Making security policy changes manually is a slow, laborious process which is fraught with risks; it can take several days—sometimes weeks—to process a single change in a complex enterprise environment. When hundreds of changes are required each month, it can be an impossible task!
In this webinar, Yonatan Klein, Director of Product Management at AlgoSec, will discuss how automation can take your security policy management to the next level; delivering the most stringent security change management and control processes, while providing visibility and helping to maximize business agility across your disparate, ever-changing, hybrid cloud enterprise network.
Join the webinar to learn how you can use automation to:
• Discover and map application connectivity to centralize and optimize security policy management
• Migrate application connectivity across data centers, to the cloud, and throughout the DevOps lifecycle
• Ensure your disaster recovery processes for firewalls are secure and up-to-date
• Take an application-centric approach to simplifying firewall rule recertification processes
Attend this webinar to discover how you can reduce the time and effort you spend on managing security, while keeping your all your stakeholders happy – network and security operations teams, application owners, and even C-level executives.
2. WHAT WE’LL COVER TODAY
Managing Network Connectivity throughout the application lifecycle
Managing Disaster Recovery – automatically and securely
01
02
03
Mapping rules and flows to business processes and applications
Making rule recertification an efficient, application-centric process04
Summary and Q&A05
2
11. APPLICATION AND CONNECTIVITY DISCOVERY
Manual Process
Reliable, complete single source of
truth?
Otherwise manual process to identify
each host and flow
Manage information in excel ?
With Automation
Flows identified automatically
Heuristics and hints help identify
matching applications
Integrated into Algosec BusinessFlow
AlgoSec BusinessFlow manages application
information and corresponding flows and
network rules
11 | Confidential
Connectivity needs identified, optimized
13. APPLICATION MIGRATION
Data center migration
13 | Confidential
App migration to the public cloud
App migration between data centers
Consolidation due to M&A
Application lifecycle: Test -> Pre-Production -> Production
14. Which Application Migration Projects Are You Undertaking In Your
Organization?
• Data Center Migration
• Application Migrations To The Public Cloud
• Application Migrations Between Data Centers
• Application Life-cycle (e.g. Dev/Test->Pre-Prod->Prod)
• Other
POLL
Please vote using the “votes from audience” tab in your BrightTALK panel
14
15. APP. MIGRATION AUTOMATED WORKFLOW
15 | Confidential
Create a migration
workflow
Map source to
target IPs
Evaluate potential
vulnerability and
risk impact
Apply the changes
01 02 03 04
Migration
Done!
05
App Decomission
Workflow
Mark flow to
decomission
ABF automatically
validates no impact
on other apps
Apply the changes Decommission
Done!
01 02 03 04 05
19. APPLICATION MIGRATION
19 | Confidential
Manual Process
Find all flows related to application
Locate all effected firewalls
Find all relevant rules
With Automation
Start a migration workflow - Match
source network object with target
Execute changes: create new flows
Execute changes: decommission old
flows
Change management process for new rules
Repeat process for old rule decommission
21. DISASTER RECOVERY DEVICES / PATHS
• Firewalls may be deployed in a geographic
redundancy model to ensure reliable and
secure connectivity.
• For devices without a central
management system, maintaining the pair
synced is a real challenge
• AlgoSec allows you to define DR-Sets:
groups of devices that must always share
the same policy
• Maintain consistency without any manual
work and human errors
21| Confidential
CM
RA1
Device A
Geographical distribution architecture
Device B
24. How many times a year do you recertify your firewall
rules?
• On a project basis
• Once a year
• Twice a year
• Once every 2 years
• Other
POLL
Please vote using the “votes from audience” tab in your BrightTALK panel
24
1.On a project basis
25. WHY FIREWALL RULES BECOME REDUNDANT
An application is
decommissioned
An application is
upgraded and uses
different services/ ports
An endpoint is moved to a
different datacenter
Decommissioning of outdated rules is best practice:
• Security: reduce attack surface and risk
• Compliance: periodic reviews are mandated
26. 26 | Confidential
TRADITIONAL METHODOLOGY
REVIEW
the firewall logs
and determine
when the rule was
last used
READ
the comments to
see who
requested the rule
and which
application it
serves
VALIDATE
that the
application is not
in use with the
relevant contact
REMOVE
the rule or extend
the expiration
date
31. RULE DECOMMISSIONING
Manual Process
Manage each rule separately
Bombarded by rule recertification
notifications
Problematic to track rules to
originating purpose
With Automation
Business application expiration date
Timely configured notification – per
application
Single click to decommission or
extend expiration date
32. SUMMARY
• Identifying assets and their connectivity is not trivial
• Auto-discovery is key for informed connectivity management
• Network security operations are complex
• Automation helps meet customers needs and ensures a secure network
• A high-end solution is designed to automate key use-cases with business-
centric security policy management capabilities
• Example for common use-cases managed by Algosec:
• Firewall devices in DR mode
• Application life-cycle and migration
• Application-centric approach to rule recertification
32 | Confidential