As enterprise data centers evolve to private and hybrid clouds, orchestration and automation are key to unleashing business agility.
But for most organizations, managing security and application connectivity involves manual, time-consuming processes that are error-prone and slow down the business. Complex application connectivity requirements, bloated firewall policies, poor processes and lack of communication between application developers, network and security teams create business disruptions and expose organizations to risk.
Join AlgoSec and guest Forrester Research to learn how organizations can automate security operations in the data center to manage security at the speed of business. By attending you will learn:
* How the concept of Zero Trust enables the business and minimizes risk
* Why management is the new backplane and security policy orchestration is critical in virtual environments
* How to ensure security policy accuracy throughout data center migration and consolidation projects
* How to securely deploy, maintain and decommission connectivity for data center applications
Unleash Your Potential - Namagunga Girls Coding Club
Simplifying Security Management in the Virtual Data Center
1. How to Accelerate and Simplify Security
Management in the Virtual Data Center
2. Meet our Presenters
Rick Holland
Nimmy Reichenberg
Principal Analyst
Forrester Research Inc.
@rickhholland
VP of Marketing and Strategy
AlgoSec
Nimrod.reichenberg@algosec.com
2
3. The Security Management Balancing Act
Prevent Cyber
Attacks
Enable Business
Applications
Firewall Breaches
Data Center Automation
5% Vulnerabilities
Resource
Server
Security
Minutes
Security
Access
Agility
Minutes
Storage
95% Misconfiguration
Time to
Provision
Days/Weeks
5. Data Center Scenarios
Data Center
Migration/Consolidation
Migrating Applications
to the Cloud
Ongoing Datacenter
Operations
Challenges
Challenges
Challenges
• Reconstructing the security
policy for the new data center
• Ensuring required connectivity
between migrated servers
• Ensuring connectivity between
onsite and cloud application
components
• Removing access no longer
needed for decomissioned
legacy servers
• Ensuring faster service delivery
and improved availability
• Streamlining security policy
change management
• Application-centric risk and
compliance management
Confidential
6. What Customers are Saying
AlgoSec helped us reduce
80% of the time required to
migrate the security of our
applications as part of our
data center consolidation
project
Watch Video
- Bruno Rolleau, Network Security
Architect, Sanofi
Confidential
16. Average Length of Time to Process Application
Connectivity Change
1 week+
7%
3-7 days
11%
1-2 days
13%
up to 1 day
14%
1-3 hours
23%
4-8 hours
18%
8-12 hours
14%
Source: Examining the Impact of Security Management on the Business 2013
25. Concepts of zero trust
All resources are accessed in a secure
manner regardless of location.
Access control is on a “need-to-know”
basis and is strictly enforced.
Verify and never trust.
Visibility: Inspect and log all traffic.
The network is designed from the
inside out.
39. The AlgoSec Suite
Application Owners
Network Operations
Security
AlgoSec Security Management Suite
BusinessFlow
Firewall
Analyzer
Business Application
Connectivity Mgmt
Business
Applications
FireFlow
Security Policy
Change Automation
Security Policy
Analysis & Audit
Security
Infrastructure
Confidential
40. Business Impact
gility
lignment
• Faster security provisioning
of business applications
• Accelerated data center
migrations
• Automated firewall operations
• Effectively react to network
and application changes
• Process changes up to 4x
faster
daptability
• Streamline communication
between teams
• Enable true accountability
and governance
Benefits
Accurate configuration ensures
• Business continuity
• Stronger security posture
• Continuous Compliance
ssurance
Confidential
41. Q&A and Next Steps
The Case & Criteria for ApplicationCentric Security Policy Management
www.algosec.com/application
Simplifying Security Management in
the Virtual Data Center
www.algosec.com/datacenter
Evaluate the AlgoSec Security
Management Suite @
www.algosec.com/eval
42. Managing Security at the Speed of Business
www.AlgoSec.com
Connect with AlgoSec on:
Editor's Notes
The AlgoSec Suite is made up of 3 separate yet tightly integrated products.BusinessFlow provides an application-centric approach to managing the security policy. It discovers and maintains visibility of application connectivity requirements so you canProcess connectivity changes for applications faster and more accuratelySecurely remove access for decommissioned applicationsUnderstand the impact your network security infrastructure has on business applications, and vice-versaBusinessFlow automatically translates vague application connectivity needs into concrete firewall rules that the network teams can implement. Application owners can request connectivity in their language (E.g. connect the webserver to the database) and BusinessFlow discovers what (if any) devices and rules needs to change.Firewall Analyzer connects and understands your security infrastructure, including firewalls from all the leading vendors, routers, switches and web proxies. Firewall Analyzer pulls configurations from these devices and gives you complete visibility and control of your policy to automate and streamline daily firewall operations such as –Troubleshooting (E.g. Which firewall(s) and rule(s) are blocking traffic from point A to point B)AuditingBaseline configuration complianceRisky rule analysis and much moreThe third and final component of the suite is FireFlow, which automates the security change process. FireFlow adds network and firewall intelligence to the change process, and complements ticketing systems such as Remedy and ServiceNow, so you can process changes 2x-4x faster and with greater accuracy.Capabilities include automatically discovering devices and rules that need to change and automatically closing changes which “already work” – as many as 30% of requests! Optimal design of new rules and object minimize policy clutter, and automatic validation of correct implementation eliminates re-opening of tickets.FireFlow also guarantees continuous compliance by proactively simulating and checking every change before it is implements. With this approach, organizations ensure they are compliant at all times and do not have to resort to periodic “house cleaning” projects in time for an audit.