• Application Connectivity
• Data Center Migration/Consolidation
• Decommissioned Applications
• M&A
• Next-Generation Policies • (External) Applications
• Users
• Devices
• New Threats
Source: The State of Network Security 2013
20.2% 22.1%
54.5%
43.6%
25.8%
16.6%
23.0% 25.2%
32.5%
0%
10%
20%
30%
40%
50%
60%
70%
80%
In your organization, an out-of-process change has resulted in...
2012
2013
Application Outage
Network Outage
Data Breach System Outage Failing an Audit None of the above
2013Source: The State of Network Security
“The best way to manage network
security operations is to
link security and operations
through change management and
change control, and to supplement
and accelerate automation.”
The Security Change Workflow
Request Analysis
Approval Implementation
Design Execution/ Verification
Audit the Change Process
Recertify Rules
Measure SLAs Security Operations
Compliance Executive
Operations
11
Request Analysis
• Who can make a request?
• Avoiding miscommunication
• What can be requested? • Add access
• Remove access
• Recertify access
• Change/Remove objects
• Prioritization
• Eliminating “already works”
• Discovering relevant devices
12
Approval
• Risk analysis
• Compliance analysis
• Legal analysis
• Serial vs. Parallel
• Escalation
• Documentation!
13
Implementation/Design
• Create new vs. edit existing
• Reusing objects
• Testing the new rule
• Pushing the new rule
14
Execution/Verification
• Verify correct execution
• Notify requestor
• Request/Change reconciliation
15
“It is especially critical for people to
document the rules they add or change
so that other administrators know the
purpose of each rule and who to contact
about them. Good documentation can
make troubleshooting easy and reduces
the risk of service disruptions that can be
caused when an administrator deletes or
changes a rule they do not understand.”
- Todd, InfoSec Architect, United States
17
Tip 1: Document, Document, Document
“Perform reconciliation between change requests and actual performed changes – looking at the unaccounted changes will always surprise you. Ensuring every change is accounted for will greatly simplify your next audit and help in day-to-day troubleshooting.”
- Ron, Manager, Australia
18
Tip 2: Ensure Accountability
19
Tip 3: Ensure an Application-Centric View
• Provide centralized visibility of
application connectivity needs
• Understand the impact of application
changes on the network and vice-versa
• Understand firewall rule and
application interdependency to safely
decommission applications
Your Security Change Management Solution Must:
1. Be firewall-aware
2. Support all firewalls and routers in your network
3. Be topology-aware
4. Integrate with your existing CMS
5. Provide application-level visibility and change impact analysis
6. Easily customize to your business processes
20
Look for these Key Capabilities
Security Infrastructure
Business Applications
Managing Security at the Speed of Business
22
Application Owners Security Network Operations
Faster Security Provisioning for Business Applications
Align Teams for Improved Agility and Accountability
ROI in less than 1 Year!
Gain Total Visibility and Control of your Security Policy
AlgoSec Security Management Suite
Security Infrastructure
Business Applications
The AlgoSec Suite - BusinessFlow
23
Application Owners Security Network Operations
AlgoSec Security Management Suite
BusinessFlow
Application-Centric Policy Management
• Easily provision connectivity for business applications
• Improve visibility and application availability
• Securely decommission applications
• Translate business requirements to underlying policy
Business Applications
Security Infrastructure
The AlgoSec Suite – Firewall Analyzer
24
Application Owners Security Network Operations
AlgoSec Security Management Suite
BusinessFlow Firewall Analyzer
Security Policy Analysis
• Automate and streamline firewall operations
• Ensure a secure and optimized policy
• Conduct audits in hours instead of weeks
Business Applications
Security Infrastructure
The AlgoSec Suite – FireFlow
25
Application Owners
AlgoSec Security Management Suite
BusinessFlow FireFlow Firewall Analyzer
Security Policy Change Automation
• Process changes 2x-4x faster
• Improve accuracy and accountability
• Ensure continuous compliance and security
Security Network Operations
Business Impact
26
Annual Savings
Reduction in Auditing Expenses $192,000
Reduction in Change Request Processing Time $180,000
Reduction in Troubleshooting Resolution Time $90,000
Extended Lifespan of Hardware $47,500
Total Annual Savings $509,500
3 Year Savings $1,528,500
Sample Organization
• 50 Network Firewalls
• Loaded IT cost - $60/hour
• 2 changes per firewall per month
Generate your own ROI report at AlgoSec.com/ROI
Q&A and Next Steps
Download the Security Change Management ebook @ www.algosec.com/securitychanges_ebook
Calculate your potential ROI @ www.algosec.com/ROI
Evaluate the AlgoSec Security Management Suite @ www.algosec.com/eval
28
Connect with AlgoSec on:
www.AlgoSec.com
Managing Security at the Speed of Business