Upload
algosec
View
317
Download
1
Tags:
Embed Size (px)
Citation preview
“The Only Thing That Is
Constant Is Change”
- Heraclitus of Ephesus
Around 500 B.C.
A (Very) Brief History of Network Security
A (Very) Brief History of Network Security
1837
A (Very) Brief History of Network Security
1837 1969
A (Very) Brief History of Network Security
1837 1969 1971
A (Very) Brief History of Network Security
1837 1969 1971 1994
A (Very) Brief History of Network Security
1837 1969 1971 1994 Present day
SHIFT HAPPENS
POLL
105 A.D.
105 A.D. 1564 1974
We are Using Yesterday’s
Technologies to Solve
Tomorrow’s Problems
What Happens When SHIFT Hits the Fan?
What Happens When SHIFT Hits the Fan?
“95% of Firewall breaches are the result of misconfiguration, not firewall flaws”
We put ourbusiness at
Risk
What Happens When SHIFT Hits the Fan?
We Disruptour business
Source: The State of Network Security 2014
What Happens When SHIFT Hits the Fan?
We Slow down
our business(Time=Money) Source: Examining the Impact of Security Management on the Business
Why Do We Deal with So Much (network security) SHIFT?
Why Do We Deal with So Much (network security) SHIFT?
Accelerated Application Delivery
Why Do We Deal with So Much (network security) SHIFT?
Changing Network Architecture
Why Do We Deal with So Much (network security) SHIFT?
Changing Threat Landscape
Why Do We Deal with So Much (network security) SHIFT?
Changing Threat Landscape
Changing Network Architecture
Accelerated Application Delivery
Why Do We Deal with So Much (network security) SHIFT?
Changing Threat Landscape
Changing Network Architecture
Accelerated Application Delivery
Nothing to do with “Pure” Security
7 Deadly Sins of Security Change Management
Focusing on the “plumbing” instead of the business applications
7 Deadly Sins of Security Change Management
Not Removing Rules for Decommissioned Applications
7 Deadly Sins of Security Change Management
Ineffective Communication Between Teams
7 Deadly Sins of Security Change Management
Not documenting enough (or at all!)
7 Deadly Sins of Security Change Management
Not Reusing Existing Rules and ObjectsDB_srv = dbserver = databasesrv
7 Deadly Sins of Security Change Management
Not Performing Change Reconciliation
(no cowboy changes!)
7 Deadly Sins of Security Change Management
Manual “fat finger” input mistakes
(port 443 ≠ port 433)
7 Deadly Sins of Security Change Management
Best Practices for Security Change Management
Think Process First(Not just for adding rules!)
Best Practices for Security Change Management
Single Pane of GlassAcross Teams
-Security, Ops, Apps
Across Environments- Physical, Virtual, Cloud
Across Devices and Vendors- Firewalls, Router, Proxies
Best Practices for Security Change Management
Application-Centric Approach
- map application flows
Best Practices for Security Change Management
Proactively Assess Risk (what-if)
Best Practices for Security Change Management
Network Segmentation Seamlessly Enforced
Perform Validation and Reconciliation
Best Practices for Security Change Management
Automate EVERYTHING that can be automated- Change design- Policy Push- Risk Analysis- Documentation- More…
Best Practices for Security Change Management
Managing Security at the Speed of Business
Company Overview
5
1
1000+ Customers in 50 countries including 15 of the Fortune 50
The Leader in Security Policy Management
“Obsession” for Customer Satisfaction
Award-Winning Security Management Suite
Technology Partner Ecosystem
Firewall Analyzer
Security Policy Analysis & Audit
FireFlow
Security Policy Change Automation
BusinessFlow
Application ConnectivityManagementBusiness
ApplicationsSecurity
Infrastructure
The AlgoSec Suite
5
2
Application Owners
AlgoSec Security Management Suite
SecurityNetwork Operations
5
3
Learn more algosec.comLearn even more blog.algosec.comSeeing is believing algosec.com/demo
Q&A