SlideShare a Scribd company logo

Simplifying Security Management in the Virtual Data Center

Download as PPTX, PDF
AlgoSec
AlgoSec

As enterprise data centers evolve to private and hybrid clouds, orchestration and automation are key to unleashing business agility. But for most organizations, managing security and application connectivity involves manual, time-consuming processes that are error-prone and slow down the business. Complex application connectivity requirements, bloated firewall policies, poor processes and lack of communication between application developers, network and security teams create business disruptions and expose organizations to risk. Join AlgoSec and guest Forrester Research to learn how organizations can automate security operations in the data center to manage security at the speed of business. By attending you will learn: * How the concept of Zero Trust enables the business and minimizes risk * Why management is the new backplane and security policy orchestration is critical in virtual environments * How to ensure security policy accuracy throughout data center migration and consolidation projects * How to securely deploy, maintain and decommission connectivity for data center applications

Technology
1 of 42
How to Accelerate and Simplify Security Management in the Virtual Data Center
Meet our Presenters Rick Holland Nimmy Reichenberg Principal Analyst Forrester Research Inc. @rickhholland VP of Marketing and Strategy AlgoSec Nimrod.reichenberg@algosec.com 2
The Security Management Balancing Act Prevent Cyber Attacks Enable Business Applications Firewall Breaches Data Center Automation 5% Vulnerabilities Resource Server Security Minutes Security Access Agility Minutes Storage 95% Misconfiguration Time to Provision Days/Weeks
Source: The State of Network Security 2013
Data Center Scenarios Data Center Migration/Consolidation Migrating Applications to the Cloud Ongoing Datacenter Operations Challenges Challenges Challenges • Reconstructing the security policy for the new data center • Ensuring required connectivity between migrated servers • Ensuring connectivity between onsite and cloud application components • Removing access no longer needed for decomissioned legacy servers • Ensuring faster service delivery and improved availability • Streamlining security policy change management • Application-centric risk and compliance management Confidential
What Customers are Saying AlgoSec helped us reduce 80% of the time required to migrate the security of our applications as part of our data center consolidation project Watch Video - Bruno Rolleau, Network Security Architect, Sanofi Confidential
Simplifying Security Management in the Virtual Datacenter Rick Holland, Principal Analyst Tuesday October 22, 2013 @rickhholland
Agenda › The virtual datacenter is coming › Prepare for it & implement a Zero Trust network › How to overcome operational friction © 2013 Forrester Research, Inc. Reproduction Prohibited 8
IT budget allocation 40% of the 2013 enterprise IT Enterprises make significant investments in hardware and infrastructure budget went to hardware and infrastructure, on average. Base: 878 enterprise IT hardware decision-makers © 2013 Forrester Research, Inc. Reproduction Prohibited 9
Hardware & infrastructure budget Budget % The datacenter and servers account for 67% of the hardware and infrastructure budget 16% Systems management 17% Storage 18% 23% 26% Data center networking equipment Servers and server operating systems Data center and IT facilities Base: 842 enterprise IT hardware decision-makers © 2013 Forrester Research, Inc. Reproduction Prohibited 10
Profit, margin, revenue Firms are looking to reduce expenses while enabling the business
Consolidation reduces expenses 63% plan data center consolidation “Which of the following initiatives are likely to be your firm’s/organization’s top hardware/IT infrastructure priorities over the next 12 months?” High priority Critical priority Maintain or implement broad use of server virtualization 52% 52% Consolidate IT infrastructure via… Automate the management of virtualized servers to … 25% 25% 48% 20% Purchase or upgrade disaster recovery and business… 42% Consolidate IT infrastructure via data center… 42% 21% Develop a comprehensive cloud strategy for IT… 41% 21% Build an internal private cloud operated by IT Use public cloud platform(s) (IaaS and/or PaaS) at a… 24% 36% 33% 19% 16% Base: 1,083 enterprise IT hardware decision-makers Source: Forrsights Hardware Survey, Q3 2013 © 2013 Forrester Research, Inc. Reproduction Prohibited 12
Virtualization enables the business “Which of the following initiatives are likely to be your firm’s/organization’s top hardware/IT infrastructure priorities over the next 12 months?” Respondents who selected “High priority” or “Critical priority” High priority Critical priority Maintain or implement broad use of server virtualization 52% 52% Consolidate IT infrastructure via… Automate the management of virtualized servers to … 25% 25% 48% 20% Purchase or upgrade disaster recovery and business… 42% Consolidate IT infrastructure via data center… 42% 21% Develop a comprehensive cloud strategy for IT… 41% 21% Build an internal private cloud operated by IT Use public cloud platform(s) (IaaS and/or PaaS) at a… 24% 36% 33% 19% 16% Base: 1,083 enterprise IT hardware decision-makers Source: Forrsights Hardware Survey, Q3 2013 © 2013 Forrester Research, Inc. Reproduction Prohibited 13
And security pros are concerned “How concerned are you with the risk that the following initiatives or technologies could introduce in your firm?” Respondents who selected “4” or “5 – Very concerned” 2013 (N = 955) 2012 (N = 1,124) 43% Application virtualization Desktop virtualization Virtualization in the data center (e.g., storage, server) 23% 38% 19% 45% 26% Base: North American and European enterprise IT security decision-makers Source: Forrsights Security Survey, Q2 2013; Forrsights Security Survey, Q2 2012 © 2013 Forrester Research, Inc. Reproduction Prohibited 14
No shortage of virtualization concerns “How concerned is your firm with the following for virtual environments?” Respondents who selected “4” or “5 – Very concerned” 2013 (N = 576) 2012 (N = 586) Complexity of virtual environment Attacks against virtualization infrastructure including hypervisor 54% 43% 53% 30% Configuration management within the virtual environment Insider threat resulting from lack of separation of duties for privileged users Limited visibility into virtual environment 55% 40% Maintaining compliance within the virtual environment Virtual environments in general 56% 42% 38% 38% 33% 53% 51% 49% Base: North American and European enterprise IT security decision-makers Source: Forrsights Security Survey, Q2 2013; Forrsights Security Survey, Q2 2012 © 2013 Forrester Research, Inc. Reproduction Prohibited 15
Average Length of Time to Process Application Connectivity Change 1 week+ 7% 3-7 days 11% 1-2 days 13% up to 1 day 14% 1-3 hours 23% 4-8 hours 18% 8-12 hours 14% Source: Examining the Impact of Security Management on the Business 2013
What do these trends mean for security professionals? Virtualization should be a top priority for your security organization If you lack visibility, you cannot understand the risk implications of the virtual data center You must understand how your applications communicate You need an operationally effective means to do this © 2013 Forrester Research, Inc. Reproduction Prohibited 17
Time for a new strategy Get with the program
Agenda › The virtual datacenter is coming › Prepare for it & implement a Zero Trust network › How to overcome operational friction © 2013 Forrester Research, Inc. Reproduction Prohibited 19
Which one goes to the Internet? UNTRUSTED TRUSTED
Zero Trust UNTRUSTED UNTRUSTED
Concepts of zero trust All resources are accessed in a secure manner regardless of location. Access control is on a “need-to-know” basis and is strictly enforced. Verify and never trust. Visibility: Inspect and log all traffic. The network is designed from the inside out.
Visibility: inspect and log all traffic Enterprises struggle with visibility inside the traditional data center Visibility into the resources within the virtual data center is even more of a challenge Can you see into application communications within your virtual environment? What about intra-vm communications? © 2013 Forrester Research, Inc. Reproduction Prohibited 26
The network is designed from the inside out Visibility is required to design networks We need a data centric approach, and data exists within applications If you don’t understand how applications communicate how can you securely enable them We are strategic when we design networks around critical data within applications © 2013 Forrester Research, Inc. Reproduction Prohibited 27
Zero Trust › Understanding applications (data) is the foundation of Zero Trust network design. › Architecting Zero Trust networks is ideal when consolidating data centers and virtualizing applications. › But the traditional approaches to enabling applications and segmenting networks aren’t effective and don’t scale. © 2013 Forrester Research, Inc. Reproduction Prohibited 28
Confidential
Confidential
Confidential
Agenda › The virtual datacenter is coming › Prepare for it & implement a Zero Trust network › How to overcome operational friction © 2013 Forrester Research, Inc. Reproduction Prohibited 32
Its all about operations Understand that if operational requirements are too great, solution WON’T be maximized © 2013 Forrester Research, Inc. Reproduction Prohibited 33
What inhibits this? Self imposed operational friction › Bad for the business and bad operations • Complex application communication requirements • Bloated firewall rule sets • Lack of tools • Immature process and oversight • Poor communication between information security, application owners and network operations © 2013 Forrester Research, Inc. Reproduction Prohibited 34
You need a solution that reduces friction What to look for in a solution Application discovery function Function that speeds the discovery of application communications Self service Ability for application owners to request provisioning/deprovisioning of applications Integrations No point solutions here, look for offerings that integrate into your firewall and change management solutions Virtualization capable Must be able to enable automation within the virtual data center. Solution must be scalable enough to address nuances of virtual environment. © 2013 Forrester Research, Inc. Reproduction Prohibited 35
Technology is only one aspect › We cannot forget about the other areas › Foster relationships › Look for technologies solutions that facilitate oversight, people and process activities © 2013 Forrester Research, Inc. Reproduction Prohibited Oversight Process People Technology 36
Looking ahead › If you can’t securely enable applications within your own data center, how can you expect to be successful in the cloud? © 2013 Forrester Research, Inc. Reproduction Prohibited 37
Thank you Rick Holland rholland@forrester.com Twitter: @rickhholland
The AlgoSec Suite Application Owners Network Operations Security AlgoSec Security Management Suite BusinessFlow Firewall Analyzer Business Application Connectivity Mgmt Business Applications FireFlow Security Policy Change Automation Security Policy Analysis & Audit Security Infrastructure Confidential
Business Impact gility lignment • Faster security provisioning of business applications • Accelerated data center migrations • Automated firewall operations • Effectively react to network and application changes • Process changes up to 4x faster daptability • Streamline communication between teams • Enable true accountability and governance Benefits Accurate configuration ensures • Business continuity • Stronger security posture • Continuous Compliance ssurance Confidential
Q&A and Next Steps The Case & Criteria for ApplicationCentric Security Policy Management www.algosec.com/application Simplifying Security Management in the Virtual Data Center www.algosec.com/datacenter Evaluate the AlgoSec Security Management Suite @ www.algosec.com/eval
Managing Security at the Speed of Business www.AlgoSec.com Connect with AlgoSec on:

Recommended

Avoid outages-from-misconfigured-devices-webinar-slides
Avoid outages-from-misconfigured-devices-webinar-slidesAvoid outages-from-misconfigured-devices-webinar-slides
Avoid outages-from-misconfigured-devices-webinar-slidesAlgoSec
 
Shift Happens: Eliminating the Risks of Network Security Policy Changes
Shift Happens: Eliminating the Risks of Network Security Policy ChangesShift Happens: Eliminating the Risks of Network Security Policy Changes
Shift Happens: Eliminating the Risks of Network Security Policy ChangesAlgoSec
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextAlgoSec
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveAlgoSec
 
5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to PracticeAlgoSec
 
Taking the fire drill out of making firewall changes
Taking the fire drill out of making firewall changesTaking the fire drill out of making firewall changes
Taking the fire drill out of making firewall changesAlgoSec
 
Top PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
Top PCI Pitfalls and How to Avoid Them: The QSA’s PerspectiveTop PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
Top PCI Pitfalls and How to Avoid Them: The QSA’s PerspectiveAlgoSec
 
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and RoutersEnsuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and RoutersAlgoSec
 

Recommended

Avoid outages-from-misconfigured-devices-webinar-slides
Avoid outages-from-misconfigured-devices-webinar-slidesAvoid outages-from-misconfigured-devices-webinar-slides
Avoid outages-from-misconfigured-devices-webinar-slidesAlgoSec
 
Shift Happens: Eliminating the Risks of Network Security Policy Changes
Shift Happens: Eliminating the Risks of Network Security Policy ChangesShift Happens: Eliminating the Risks of Network Security Policy Changes
Shift Happens: Eliminating the Risks of Network Security Policy ChangesAlgoSec
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextAlgoSec
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveAlgoSec
 
5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to PracticeAlgoSec
 
Taking the fire drill out of making firewall changes
Taking the fire drill out of making firewall changesTaking the fire drill out of making firewall changes
Taking the fire drill out of making firewall changesAlgoSec
 
Top PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
Top PCI Pitfalls and How to Avoid Them: The QSA’s PerspectiveTop PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
Top PCI Pitfalls and How to Avoid Them: The QSA’s PerspectiveAlgoSec
 
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and RoutersEnsuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and RoutersAlgoSec
 
A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management a technical perspec...A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management a technical perspec...AlgoSec
 
BeyondCorp and Zero Trust
BeyondCorp and Zero TrustBeyondCorp and Zero Trust
BeyondCorp and Zero TrustIvan Dwyer
 
A Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
A Pragmatic Approach to Network Security Across Your Hybrid Cloud EnvironmentA Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
A Pragmatic Approach to Network Security Across Your Hybrid Cloud EnvironmentAlgoSec
 
Dos and Don’ts for Managing External Connectivity to/from Your Network
Dos and Don’ts for Managing External Connectivity to/from Your NetworkDos and Don’ts for Managing External Connectivity to/from Your Network
Dos and Don’ts for Managing External Connectivity to/from Your NetworkAlgoSec
 
Algo sec suite overview 2013 05
Algo sec suite overview 2013 05Algo sec suite overview 2013 05
Algo sec suite overview 2013 05hoanv
 
BeyondCorp and Zero Trust
BeyondCorp and Zero TrustBeyondCorp and Zero Trust
BeyondCorp and Zero TrustIvan Dwyer
 
Intent Based Networking: turning intentions into reality with network securit...
Intent Based Networking: turning intentions into reality with network securit...Intent Based Networking: turning intentions into reality with network securit...
Intent Based Networking: turning intentions into reality with network securit...shira koper
 
2019 02-20 micro-segmentation based network security strategies (yoni geva)
2019 02-20 micro-segmentation based network security strategies (yoni geva)2019 02-20 micro-segmentation based network security strategies (yoni geva)
2019 02-20 micro-segmentation based network security strategies (yoni geva)AlgoSec
 
compliance made easy. pass your audits stress-free webinar
compliance made easy. pass your audits stress-free webinarcompliance made easy. pass your audits stress-free webinar
compliance made easy. pass your audits stress-free webinarAlgoSec
 
Security Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlSecurity Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlAlgoSec
 
AWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAlgoSec
 
Put out audit security fires, pass audits -every time
Put out audit security fires, pass audits -every time Put out audit security fires, pass audits -every time
Put out audit security fires, pass audits -every time AlgoSec
 
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...centralohioissa
 
Algosec security policy management for financial institutions
Algosec security policy management for financial institutionsAlgosec security policy management for financial institutions
Algosec security policy management for financial institutionsMaytal Levi
 
Tying cyber attacks to business processes, for faster mitigation
Tying cyber attacks to business processes, for faster mitigation Tying cyber attacks to business processes, for faster mitigation
Tying cyber attacks to business processes, for faster mitigation Maytal Levi
 
Managing application connectivity securely through a merger or acquisition – ...
Managing application connectivity securely through a merger or acquisition – ...Managing application connectivity securely through a merger or acquisition – ...
Managing application connectivity securely through a merger or acquisition – ...AlgoSec
 
Survival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationSurvival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationTripwire
 
BeyondCorp - Google Security for Everyone Else
BeyondCorp - Google Security for Everyone ElseBeyondCorp - Google Security for Everyone Else
BeyondCorp - Google Security for Everyone ElseIvan Dwyer
 
Jason Kent - AppSec Without Additional Tools
Jason Kent - AppSec Without Additional ToolsJason Kent - AppSec Without Additional Tools
Jason Kent - AppSec Without Additional Toolscentralohioissa
 
5 things you didnt know you could do with security policy management
5 things you didnt know you could do with security policy management5 things you didnt know you could do with security policy management
5 things you didnt know you could do with security policy managementAlgoSec
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust
 
Rethinking Security: The Cloud Infrastructure Effect
Rethinking Security: The Cloud Infrastructure EffectRethinking Security: The Cloud Infrastructure Effect
Rethinking Security: The Cloud Infrastructure EffectCloudPassage
 

More Related Content

What's hot

A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management a technical perspec...A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management a technical perspec...AlgoSec
 
BeyondCorp and Zero Trust
BeyondCorp and Zero TrustBeyondCorp and Zero Trust
BeyondCorp and Zero TrustIvan Dwyer
 
A Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
A Pragmatic Approach to Network Security Across Your Hybrid Cloud EnvironmentA Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
A Pragmatic Approach to Network Security Across Your Hybrid Cloud EnvironmentAlgoSec
 
Dos and Don’ts for Managing External Connectivity to/from Your Network
Dos and Don’ts for Managing External Connectivity to/from Your NetworkDos and Don’ts for Managing External Connectivity to/from Your Network
Dos and Don’ts for Managing External Connectivity to/from Your NetworkAlgoSec
 
Algo sec suite overview 2013 05
Algo sec suite overview 2013 05Algo sec suite overview 2013 05
Algo sec suite overview 2013 05hoanv
 
BeyondCorp and Zero Trust
BeyondCorp and Zero TrustBeyondCorp and Zero Trust
BeyondCorp and Zero TrustIvan Dwyer
 
Intent Based Networking: turning intentions into reality with network securit...
Intent Based Networking: turning intentions into reality with network securit...Intent Based Networking: turning intentions into reality with network securit...
Intent Based Networking: turning intentions into reality with network securit...shira koper
 
2019 02-20 micro-segmentation based network security strategies (yoni geva)
2019 02-20 micro-segmentation based network security strategies (yoni geva)2019 02-20 micro-segmentation based network security strategies (yoni geva)
2019 02-20 micro-segmentation based network security strategies (yoni geva)AlgoSec
 
compliance made easy. pass your audits stress-free webinar
compliance made easy. pass your audits stress-free webinarcompliance made easy. pass your audits stress-free webinar
compliance made easy. pass your audits stress-free webinarAlgoSec
 
Security Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlSecurity Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlAlgoSec
 
AWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAlgoSec
 
Put out audit security fires, pass audits -every time
Put out audit security fires, pass audits -every time Put out audit security fires, pass audits -every time
Put out audit security fires, pass audits -every time AlgoSec
 
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...centralohioissa
 
Algosec security policy management for financial institutions
Algosec security policy management for financial institutionsAlgosec security policy management for financial institutions
Algosec security policy management for financial institutionsMaytal Levi
 
Tying cyber attacks to business processes, for faster mitigation
Tying cyber attacks to business processes, for faster mitigation Tying cyber attacks to business processes, for faster mitigation
Tying cyber attacks to business processes, for faster mitigation Maytal Levi
 
Managing application connectivity securely through a merger or acquisition – ...
Managing application connectivity securely through a merger or acquisition – ...Managing application connectivity securely through a merger or acquisition – ...
Managing application connectivity securely through a merger or acquisition – ...AlgoSec
 
Survival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationSurvival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationTripwire
 
BeyondCorp - Google Security for Everyone Else
BeyondCorp - Google Security for Everyone ElseBeyondCorp - Google Security for Everyone Else
BeyondCorp - Google Security for Everyone ElseIvan Dwyer
 
Jason Kent - AppSec Without Additional Tools
Jason Kent - AppSec Without Additional ToolsJason Kent - AppSec Without Additional Tools
Jason Kent - AppSec Without Additional Toolscentralohioissa
 
5 things you didnt know you could do with security policy management
5 things you didnt know you could do with security policy management5 things you didnt know you could do with security policy management
5 things you didnt know you could do with security policy managementAlgoSec
 

What's hot (20)

A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management a technical perspec...A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management a technical perspec...
 
BeyondCorp and Zero Trust
BeyondCorp and Zero TrustBeyondCorp and Zero Trust
BeyondCorp and Zero Trust
 
A Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
A Pragmatic Approach to Network Security Across Your Hybrid Cloud EnvironmentA Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
A Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
 
Dos and Don’ts for Managing External Connectivity to/from Your Network
Dos and Don’ts for Managing External Connectivity to/from Your NetworkDos and Don’ts for Managing External Connectivity to/from Your Network
Dos and Don’ts for Managing External Connectivity to/from Your Network
 
Algo sec suite overview 2013 05
Algo sec suite overview 2013 05Algo sec suite overview 2013 05
Algo sec suite overview 2013 05
 
BeyondCorp and Zero Trust
BeyondCorp and Zero TrustBeyondCorp and Zero Trust
BeyondCorp and Zero Trust
 
Intent Based Networking: turning intentions into reality with network securit...
Intent Based Networking: turning intentions into reality with network securit...Intent Based Networking: turning intentions into reality with network securit...
Intent Based Networking: turning intentions into reality with network securit...
 
2019 02-20 micro-segmentation based network security strategies (yoni geva)
2019 02-20 micro-segmentation based network security strategies (yoni geva)2019 02-20 micro-segmentation based network security strategies (yoni geva)
2019 02-20 micro-segmentation based network security strategies (yoni geva)
 
compliance made easy. pass your audits stress-free webinar
compliance made easy. pass your audits stress-free webinarcompliance made easy. pass your audits stress-free webinar
compliance made easy. pass your audits stress-free webinar
 
Security Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlSecurity Change Management: Agility vs. Control
Security Change Management: Agility vs. Control
 
AWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’ts
 
Put out audit security fires, pass audits -every time
Put out audit security fires, pass audits -every time Put out audit security fires, pass audits -every time
Put out audit security fires, pass audits -every time
 
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
 
Algosec security policy management for financial institutions
Algosec security policy management for financial institutionsAlgosec security policy management for financial institutions
Algosec security policy management for financial institutions
 
Tying cyber attacks to business processes, for faster mitigation
Tying cyber attacks to business processes, for faster mitigation Tying cyber attacks to business processes, for faster mitigation
Tying cyber attacks to business processes, for faster mitigation
 
Managing application connectivity securely through a merger or acquisition – ...
Managing application connectivity securely through a merger or acquisition – ...Managing application connectivity securely through a merger or acquisition – ...
Managing application connectivity securely through a merger or acquisition – ...
 
Survival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationSurvival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient Organization
 
BeyondCorp - Google Security for Everyone Else
BeyondCorp - Google Security for Everyone ElseBeyondCorp - Google Security for Everyone Else
BeyondCorp - Google Security for Everyone Else
 
Jason Kent - AppSec Without Additional Tools
Jason Kent - AppSec Without Additional ToolsJason Kent - AppSec Without Additional Tools
Jason Kent - AppSec Without Additional Tools
 
5 things you didnt know you could do with security policy management
5 things you didnt know you could do with security policy management5 things you didnt know you could do with security policy management
5 things you didnt know you could do with security policy management
 

Viewers also liked

HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust
 
Rethinking Security: The Cloud Infrastructure Effect
Rethinking Security: The Cloud Infrastructure EffectRethinking Security: The Cloud Infrastructure Effect
Rethinking Security: The Cloud Infrastructure EffectCloudPassage
 
Transforming the CSO Role to Business Enabler
Transforming the CSO Role to Business EnablerTransforming the CSO Role to Business Enabler
Transforming the CSO Role to Business EnablerCloudPassage
 
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesSecure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesHyTrust
 
Secure Multi Tenancy In the Cloud
Secure Multi Tenancy In the CloudSecure Multi Tenancy In the Cloud
Secure Multi Tenancy In the CloudRoger Xia
 
SDDC Study: SDDC Goes Mainstream
SDDC Study: SDDC Goes MainstreamSDDC Study: SDDC Goes Mainstream
SDDC Study: SDDC Goes MainstreamJason Lackey
 
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?BeyondTrust
 
VMware Outlines Its Own Journey to the Cloud
VMware Outlines Its Own Journey to the CloudVMware Outlines Its Own Journey to the Cloud
VMware Outlines Its Own Journey to the CloudVMware
 
Control the Creep: Streamline Security and Compliance by Sharing the Workload
Control the Creep: Streamline Security and Compliance by Sharing the WorkloadControl the Creep: Streamline Security and Compliance by Sharing the Workload
Control the Creep: Streamline Security and Compliance by Sharing the Workloadaregnerus
 
Enemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessEnemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessBeyondTrust
 
Protecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachProtecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachCA Technologies
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017Ramiro Cid
 

Viewers also liked (13)

HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure
 
Rethinking Security: The Cloud Infrastructure Effect
Rethinking Security: The Cloud Infrastructure EffectRethinking Security: The Cloud Infrastructure Effect
Rethinking Security: The Cloud Infrastructure Effect
 
Transforming the CSO Role to Business Enabler
Transforming the CSO Role to Business EnablerTransforming the CSO Role to Business Enabler
Transforming the CSO Role to Business Enabler
 
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesSecure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
 
Secure Multi Tenancy In the Cloud
Secure Multi Tenancy In the CloudSecure Multi Tenancy In the Cloud
Secure Multi Tenancy In the Cloud
 
SDDC Study: SDDC Goes Mainstream
SDDC Study: SDDC Goes MainstreamSDDC Study: SDDC Goes Mainstream
SDDC Study: SDDC Goes Mainstream
 
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?
 
Outcome of democracy
Outcome of democracyOutcome of democracy
Outcome of democracy
 
VMware Outlines Its Own Journey to the Cloud
VMware Outlines Its Own Journey to the CloudVMware Outlines Its Own Journey to the Cloud
VMware Outlines Its Own Journey to the Cloud
 
Control the Creep: Streamline Security and Compliance by Sharing the Workload
Control the Creep: Streamline Security and Compliance by Sharing the WorkloadControl the Creep: Streamline Security and Compliance by Sharing the Workload
Control the Creep: Streamline Security and Compliance by Sharing the Workload
 
Enemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessEnemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling Access
 
Protecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachProtecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data Breach
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017
 

Similar to Simplifying Security Management in the Virtual Data Center

Moving Enterprise Applications to the Cloud
Moving Enterprise Applications to the CloudMoving Enterprise Applications to the Cloud
Moving Enterprise Applications to the CloudVISI
 
Data Privacy, Security, and Sovereignty in a Cloudy World
Data Privacy, Security, and Sovereignty in a Cloudy WorldData Privacy, Security, and Sovereignty in a Cloudy World
Data Privacy, Security, and Sovereignty in a Cloudy WorldNetskope
 
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...Enterprise Management Associates
 
Building a Foundation for NetSecOps Partnerships with Network Automation
Building a Foundation for NetSecOps Partnerships with Network AutomationBuilding a Foundation for NetSecOps Partnerships with Network Automation
Building a Foundation for NetSecOps Partnerships with Network AutomationEnterprise Management Associates
 
BMC/Forrester Your Cloud Future is Here Webinar
BMC/Forrester Your Cloud Future is Here WebinarBMC/Forrester Your Cloud Future is Here Webinar
BMC/Forrester Your Cloud Future is Here WebinarBMC Software
 
Government and Education Webinar: How the New Normal Could Improve your IT Op...
Government and Education Webinar: How the New Normal Could Improve your IT Op...Government and Education Webinar: How the New Normal Could Improve your IT Op...
Government and Education Webinar: How the New Normal Could Improve your IT Op...SolarWinds
 
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to knowISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to knowPECB
 
Idge dell private cloud2014 qp #1
Idge dell private cloud2014 qp #1Idge dell private cloud2014 qp #1
Idge dell private cloud2014 qp #1jmariani14
 
The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...
The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...
The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...Enterprise Management Associates
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackThousandEyes
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackThousandEyes
 
Network Observability: Delivering Actionable Insights to Network Operations
Network Observability: Delivering Actionable Insights to Network OperationsNetwork Observability: Delivering Actionable Insights to Network Operations
Network Observability: Delivering Actionable Insights to Network OperationsEnterprise Management Associates
 
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid ITOptimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid ITSirius
 
Get ahead of the cloud or get left behind
Get ahead of the cloud or get left behindGet ahead of the cloud or get left behind
Get ahead of the cloud or get left behindMatt Mandich
 
How to Integrate Your Tech Stack for Seamless and Practical Application
How to Integrate Your Tech Stack for Seamless and Practical ApplicationHow to Integrate Your Tech Stack for Seamless and Practical Application
How to Integrate Your Tech Stack for Seamless and Practical ApplicationAggregage
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern
 
MBT Webinar: Does the security of your business data keep you up at night?
MBT Webinar: Does the security of your business data keep you up at night? MBT Webinar: Does the security of your business data keep you up at night?
MBT Webinar: Does the security of your business data keep you up at night? Jorge García
 
NetSecOps: Aligning Networking and Security Teams to Ensure Digital Transform...
NetSecOps: Aligning Networking and Security Teams to Ensure Digital Transform...NetSecOps: Aligning Networking and Security Teams to Ensure Digital Transform...
NetSecOps: Aligning Networking and Security Teams to Ensure Digital Transform...Enterprise Management Associates
 

Similar to Simplifying Security Management in the Virtual Data Center (20)

Moving Enterprise Applications to the Cloud
Moving Enterprise Applications to the CloudMoving Enterprise Applications to the Cloud
Moving Enterprise Applications to the Cloud
 
Data Privacy, Security, and Sovereignty in a Cloudy World
Data Privacy, Security, and Sovereignty in a Cloudy WorldData Privacy, Security, and Sovereignty in a Cloudy World
Data Privacy, Security, and Sovereignty in a Cloudy World
 
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
 
Big Data Impacts on Hybrid Infrastructure and Management
Big Data Impacts on Hybrid Infrastructure and ManagementBig Data Impacts on Hybrid Infrastructure and Management
Big Data Impacts on Hybrid Infrastructure and Management
 
Building a Foundation for NetSecOps Partnerships with Network Automation
Building a Foundation for NetSecOps Partnerships with Network AutomationBuilding a Foundation for NetSecOps Partnerships with Network Automation
Building a Foundation for NetSecOps Partnerships with Network Automation
 
BMC/Forrester Your Cloud Future is Here Webinar
BMC/Forrester Your Cloud Future is Here WebinarBMC/Forrester Your Cloud Future is Here Webinar
BMC/Forrester Your Cloud Future is Here Webinar
 
Government and Education Webinar: How the New Normal Could Improve your IT Op...
Government and Education Webinar: How the New Normal Could Improve your IT Op...Government and Education Webinar: How the New Normal Could Improve your IT Op...
Government and Education Webinar: How the New Normal Could Improve your IT Op...
 
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to knowISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
 
Idge dell private cloud2014 qp #1
Idge dell private cloud2014 qp #1Idge dell private cloud2014 qp #1
Idge dell private cloud2014 qp #1
 
The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...
The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...
The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT Stack
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT Stack
 
Network Observability: Delivering Actionable Insights to Network Operations
Network Observability: Delivering Actionable Insights to Network OperationsNetwork Observability: Delivering Actionable Insights to Network Operations
Network Observability: Delivering Actionable Insights to Network Operations
 
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid ITOptimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
 
Get ahead of the cloud or get left behind
Get ahead of the cloud or get left behindGet ahead of the cloud or get left behind
Get ahead of the cloud or get left behind
 
How to Integrate Your Tech Stack for Seamless and Practical Application
How to Integrate Your Tech Stack for Seamless and Practical ApplicationHow to Integrate Your Tech Stack for Seamless and Practical Application
How to Integrate Your Tech Stack for Seamless and Practical Application
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdf
 
MBT Webinar: Does the security of your business data keep you up at night?
MBT Webinar: Does the security of your business data keep you up at night? MBT Webinar: Does the security of your business data keep you up at night?
MBT Webinar: Does the security of your business data keep you up at night?
 
NetSecOps: Aligning Networking and Security Teams to Ensure Digital Transform...
NetSecOps: Aligning Networking and Security Teams to Ensure Digital Transform...NetSecOps: Aligning Networking and Security Teams to Ensure Digital Transform...
NetSecOps: Aligning Networking and Security Teams to Ensure Digital Transform...
 
The Future of Data Center Network Automation
The Future of Data Center Network AutomationThe Future of Data Center Network Automation
The Future of Data Center Network Automation
 

More from AlgoSec

best practices-managing_security_in_the hybrid cloud
best practices-managing_security_in_the hybrid cloud best practices-managing_security_in_the hybrid cloud
best practices-managing_security_in_the hybrid cloudAlgoSec
 
The state of the cloud csa survey webinar
The state of the cloud csa survey webinarThe state of the cloud csa survey webinar
The state of the cloud csa survey webinarAlgoSec
 
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...AlgoSec
 
2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinarAlgoSec
 
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.AlgoSec
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomwareAlgoSec
 
Cloud migrations made simpler safe secure and successful migrations
Cloud migrations made simpler safe secure and successful migrationsCloud migrations made simpler safe secure and successful migrations
Cloud migrations made simpler safe secure and successful migrationsAlgoSec
 
Microsegmentation from strategy to execution
Microsegmentation from strategy to executionMicrosegmentation from strategy to execution
Microsegmentation from strategy to executionAlgoSec
 
Build and enforce defense in depth - an algo sec-cisco tetration webinar
Build and enforce defense in depth - an algo sec-cisco tetration webinarBuild and enforce defense in depth - an algo sec-cisco tetration webinar
Build and enforce defense in depth - an algo sec-cisco tetration webinarAlgoSec
 
Radically reduce firewall rules with application-driven rule recertification
Radically reduce firewall rules with application-driven rule recertificationRadically reduce firewall rules with application-driven rule recertification
Radically reduce firewall rules with application-driven rule recertificationAlgoSec
 
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...AlgoSec
 
2020 04-07 webinar slides -turning network security alerts into action change...
2020 04-07 webinar slides -turning network security alerts into action change...2020 04-07 webinar slides -turning network security alerts into action change...
2020 04-07 webinar slides -turning network security alerts into action change...AlgoSec
 
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...AlgoSec
 
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy ManagementCisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy ManagementAlgoSec
 
2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solution2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solutionAlgoSec
 
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar finalAlgoSec
 
Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarCisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarAlgoSec
 
More Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management SuiteMore Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management SuiteAlgoSec
 
2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation final2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation finalAlgoSec
 
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud EnvironmentManaging Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud EnvironmentAlgoSec
 

More from AlgoSec (20)

best practices-managing_security_in_the hybrid cloud
best practices-managing_security_in_the hybrid cloud best practices-managing_security_in_the hybrid cloud
best practices-managing_security_in_the hybrid cloud
 
The state of the cloud csa survey webinar
The state of the cloud csa survey webinarThe state of the cloud csa survey webinar
The state of the cloud csa survey webinar
 
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
 
2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar
 
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware
 
Cloud migrations made simpler safe secure and successful migrations
Cloud migrations made simpler safe secure and successful migrationsCloud migrations made simpler safe secure and successful migrations
Cloud migrations made simpler safe secure and successful migrations
 
Microsegmentation from strategy to execution
Microsegmentation from strategy to executionMicrosegmentation from strategy to execution
Microsegmentation from strategy to execution
 
Build and enforce defense in depth - an algo sec-cisco tetration webinar
Build and enforce defense in depth - an algo sec-cisco tetration webinarBuild and enforce defense in depth - an algo sec-cisco tetration webinar
Build and enforce defense in depth - an algo sec-cisco tetration webinar
 
Radically reduce firewall rules with application-driven rule recertification
Radically reduce firewall rules with application-driven rule recertificationRadically reduce firewall rules with application-driven rule recertification
Radically reduce firewall rules with application-driven rule recertification
 
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
 
2020 04-07 webinar slides -turning network security alerts into action change...
2020 04-07 webinar slides -turning network security alerts into action change...2020 04-07 webinar slides -turning network security alerts into action change...
2020 04-07 webinar slides -turning network security alerts into action change...
 
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...
Cessation of Misconfigurations: Common Network Misconfiguration Risks & How t...
 
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy ManagementCisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
 
2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solution2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solution
 
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
 
Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarCisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
 
More Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management SuiteMore Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management Suite
 
2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation final2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation final
 
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud EnvironmentManaging Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
 

Recently uploaded

Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 

Recently uploaded (20)

Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 

Simplifying Security Management in the Virtual Data Center

  • 1. How to Accelerate and Simplify Security Management in the Virtual Data Center
  • 2. Meet our Presenters Rick Holland Nimmy Reichenberg Principal Analyst Forrester Research Inc. @rickhholland VP of Marketing and Strategy AlgoSec Nimrod.reichenberg@algosec.com 2
  • 3. The Security Management Balancing Act Prevent Cyber Attacks Enable Business Applications Firewall Breaches Data Center Automation 5% Vulnerabilities Resource Server Security Minutes Security Access Agility Minutes Storage 95% Misconfiguration Time to Provision Days/Weeks
  • 4. Source: The State of Network Security 2013
  • 5. Data Center Scenarios Data Center Migration/Consolidation Migrating Applications to the Cloud Ongoing Datacenter Operations Challenges Challenges Challenges • Reconstructing the security policy for the new data center • Ensuring required connectivity between migrated servers • Ensuring connectivity between onsite and cloud application components • Removing access no longer needed for decomissioned legacy servers • Ensuring faster service delivery and improved availability • Streamlining security policy change management • Application-centric risk and compliance management Confidential
  • 6. What Customers are Saying AlgoSec helped us reduce 80% of the time required to migrate the security of our applications as part of our data center consolidation project Watch Video - Bruno Rolleau, Network Security Architect, Sanofi Confidential
  • 7. Simplifying Security Management in the Virtual Datacenter Rick Holland, Principal Analyst Tuesday October 22, 2013 @rickhholland
  • 8. Agenda › The virtual datacenter is coming › Prepare for it & implement a Zero Trust network › How to overcome operational friction © 2013 Forrester Research, Inc. Reproduction Prohibited 8
  • 9. IT budget allocation 40% of the 2013 enterprise IT Enterprises make significant investments in hardware and infrastructure budget went to hardware and infrastructure, on average. Base: 878 enterprise IT hardware decision-makers © 2013 Forrester Research, Inc. Reproduction Prohibited 9
  • 10. Hardware & infrastructure budget Budget % The datacenter and servers account for 67% of the hardware and infrastructure budget 16% Systems management 17% Storage 18% 23% 26% Data center networking equipment Servers and server operating systems Data center and IT facilities Base: 842 enterprise IT hardware decision-makers © 2013 Forrester Research, Inc. Reproduction Prohibited 10
  • 11. Profit, margin, revenue Firms are looking to reduce expenses while enabling the business
  • 12. Consolidation reduces expenses 63% plan data center consolidation “Which of the following initiatives are likely to be your firm’s/organization’s top hardware/IT infrastructure priorities over the next 12 months?” High priority Critical priority Maintain or implement broad use of server virtualization 52% 52% Consolidate IT infrastructure via… Automate the management of virtualized servers to … 25% 25% 48% 20% Purchase or upgrade disaster recovery and business… 42% Consolidate IT infrastructure via data center… 42% 21% Develop a comprehensive cloud strategy for IT… 41% 21% Build an internal private cloud operated by IT Use public cloud platform(s) (IaaS and/or PaaS) at a… 24% 36% 33% 19% 16% Base: 1,083 enterprise IT hardware decision-makers Source: Forrsights Hardware Survey, Q3 2013 © 2013 Forrester Research, Inc. Reproduction Prohibited 12
  • 13. Virtualization enables the business “Which of the following initiatives are likely to be your firm’s/organization’s top hardware/IT infrastructure priorities over the next 12 months?” Respondents who selected “High priority” or “Critical priority” High priority Critical priority Maintain or implement broad use of server virtualization 52% 52% Consolidate IT infrastructure via… Automate the management of virtualized servers to … 25% 25% 48% 20% Purchase or upgrade disaster recovery and business… 42% Consolidate IT infrastructure via data center… 42% 21% Develop a comprehensive cloud strategy for IT… 41% 21% Build an internal private cloud operated by IT Use public cloud platform(s) (IaaS and/or PaaS) at a… 24% 36% 33% 19% 16% Base: 1,083 enterprise IT hardware decision-makers Source: Forrsights Hardware Survey, Q3 2013 © 2013 Forrester Research, Inc. Reproduction Prohibited 13
  • 14. And security pros are concerned “How concerned are you with the risk that the following initiatives or technologies could introduce in your firm?” Respondents who selected “4” or “5 – Very concerned” 2013 (N = 955) 2012 (N = 1,124) 43% Application virtualization Desktop virtualization Virtualization in the data center (e.g., storage, server) 23% 38% 19% 45% 26% Base: North American and European enterprise IT security decision-makers Source: Forrsights Security Survey, Q2 2013; Forrsights Security Survey, Q2 2012 © 2013 Forrester Research, Inc. Reproduction Prohibited 14
  • 15. No shortage of virtualization concerns “How concerned is your firm with the following for virtual environments?” Respondents who selected “4” or “5 – Very concerned” 2013 (N = 576) 2012 (N = 586) Complexity of virtual environment Attacks against virtualization infrastructure including hypervisor 54% 43% 53% 30% Configuration management within the virtual environment Insider threat resulting from lack of separation of duties for privileged users Limited visibility into virtual environment 55% 40% Maintaining compliance within the virtual environment Virtual environments in general 56% 42% 38% 38% 33% 53% 51% 49% Base: North American and European enterprise IT security decision-makers Source: Forrsights Security Survey, Q2 2013; Forrsights Security Survey, Q2 2012 © 2013 Forrester Research, Inc. Reproduction Prohibited 15
  • 16. Average Length of Time to Process Application Connectivity Change 1 week+ 7% 3-7 days 11% 1-2 days 13% up to 1 day 14% 1-3 hours 23% 4-8 hours 18% 8-12 hours 14% Source: Examining the Impact of Security Management on the Business 2013
  • 17. What do these trends mean for security professionals? Virtualization should be a top priority for your security organization If you lack visibility, you cannot understand the risk implications of the virtual data center You must understand how your applications communicate You need an operationally effective means to do this © 2013 Forrester Research, Inc. Reproduction Prohibited 17
  • 18. Time for a new strategy Get with the program
  • 19. Agenda › The virtual datacenter is coming › Prepare for it & implement a Zero Trust network › How to overcome operational friction © 2013 Forrester Research, Inc. Reproduction Prohibited 19
  • 20.
  • 21.
  • 22.
  • 23. Which one goes to the Internet? UNTRUSTED TRUSTED
  • 25. Concepts of zero trust All resources are accessed in a secure manner regardless of location. Access control is on a “need-to-know” basis and is strictly enforced. Verify and never trust. Visibility: Inspect and log all traffic. The network is designed from the inside out.
  • 26. Visibility: inspect and log all traffic Enterprises struggle with visibility inside the traditional data center Visibility into the resources within the virtual data center is even more of a challenge Can you see into application communications within your virtual environment? What about intra-vm communications? © 2013 Forrester Research, Inc. Reproduction Prohibited 26
  • 27. The network is designed from the inside out Visibility is required to design networks We need a data centric approach, and data exists within applications If you don’t understand how applications communicate how can you securely enable them We are strategic when we design networks around critical data within applications © 2013 Forrester Research, Inc. Reproduction Prohibited 27
  • 28. Zero Trust › Understanding applications (data) is the foundation of Zero Trust network design. › Architecting Zero Trust networks is ideal when consolidating data centers and virtualizing applications. › But the traditional approaches to enabling applications and segmenting networks aren’t effective and don’t scale. © 2013 Forrester Research, Inc. Reproduction Prohibited 28
  • 32. Agenda › The virtual datacenter is coming › Prepare for it & implement a Zero Trust network › How to overcome operational friction © 2013 Forrester Research, Inc. Reproduction Prohibited 32
  • 33. Its all about operations Understand that if operational requirements are too great, solution WON’T be maximized © 2013 Forrester Research, Inc. Reproduction Prohibited 33
  • 34. What inhibits this? Self imposed operational friction › Bad for the business and bad operations • Complex application communication requirements • Bloated firewall rule sets • Lack of tools • Immature process and oversight • Poor communication between information security, application owners and network operations © 2013 Forrester Research, Inc. Reproduction Prohibited 34
  • 35. You need a solution that reduces friction What to look for in a solution Application discovery function Function that speeds the discovery of application communications Self service Ability for application owners to request provisioning/deprovisioning of applications Integrations No point solutions here, look for offerings that integrate into your firewall and change management solutions Virtualization capable Must be able to enable automation within the virtual data center. Solution must be scalable enough to address nuances of virtual environment. © 2013 Forrester Research, Inc. Reproduction Prohibited 35
  • 36. Technology is only one aspect › We cannot forget about the other areas › Foster relationships › Look for technologies solutions that facilitate oversight, people and process activities © 2013 Forrester Research, Inc. Reproduction Prohibited Oversight Process People Technology 36
  • 37. Looking ahead › If you can’t securely enable applications within your own data center, how can you expect to be successful in the cloud? © 2013 Forrester Research, Inc. Reproduction Prohibited 37
  • 39. The AlgoSec Suite Application Owners Network Operations Security AlgoSec Security Management Suite BusinessFlow Firewall Analyzer Business Application Connectivity Mgmt Business Applications FireFlow Security Policy Change Automation Security Policy Analysis & Audit Security Infrastructure Confidential
  • 40. Business Impact gility lignment • Faster security provisioning of business applications • Accelerated data center migrations • Automated firewall operations • Effectively react to network and application changes • Process changes up to 4x faster daptability • Streamline communication between teams • Enable true accountability and governance Benefits Accurate configuration ensures • Business continuity • Stronger security posture • Continuous Compliance ssurance Confidential
  • 41. Q&A and Next Steps The Case & Criteria for ApplicationCentric Security Policy Management www.algosec.com/application Simplifying Security Management in the Virtual Data Center www.algosec.com/datacenter Evaluate the AlgoSec Security Management Suite @ www.algosec.com/eval
  • 42. Managing Security at the Speed of Business www.AlgoSec.com Connect with AlgoSec on:

Editor's Notes

  1. The AlgoSec Suite is made up of 3 separate yet tightly integrated products.BusinessFlow provides an application-centric approach to managing the security policy. It discovers and maintains visibility of application connectivity requirements so you canProcess connectivity changes for applications faster and more accuratelySecurely remove access for decommissioned applicationsUnderstand the impact your network security infrastructure has on business applications, and vice-versaBusinessFlow automatically translates vague application connectivity needs into concrete firewall rules that the network teams can implement. Application owners can request connectivity in their language (E.g. connect the webserver to the database) and BusinessFlow discovers what (if any) devices and rules needs to change.Firewall Analyzer connects and understands your security infrastructure, including firewalls from all the leading vendors, routers, switches and web proxies. Firewall Analyzer pulls configurations from these devices and gives you complete visibility and control of your policy to automate and streamline daily firewall operations such as –Troubleshooting (E.g. Which firewall(s) and rule(s) are blocking traffic from point A to point B)AuditingBaseline configuration complianceRisky rule analysis and much moreThe third and final component of the suite is FireFlow, which automates the security change process. FireFlow adds network and firewall intelligence to the change process, and complements ticketing systems such as Remedy and ServiceNow, so you can process changes 2x-4x faster and with greater accuracy.Capabilities include automatically discovering devices and rules that need to change and automatically closing changes which “already work” – as many as 30% of requests! Optimal design of new rules and object minimize policy clutter, and automatic validation of correct implementation eliminates re-opening of tickets.FireFlow also guarantees continuous compliance by proactively simulating and checking every change before it is implements. With this approach, organizations ensure they are compliant at all times and do not have to resort to periodic “house cleaning” projects in time for an audit.