to help
document how the application
interacts with the network
infrastructure
• Provides Security Architects with a communication vehicle to
start the conversation
• Dive one level deeper and understand the security
42 | Confidential
DATACENTER AND/OR CLOUD MIGRATION MOTIVES
• Upgrade capacity
• Save money – server consolidation
• Mergers and acquisitions to combine resources
54 | Confidential
DATA CENTER (DC) MIGRATION
• Requirements for DC
• Complete inventory of what needs to move
• Official and “unofficial” equipment
• Discover the hidden assets via the security policy
• New hardware and IP address schemes
• Change Firewall Rulebase for transition connectivity
• Migrate IPs in DNS servers
• After migration is complete, decommission original application
• Planning
• What if analysis
• What applications are using these servers?
• What applications are impacted by these firewalls?
• What applications are vulnerable to these security issues?
55 | Confidential
CUSTOMER PHILOSOPHY IS CHANGING
• We currently see connectivity requests being manually
planned, assessed, designed and implemented
• This needs to change…..and quickly!
• How do you manage these 1,000 security change requests?
• Customers are moving to agile development &
deployment
• The Internet of Things is impacting service expectations
• We are required to intelligently automate as much of the
change process as possible
• The bottom line is that security needs to dramatically
improve change responsiveness with zero errors at a lower
cost!
57 | Confidential
SUMMARY
• Misconfigured devices can cause outages and security
breaches
• Use automation and validation to help reduce human
errors
• Help application developers and information security
understand each other by automatically documenting
applications and translating security policy rules into flows
that everyone can understand
• Use “projects” to help accelerate data center migration
security policies so that it will be completed on time!
58 | Confidential
MORE RESOURCES
59 | Confidential
THANK YOU
joe.dipietro@algosec.com

More Related Content

What's hot

2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
Liraz Goldstein
 
Dos and Don’ts for Managing External Connectivity to/from Your Network
Dos and Don’ts for Managing External Connectivity to/from Your NetworkDos and Don’ts for Managing External Connectivity to/from Your Network
Dos and Don’ts for Managing External Connectivity to/from Your Network
AlgoSec
 
Put out audit security fires, pass audits -every time
Put out audit security fires, pass audits -every time Put out audit security fires, pass audits -every time
Put out audit security fires, pass audits -every time
AlgoSec
 
Movin' On Up to the Cloud: How to Migrate your Application Connectivity
Movin' On Up to the Cloud: How to Migrate your Application ConnectivityMovin' On Up to the Cloud: How to Migrate your Application Connectivity
Movin' On Up to the Cloud: How to Migrate your Application Connectivity
shira koper
 
Managing application connectivity securely through a merger or acquisition – ...
Managing application connectivity securely through a merger or acquisition – ...Managing application connectivity securely through a merger or acquisition – ...
Managing application connectivity securely through a merger or acquisition – ...
AlgoSec
 
Security Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlSecurity Change Management: Agility vs. Control
Security Change Management: Agility vs. Control
AlgoSec
 
Algosec security policy management for financial institutions
Algosec security policy management for financial institutionsAlgosec security policy management for financial institutions
Algosec security policy management for financial institutions
Maytal Levi
 
Radically reduce firewall rules with application-driven rule recertification
Radically reduce firewall rules with application-driven rule recertificationRadically reduce firewall rules with application-driven rule recertification
Radically reduce firewall rules with application-driven rule recertification
AlgoSec
 
Application visibility across the security estate the value and the vision ...
Application visibility across the security estate   the value and the vision ...Application visibility across the security estate   the value and the vision ...
Application visibility across the security estate the value and the vision ...
AlgoSec
 
compliance made easy. pass your audits stress-free webinar
compliance made easy. pass your audits stress-free webinarcompliance made easy. pass your audits stress-free webinar
compliance made easy. pass your audits stress-free webinar
AlgoSec
 
Migrating and Managing Security Policies in a Segmented Data Center
Migrating and Managing Security Policies in a Segmented Data CenterMigrating and Managing Security Policies in a Segmented Data Center
Migrating and Managing Security Policies in a Segmented Data Center
AlgoSec
 
Tying cyber attacks to business processes, for faster mitigation
Tying cyber attacks to business processes, for faster mitigationTying cyber attacks to business processes, for faster mitigation
Tying cyber attacks to business processes, for faster mitigation
Maytal Levi
 
5 things you didnt know you could do with security policy management
5 things you didnt know you could do with security policy management5 things you didnt know you could do with security policy management
5 things you didnt know you could do with security policy management
AlgoSec
 
A Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
A Pragmatic Approach to Network Security Across Your Hybrid Cloud EnvironmentA Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
A Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
AlgoSec
 
best practices-managing_security_in_the hybrid cloud
 best practices-managing_security_in_the hybrid cloud best practices-managing_security_in_the hybrid cloud
best practices-managing_security_in_the hybrid cloud
AlgoSec
 
Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar
Maytal Levi
 
AlgoSec Application Migration Webinar
AlgoSec Application Migration WebinarAlgoSec Application Migration Webinar
AlgoSec Application Migration Webinar
Maytal Levi
 
SDN's managing security across the virtual network final
SDN's managing security across the virtual network finalSDN's managing security across the virtual network final
SDN's managing security across the virtual network final
AlgoSec
 
Webinar: How automation can transform the way you manage your network securit...
Webinar: How automation can transform the way you manage your network securit...Webinar: How automation can transform the way you manage your network securit...
Webinar: How automation can transform the way you manage your network securit...
AlgoSec
 
2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...
AlgoSec
 

What's hot (20)

2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
 
Dos and Don’ts for Managing External Connectivity to/from Your Network
Dos and Don’ts for Managing External Connectivity to/from Your NetworkDos and Don’ts for Managing External Connectivity to/from Your Network
Dos and Don’ts for Managing External Connectivity to/from Your Network
 
Put out audit security fires, pass audits -every time
Put out audit security fires, pass audits -every time Put out audit security fires, pass audits -every time
Put out audit security fires, pass audits -every time
 
Movin' On Up to the Cloud: How to Migrate your Application Connectivity
Movin' On Up to the Cloud: How to Migrate your Application ConnectivityMovin' On Up to the Cloud: How to Migrate your Application Connectivity
Movin' On Up to the Cloud: How to Migrate your Application Connectivity
 
Managing application connectivity securely through a merger or acquisition – ...
Managing application connectivity securely through a merger or acquisition – ...Managing application connectivity securely through a merger or acquisition – ...
Managing application connectivity securely through a merger or acquisition – ...
 
Security Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlSecurity Change Management: Agility vs. Control
Security Change Management: Agility vs. Control
 
Algosec security policy management for financial institutions
Algosec security policy management for financial institutionsAlgosec security policy management for financial institutions
Algosec security policy management for financial institutions
 
Radically reduce firewall rules with application-driven rule recertification
Radically reduce firewall rules with application-driven rule recertificationRadically reduce firewall rules with application-driven rule recertification
Radically reduce firewall rules with application-driven rule recertification
 
Application visibility across the security estate the value and the vision ...
Application visibility across the security estate   the value and the vision ...Application visibility across the security estate   the value and the vision ...
Application visibility across the security estate the value and the vision ...
 
compliance made easy. pass your audits stress-free webinar
compliance made easy. pass your audits stress-free webinarcompliance made easy. pass your audits stress-free webinar
compliance made easy. pass your audits stress-free webinar
 
Migrating and Managing Security Policies in a Segmented Data Center
Migrating and Managing Security Policies in a Segmented Data CenterMigrating and Managing Security Policies in a Segmented Data Center
Migrating and Managing Security Policies in a Segmented Data Center
 
Tying cyber attacks to business processes, for faster mitigation
Tying cyber attacks to business processes, for faster mitigationTying cyber attacks to business processes, for faster mitigation
Tying cyber attacks to business processes, for faster mitigation
 
5 things you didnt know you could do with security policy management
5 things you didnt know you could do with security policy management5 things you didnt know you could do with security policy management
5 things you didnt know you could do with security policy management
 
A Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
A Pragmatic Approach to Network Security Across Your Hybrid Cloud EnvironmentA Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
A Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
 
best practices-managing_security_in_the hybrid cloud
 best practices-managing_security_in_the hybrid cloud best practices-managing_security_in_the hybrid cloud
best practices-managing_security_in_the hybrid cloud
 
Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar
 
AlgoSec Application Migration Webinar
AlgoSec Application Migration WebinarAlgoSec Application Migration Webinar
AlgoSec Application Migration Webinar
 
SDN's managing security across the virtual network final
SDN's managing security across the virtual network finalSDN's managing security across the virtual network final
SDN's managing security across the virtual network final
 
Webinar: How automation can transform the way you manage your network securit...
Webinar: How automation can transform the way you manage your network securit...Webinar: How automation can transform the way you manage your network securit...
Webinar: How automation can transform the way you manage your network securit...
 
2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...
 

Viewers also liked

5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice
AlgoSec
 
Learn how an app-centric approach will improve security & operational efficiency
Learn how an app-centric approach will improve security & operational efficiencyLearn how an app-centric approach will improve security & operational efficiency
Learn how an app-centric approach will improve security & operational efficiency
Adi Gazit Blecher
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business context
AlgoSec
 
Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinarCisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar
Maytal Levi
 
Segmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglySegmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the Ugly
AlgoSec
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the Curve
AlgoSec
 
How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...
How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...
How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...
Adi Gazit Blecher
 
Top PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
Top PCI Pitfalls and How to Avoid Them: The QSA’s PerspectiveTop PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
Top PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
AlgoSec
 
Best Practics for Automating Next Generation Firewall Change Processes
Best Practics for Automating Next Generation Firewall Change ProcessesBest Practics for Automating Next Generation Firewall Change Processes
Best Practics for Automating Next Generation Firewall Change Processes
Adi Gazit Blecher
 
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous Compliance
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous ComplianceReaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous Compliance
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous Compliance
AlgoSec
 

Viewers also liked (10)

5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice
 
Learn how an app-centric approach will improve security & operational efficiency
Learn how an app-centric approach will improve security & operational efficiencyLearn how an app-centric approach will improve security & operational efficiency
Learn how an app-centric approach will improve security & operational efficiency
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business context
 
Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinarCisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar
 
Segmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglySegmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the Ugly
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the Curve
 
How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...
How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...
How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...
 
Top PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
Top PCI Pitfalls and How to Avoid Them: The QSA’s PerspectiveTop PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
Top PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
 
Best Practics for Automating Next Generation Firewall Change Processes
Best Practics for Automating Next Generation Firewall Change ProcessesBest Practics for Automating Next Generation Firewall Change Processes
Best Practics for Automating Next Generation Firewall Change Processes
 
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous Compliance
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous ComplianceReaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous Compliance
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous Compliance
 

Similar to Avoid outages-from-misconfigured-devices-webinar-slides

Security a Revenue Center: How Security Can Drive Your Business
Security a Revenue Center: How Security Can Drive Your BusinessSecurity a Revenue Center: How Security Can Drive Your Business
Security a Revenue Center: How Security Can Drive Your Business
shira koper
 
Network Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNetwork Security, Change Control, Outsourcing
Network Security, Change Control, Outsourcing
Nicholas Davis
 
Network security, change control, outsourcing
Network security, change control, outsourcingNetwork security, change control, outsourcing
Network security, change control, outsourcing
Nicholas Davis
 
Final Presentation
Final PresentationFinal Presentation
Final Presentation
chris odle
 
Robert Williams Final Project
Robert Williams Final Project Robert Williams Final Project
Robert Williams Final Project
Robert D. Williams
 
Robert Williams Final Project
Robert Williams Final Project Robert Williams Final Project
Robert Williams Final Project
Robert D. Williams
 
Designing Flexibility in Software to Increase Security
Designing Flexibility in Software to Increase SecurityDesigning Flexibility in Software to Increase Security
Designing Flexibility in Software to Increase Security
lawmoore
 
The Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - RothkeThe Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - Rothke
Ben Rothke
 
School of Computer & Information SciencesITS-532 Cloud Com
School of Computer & Information SciencesITS-532 Cloud ComSchool of Computer & Information SciencesITS-532 Cloud Com
School of Computer & Information SciencesITS-532 Cloud Com
TaunyaCoffman887
 
Moving Core Business to the Cloud -이덕성 대표 :: AWS 파트너 테크시프트 세미나 Moving Core B...
Moving Core Business to the Cloud -이덕성 대표 :: AWS 파트너 테크시프트 세미나  Moving Core B...Moving Core Business to the Cloud -이덕성 대표 :: AWS 파트너 테크시프트 세미나  Moving Core B...
Moving Core Business to the Cloud -이덕성 대표 :: AWS 파트너 테크시프트 세미나 Moving Core B...
Amazon Web Services Korea
 
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
VMworld
 
Secure Cloud Hosting: Real Requirements to Protect your Data
Secure Cloud Hosting: Real Requirements to Protect your DataSecure Cloud Hosting: Real Requirements to Protect your Data
Secure Cloud Hosting: Real Requirements to Protect your Data
Great Wide Open
 
Algosec 5 more_things_you_can_do_with_a_security_policy_management_solution
Algosec 5 more_things_you_can_do_with_a_security_policy_management_solutionAlgosec 5 more_things_you_can_do_with_a_security_policy_management_solution
Algosec 5 more_things_you_can_do_with_a_security_policy_management_solution
Maytal Levi
 
Security Design Concepts
Security Design ConceptsSecurity Design Concepts
Security Design Concepts
Mohammed Fazuluddin
 
HIT 200-400 presentation handout!.ppt
HIT 200-400 presentation handout!.pptHIT 200-400 presentation handout!.ppt
HIT 200-400 presentation handout!.ppt
CleophasTakueNgwenya
 
CISA_WK_4.pptx
CISA_WK_4.pptxCISA_WK_4.pptx
CISA_WK_4.pptx
dotco
 
Eliminate the Impact of Planned Downtime on your IBM i
Eliminate the Impact of Planned Downtime on your IBM iEliminate the Impact of Planned Downtime on your IBM i
Eliminate the Impact of Planned Downtime on your IBM i
Precisely
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
Falgun Rathod
 
Maintenance of Hospital Information System
Maintenance of Hospital Information SystemMaintenance of Hospital Information System
Maintenance of Hospital Information System
Dr Jasbeer Singh
 
MineExcellence Drilling Platform
MineExcellence Drilling Platform MineExcellence Drilling Platform
MineExcellence Drilling Platform
MineExcellence
 

Similar to Avoid outages-from-misconfigured-devices-webinar-slides (20)

Security a Revenue Center: How Security Can Drive Your Business
Security a Revenue Center: How Security Can Drive Your BusinessSecurity a Revenue Center: How Security Can Drive Your Business
Security a Revenue Center: How Security Can Drive Your Business
 
Network Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNetwork Security, Change Control, Outsourcing
Network Security, Change Control, Outsourcing
 
Network security, change control, outsourcing
Network security, change control, outsourcingNetwork security, change control, outsourcing
Network security, change control, outsourcing
 
Final Presentation
Final PresentationFinal Presentation
Final Presentation
 
Robert Williams Final Project
Robert Williams Final Project Robert Williams Final Project
Robert Williams Final Project
 
Robert Williams Final Project
Robert Williams Final Project Robert Williams Final Project
Robert Williams Final Project
 
Designing Flexibility in Software to Increase Security
Designing Flexibility in Software to Increase SecurityDesigning Flexibility in Software to Increase Security
Designing Flexibility in Software to Increase Security
 
The Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - RothkeThe Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - Rothke
 
School of Computer & Information SciencesITS-532 Cloud Com
School of Computer & Information SciencesITS-532 Cloud ComSchool of Computer & Information SciencesITS-532 Cloud Com
School of Computer & Information SciencesITS-532 Cloud Com
 
Moving Core Business to the Cloud -이덕성 대표 :: AWS 파트너 테크시프트 세미나 Moving Core B...
Moving Core Business to the Cloud -이덕성 대표 :: AWS 파트너 테크시프트 세미나  Moving Core B...Moving Core Business to the Cloud -이덕성 대표 :: AWS 파트너 테크시프트 세미나  Moving Core B...
Moving Core Business to the Cloud -이덕성 대표 :: AWS 파트너 테크시프트 세미나 Moving Core B...
 
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
VMworld 2013: VMware Horizon Workspace at Scale: Deploying to 15,000 VMware E...
 
Secure Cloud Hosting: Real Requirements to Protect your Data
Secure Cloud Hosting: Real Requirements to Protect your DataSecure Cloud Hosting: Real Requirements to Protect your Data
Secure Cloud Hosting: Real Requirements to Protect your Data
 
Algosec 5 more_things_you_can_do_with_a_security_policy_management_solution
Algosec 5 more_things_you_can_do_with_a_security_policy_management_solutionAlgosec 5 more_things_you_can_do_with_a_security_policy_management_solution
Algosec 5 more_things_you_can_do_with_a_security_policy_management_solution
 
Security Design Concepts
Security Design ConceptsSecurity Design Concepts
Security Design Concepts
 
HIT 200-400 presentation handout!.ppt
HIT 200-400 presentation handout!.pptHIT 200-400 presentation handout!.ppt
HIT 200-400 presentation handout!.ppt
 
CISA_WK_4.pptx
CISA_WK_4.pptxCISA_WK_4.pptx
CISA_WK_4.pptx
 
Eliminate the Impact of Planned Downtime on your IBM i
Eliminate the Impact of Planned Downtime on your IBM iEliminate the Impact of Planned Downtime on your IBM i
Eliminate the Impact of Planned Downtime on your IBM i
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
 
Maintenance of Hospital Information System
Maintenance of Hospital Information SystemMaintenance of Hospital Information System
Maintenance of Hospital Information System
 
MineExcellence Drilling Platform
MineExcellence Drilling Platform MineExcellence Drilling Platform
MineExcellence Drilling Platform
 

More from AlgoSec

The state of the cloud csa survey webinar
The state of the cloud csa survey webinarThe state of the cloud csa survey webinar
The state of the cloud csa survey webinar
AlgoSec
 
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
AlgoSec
 
2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar
AlgoSec
 
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.
AlgoSec
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware
AlgoSec
 
Cloud migrations made simpler safe secure and successful migrations
Cloud migrations made simpler   safe secure and successful migrationsCloud migrations made simpler   safe secure and successful migrations
Cloud migrations made simpler safe secure and successful migrations
AlgoSec
 
Microsegmentation from strategy to execution
Microsegmentation from strategy to executionMicrosegmentation from strategy to execution
Microsegmentation from strategy to execution
AlgoSec
 
Build and enforce defense in depth - an algo sec-cisco tetration webinar
Build and enforce defense in depth - an algo sec-cisco tetration webinarBuild and enforce defense in depth - an algo sec-cisco tetration webinar
Build and enforce defense in depth - an algo sec-cisco tetration webinar
AlgoSec
 
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
AlgoSec
 
2020 04-07 webinar slides -turning network security alerts into action change...
2020 04-07 webinar slides -turning network security alerts into action change...2020 04-07 webinar slides -turning network security alerts into action change...
2020 04-07 webinar slides -turning network security alerts into action change...
AlgoSec
 
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...
AlgoSec
 
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy ManagementCisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
AlgoSec
 
2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solution2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solution
AlgoSec
 
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
AlgoSec
 
Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarCisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
AlgoSec
 
More Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management SuiteMore Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management Suite
AlgoSec
 
2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation final2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation final
AlgoSec
 
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud EnvironmentManaging Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
AlgoSec
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​
AlgoSec
 
Selecting the right security policy management solution for your organization
Selecting the right security policy management solution for your organizationSelecting the right security policy management solution for your organization
Selecting the right security policy management solution for your organization
AlgoSec
 

More from AlgoSec (20)

The state of the cloud csa survey webinar
The state of the cloud csa survey webinarThe state of the cloud csa survey webinar
The state of the cloud csa survey webinar
 
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
 
2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar
 
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware
 
Cloud migrations made simpler safe secure and successful migrations
Cloud migrations made simpler   safe secure and successful migrationsCloud migrations made simpler   safe secure and successful migrations
Cloud migrations made simpler safe secure and successful migrations
 
Microsegmentation from strategy to execution
Microsegmentation from strategy to executionMicrosegmentation from strategy to execution
Microsegmentation from strategy to execution
 
Build and enforce defense in depth - an algo sec-cisco tetration webinar
Build and enforce defense in depth - an algo sec-cisco tetration webinarBuild and enforce defense in depth - an algo sec-cisco tetration webinar
Build and enforce defense in depth - an algo sec-cisco tetration webinar
 
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
 
2020 04-07 webinar slides -turning network security alerts into action change...
2020 04-07 webinar slides -turning network security alerts into action change...2020 04-07 webinar slides -turning network security alerts into action change...
2020 04-07 webinar slides -turning network security alerts into action change...
 
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...
 
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy ManagementCisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
 
2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solution2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solution
 
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
 
Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarCisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
 
More Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management SuiteMore Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management Suite
 
2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation final2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation final
 
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud EnvironmentManaging Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​
 
Selecting the right security policy management solution for your organization
Selecting the right security policy management solution for your organizationSelecting the right security policy management solution for your organization
Selecting the right security policy management solution for your organization
 

Recently uploaded

20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
IndexBug
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
Daiki Mogmet Ito
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
CAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on BlockchainCAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on Blockchain
Claudio Di Ciccio
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
Zilliz
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 

Recently uploaded (20)

20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
CAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on BlockchainCAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on Blockchain
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 

Avoid outages-from-misconfigured-devices-webinar-slides

  • 1. HOW TO AVOID BUSINESS OUTAGES FROM MISCONFIGURED NETWORK DEVICES
  • 2. TOPICS COVERED TODAY • Understanding the problem: misconfigured network devices • Typical change control processes • The Gap between Business and IT Security • Data center migration 2 | Confidential
  • 4. Firewall Breaches 5% Vulnerabilities 95%Misconfiguration THE BALANCING ACT Security Agility Prevent Cyber Attacks
  • 5. Firewall Breaches Data Center Automation5% Vulnerabilities 95%Misconfiguration THE BALANCING ACT 5 Security Agility Prevent Cyber Attacks Enable Business Applications Resource Timeto Provision Server Minutes Storage Minutes Security Access Days/Weeks
  • 6. JUST SOME CONTEXT… 6 | Confidential
  • 7. JUST SOME CONTEXT… 7 | Confidential
  • 8. HOW CAN A DEVICE BE MISCONFIGURED?
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24. SECURITY DEVICE CHANGE CONTROL PROCESS • Understand and map your enterprise infrastructure topology before you make a change • Proactively assess the impact of a change to ensure it does not break connectivity, affect compliance or create a security hole • Avoid common mistakes when making changes to your network security devices and firewalls • Monitor all changes in case there is an outage. You can easily reverse the newest implemented change if necessary • Translate business requirements into the network and security policies that are implemented on firewalls 24 | Confidential
  • 25. TYPICAL SECURITY DEVICE CHANGE CONTROL PROCESS 25 | Confidential Plan Approve ImplementValidate Close Request 1 2 3 4 6 5
  • 26. TYPICAL SECURITY DEVICE CHANGE CONTROL PROCESS 26 | Confidential Plan Approve ImplementValidate Close Request 1 2 3 4 6 5 In some cases, “Recertify”… but that’s a topic for another day
  • 27. TYPICAL SECURITY DEVICE CHANGE CONTROL PROCESS 27 | Confidential Plan Approve ImplementValidate Close Request 1 2 3 4 6 5 • Identify what devices need to be changed • In our example, there are three devices • CheckPoint • Juniper • AWS Server • How did we know?
  • 28. VISIBILITY INTO THE PLANNING STAGE • We understand the topology of the network and the security policies associated with the devices in the path 28 | Confidential
  • 29. Plan Approve ImplementValidate Close Request TYPICAL SECURITY DEVICE CHANGE CONTROL PROCESS 29 | Confidential 1 2 3 4 6 5 • Always perform a risk check BEFORE you approve • Understanding the risk during the approval phase gives you a chance to “replan” the change or deny it if it will cause undue risk to the environment
  • 30. Plan Approve ImplementValidate Close Request TYPICAL SECURITY DEVICE CHANGE CONTROL PROCESS 30 | Confidential 1 2 3 4 6 5 • During the implementation phase consider how to insert the new security rule into the device’s current policy • Add a new rule? • Modify an existing rule? • Create new objects? • Automatically document the rule change
  • 31.
  • 32. Plan Approve ImplementValidate Close Request TYPICAL SECURITY DEVICE CHANGE CONTROL PROCESS 32 | Confidential 1 2 3 4 6 5 • Check the request and validate it is implemented correctly before notifying stakeholders • Was the original request implemented: • In good working order for the entire path, so the requester does not ask for the same information again! • Exactly as requested? • With an overly permissive rule (ie. “any” vs https service)
  • 33. Plan Approve ImplementValidate Close Request TYPICAL SECURITY DEVICE CHANGE CONTROL PROCESS 33 | Confidential 1 2 3 4 6 5 Need to figure out why the change was not implemented correctly
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40. GAP BETWEEN BUSINESS AND IT SECURITY • A simplistic summary of the Business and IT relationship: 1. The business created value for customer’s and has stored this data in databases and allowed users to access the data via applications 2. IT maintains the infrastructure to support the data (databases) and applications. 3. IT Security maintains secure access to data and applications so these assets don’t compromise the value of the business • Without 1, 2 & 3 above, a business would not exist • Applications provide a vehicle to create additional value for their customers • Applications and “data” MUST be secure and maintainable • Application developers and database administrators request security infrastructure changes as business requirements adapt to new customer and market demands • The security change management process has to improve - just like provisioning a web or database server….It only takes minutes now… 40 | Confidential
  • 41. A SIMPLE DIAGRAM WILL DO….PLEASE!!! • The current challenge is that Information security talk a different language than application developers and database administrators (DBA’s) who are requesting application changes • Security architects must bridge the gap between a secure business application and operational disasters • How many organizations can document their business applications so the security team has a prayer in understanding how their applications works? 41 | Confidential
  • 42. A SIMPLE DIAGRAM WILL DO….PLEASE!!! • The diagram to the right can be dynamically created to help document how the application interacts with the network infrastructure • Provides Security Architects with a communication vehicle to start the conversation • Dive one level deeper and understand the security 42 | Confidential
  • 43.
  • 44.
  • 45.
  • 46.
  • 47.
  • 48.
  • 49.
  • 50.
  • 51.
  • 52.
  • 53.
  • 54. DATACENTER AND/OR CLOUD MIGRATION MOTIVES • Upgrade capacity • Save money – server consolidation • Mergers and acquisitions to combine resources 54 | Confidential
  • 55. DATA CENTER (DC) MIGRATION • Requirements for DC • Complete inventory of what needs to move • Official and “unofficial” equipment • Discover the hidden assets via the security policy • New hardware and IP address schemes • Change Firewall Rulebase for transition connectivity • Migrate IPs in DNS servers • After migration is complete, decommission original application • Planning • What if analysis • What applications are using these servers? • What applications are impacted by these firewalls? • What applications are vulnerable to these security issues? 55 | Confidential
  • 56.
  • 57. CUSTOMER PHILOSOPHY IS CHANGING • We currently see connectivity requests being manually planned, assessed, designed and implemented • This needs to change…..and quickly! • How do you manage these 1,000 security change requests? • Customers are moving to agile development & deployment • The Internet of Things is impacting service expectations • We are required to intelligently automate as much of the change process as possible • The bottom line is that security needs to dramatically improve change responsiveness with zero errors at a lower cost! 57 | Confidential
  • 58. SUMMARY • Misconfigured devices can cause outages and security breaches • Use automation and validation to help reduce human errors • Help application developers and information security understand each other by automatically documenting applications and translating security policy rules into flows that everyone can understand • Use “projects” to help accelerate data center migration security policies so that it will be completed on time! 58 | Confidential
  • 59. MORE RESOURCES 59 | Confidential