In this webinar, Jonathan Gold Shalev, Senior Product Manager, will discuss how you to harness the power of Cisco ACI with a holistic, business-driven, security-management approach covering all the organization’s network security controls. Join this webinar to understand how to:
Gain visibility into the Cisco ACI security environment as part of the overall network security posture
Deliver applications fast by automating network-wide changes including changes to the ACI Fabric, and taking care of security controls with a zero-touch workflow
Assess and continuously assure the compliance of your ACI Fabric
Generate audit-ready regulatory compliance reports for the entire Cisco ACI Fabric along with the rest of your network
2. Welcome
Have a question? Submit it via the chat
This webinar is being recorded!
Slides and recording will be sent to you after the
webinar
marketing@algosec.com
2
3. Agenda
AlgoSec
Overview
Visibility to the
ACI Contracts
and EPGs
Zero-touch
application
delivery across
the hybrid
network
Continuous Risk
and Compliance
Assessment of
the ACI Fabric
How to reduce the
scope of your audit
and instantly
generate audit-ready
reports
3
4. AlgoSec enables
companies to align
security with their
business processes
Business-driven
Agility
Business-driven Visibility
Business-driven Security
BUSINESS DRIVEN SECURITY
MANAGEMENT
4
5. Business-Driven Security Business-Driven Agility
Business-Driven Network Security Policy Management
Unified Visibility Across Cloud, SDN & On-Premise Enterprise Networks
BUSINESS-DRIVEN SECURITY
MANAGEMENT
Use cases
5
Auditing &
Compliance
Risk
Management
Business
Continuity
Cloud
Migration
Change
Management
Incident
Response
DevOpsMicro-
Segmentation
Digital
Transformation
7. • Thinking about it
• Actively Testing
• Moved to production in the last 6 months
• In Production for more than 6 months
POLL #1:
Where are you with deploying ACI in Your
Network?
Please vote using the “Votes from Audience” tab in your
BrightTALK panel
7
9. Solution architecture
9
Perimeter & Upstream
FWs
ACI
Data Center
Data Center FWs (L4-L7 services)
• Visibility & Compliance
• Automatic Provisioning
• Business Applications
10. Visibility to the ACI Contracts (and more)
Security Policy Visibility Across The Entire Network
• Browse and filter the ACI Contracts
• Understand whether the Contracts allow/block certain traffic
• View alongside other security policies
10
Real Time Monitoring Of Changes
• Application Profiles, Contracts, EPGs
and Filters
• React fast to out of band changes in
underlying firewalls
16. • Continuous visibility to the network risk
posture of your ACI fabric
• Group reporting for the security posture of
the entire network
• Based on the organization’s Risk Profile
• Regulatory Compliance (e.g., PCI, GDPR)
• C-Level charts and dashboards
• What-if risk analysis to avoid new risks
during change management
Risk and compliance
Assessment
16
24. • We are still not in production
• 5-10 changes a month
• 5-10 changes a week
• More than tens per week
POLL #2:
How Frequently do you change ACI contracts?
Please vote using the “Votes from Audience” tab in your
BrightTALK panel
24
25. • Business application owners discover and define
the application flows
• Instant visibility whether or not each flow is
allowed in the network
• Change requests submitted in simple flow
language
• Change requests are translated to network
language
• Go through a zero-touch and fully-audited
workflow until implemented
• Application discovery, definition and change are all
available via APIs
Application Connectivity
Management
25
Security Is
No Longer
A Bottleneck!
27. • Automatic detection of security controls requiring
change
• Proactive what-if risk analysis for every request
• Automatic generation of Implementation
instructions
• Automatic push of the recommended changes to
the security controls
• Validation - the traffic is allowed and properly
implemented
• Full audit of every step of the workflow
• Security is no longer a bottleneck
Zero-Touch
Fully-Audited Workflow
27
35. 35
Zero-Touch
• Application creation / change is available via APIs
• The change workflow can run zero-touch
• Fully customizable to define exceptions
• Certain devices require manual approval
• Certain risk levels need manager approval
• And many more
• Fully integrated with DevOps solutions for rapid application delivery
37. AlgoSec’s Connectivity and Compliance
App
37
Instant
visibility to the
ACI PCI
compliance
level
Verification
that a contract
is allowed
throughout
the network
In case it is not
– easily
submit a
change
request to
allow it
Instant
visibility to the
ACI risk level
01 03 0402
39. Q & A
Request a Demo, or send your questions to: marketing@algosec.com
40. summary
• Visibility to the ACI Contracts and EPGs
• Continuous Risk and Compliance
Assessment of the ACI Fabric
• Zero-touch application delivery across the
hybrid network
• ACI App Center - the AlgoSec App
40
42. UPCOMING EVENTS
42
SEPTEMBER & OCTOBER
WEBINARS
www.algosec.com/webinars
ALGOSUMMIT AMERICAS
OCT 15-18
The premier event for
AlgoSec customers and channel partners
www.algosec.com/algosummit
• Sept 17 – Selecting the Right Security Policy
Management Solutions (Kyle Wickert, Worldwide
Strategic Architect)
• Oct 11 – Automated Security Policy Management
Allows Financial Institutions to make the Triple Play
(Asher Benbenisty, Director of Product Marketing)
• Oct 25 – Managing Effective Security Policies
Across Hybrid and Multi-Cloud Environments (Yitzy
Tannenbaum, Product Marketing Manager)
43. 43
Join our community
Follow us for the latest on security policy management trends, tips & tricks, best
practices, thought leadership, fun stuff, prizes and much more!
Subscribe to our YouTube channel for a
wide range of educational videos presented
by Professor Wool
youtube.com/user/AlgoSe
c
linkedin.com/company/AlgoSec
facebook.com/AlgoSec
twitter.com/AlgoSec
www.AlgoSec.com/blog