Documente Academic
Documente Profesional
Documente Cultură
Our Speakers
Eric Ogren Principal Analyst The Ogren Group Nimmy Reichenberg VP Strategy AlgoSec
We Need to Evolve!
Complexity
Modern Threats
Speed of Business
Level 3 - Advanced
Level 2 - Emerging Level 1 - Initial
Assess
Evaluate Implement
8
Poll
9
Level 1 - Initial
Limited understanding of why each rule is in place
Change management is manual; many changes must be redone Limited visibility of impact to network traffic Time-consuming audits Rules are rarely deleted for fear of breaking something Manual risk analysis of the firewall policy
10
Level 2 - Emerging
Automated monitoring and alerting of policy changes
Real-time, up-to-date topology visibility
2. Measure the time required for each step of a change request to identify bottlenecks
3. Conduct reconciliation between requests and changes made to identify out-of-process changes 4. Assess the value of automation as part of a firewall- and network-aware change process
13
Level 3 - Advanced
Automated change process improves business agility
Continuous compliance Out-of-process changes are discovered and already works change requests are automatically closed Basic documentation and limited visibility of application connectivity needs (E.g. spreadsheets) Poor communications with business stakeholders and application owners
14
Level 4 - Visionary
Fast and efficient security provisioning of business applications Application, security and operations teams are aligned Secure decommissioning of applications; removing rules no longer in use No application outages due to firewall misconfigurations View of risk from the application perspective
16
Poll
18
Confidentia 19 l
Business Applications
Security Infrastructure
20
BusinessFlow
Business Application Connectivity Mgmt
FireFlow
Security Policy Change Automation
Firewall Analyzer
Security Policy Analysis & Audit
Business Applications
Security Infrastructure
21