automated network security policy changes for speed and compliance
•Transferir como PPTX, PDF•
0 gostou•738 visualizações
In this webinar, Asher Benbenisty, Director of Product Marketing at AlgoSec, will show how even the most complex security policies can be updated automatically and coherently across the network without introducing new problems. Webinar participants will learn how to achieve: Powerful and convenient policy automation without human intervention Rapid application delivery that improves business agility Reduced risk while updating network security policies
Recomendados
Recomendados
Mais conteúdo relacionado
Mais de AlgoSec
Mais de AlgoSec (20)
Último
Último (20)
automated network security policy changes for speed and compliance
- 1. AUTOMATED NETWORK SECURITY POLICY CHANGES FOR SPEED AND COMPLIANCE Asher Benbenisty Director of Product Marketing Miki Weiser Director of Digital Marketing
- 2. WELCOME Have a question? Submit it via the chat This webinar is being recorded! Slides and recording will be sent to you after the webinar 2
- 3. JACK – CISO AT A BIG RETAILER
- 4. JACK’S CHALLENGES NETWORK SECURITY COMPLEXITY CHANGES TO THE NETWORK SECURITY HACKER ATTACKS
- 6. RUN FASTER! Constant demand for better business agility Deliver in minutes/hours, not weeks/months Technology enablers Continuous Integration/ Deployment, DevOps Virtualization Cloud, Software Defined Networking (SDN)
- 7. PROTECT YOUR NETWORK BETTER! • Attacks and breaches are constantly on the rise, and getting more sophisticated • Security must be stronger and tighter • Otherwise, you can expect • Service outages • Critical data leakage • Audits will fail • Your name in the news • Lack of enablers for Network Security
- 8. Which challenge is most prominent in your organization? • Network complexity • Increased number of change requests coming from business units • Increase in hacker attempts • Lack of technology enablers for the network security team Please vote using the “Votes from Audience” tab in your BrightTALK panel
- 9. STANDARDIZE & AUTOMATE • Standardize your network security change process • Keep an audit trial of the change process • Automate the change process
- 10. STANDARDIZE YOUR CHANGE PROCESS Request a network change Map devices in path Check for risks involved Plan the rules Implement the change on the devices Validate the change
- 11. MAP DEVICES IN PATH Find which security devices are in the path and are blocking the requested traffic • Firewall policies • Router ACLs • SDN segmentation • Cloud security groups
- 12. CHECK FOR RISKS INVOLVED • Define allowed connectivity between zones • Whatever is not pre-approved should raise a risk
- 13. PLAN THE RULES • Vendor-specific decisions – choose policy, zones, ACLs, objects • Implement optimally (avoid rule/object duplications) • Enforce naming conventions and best practices
- 14. IMPLEMENT THE CHANGE ON THE DEVICES • Push change to device management (via APIs) or directly to the device (CLI), as available REST API
- 15. VALIDATE THE CHANGE Verify that the change was implemented successfully and that the requested traffic is now allowed
- 16. STANDARDIZE & AUTOMATE • Standardize your network security change process • Keep an audit trail of the change process • Automate the change process
- 17. DOCUMENTATION AND LOGGING • Full audit trail • Including human approvals • Compliance and audits • Troubleshooting • Ability to undo changes
- 18. STANDARDIZE & AUTOMATE • Standardize your network security change process • Keep an audit trial of the change process • Automate the change process
- 19. AUTOMATION Automate every step along the change process • Enable zero-touch changes within minutes – business agility • Save time even when human intervention is required • Avoid typos and mistakes • Full and accurate documentation (for audit, undo change)
- 20. In the network security world, what do you find most difficult to achieve ? • Standardization of the change process • Full documentation of the change process • Automation of the change process Please vote using the “votes from audience” tab in your BrightTALK panel
- 21. GETTING STARTED
- 22. DEFINE YOUR SECURITY POLICY • Segmentation • Low risk • Specific environments, business applications, firewalls, requestors • Compliance with organization policy • Compliance with regulatory standards
- 23. TRUST DOES NOT COME IN A DAY • Start with more control • Gradually increase degree of automation • Share quantitative data with all stakeholders • Monitor and fine-tune
- 24. FINE-TUNING • Study statistics • What percentage of changes required human intervention? • Why? • How many SLA breaches? • Consider widening pre-approved policy, if needed Change Requests
- 25. SUMMARY 25 • Today, network security teams are facing 3 main challenges: • Network complexity • Need to perform rapid changes • Increased sophistication and numbers of hacker attacks • Standardization & automation of the change cycle help Jack (and you) overcome the hurdles
- 26. MORE RESOURCES 26 www.algosec.com/resources WHITEPAPERS DATASHEET GARTNER WEBINAR PPT PROF. WOOL COURSE
- 27. Q & A
- 29. Join us October 15-18, Jersey City The premier event for AlgoSec customers and channel partners For more info: https://www.algosec.com/algosummit/
- 31. THANK YOU! marketing@algosec.com Asher Benbenisty Director of Product Marketing Miki Weiser Director of Digital Marketing
Notas do Editor
- Now, let’s open up the floor for some Q & A questions.
- NEED TO UPDATE
- And, before we part – we welcome you to connect with us through our social networks in LinkedIn, Facebook, Twitter and our blog.