How AlgoSec delivers on the four principles of effective network security policy management

Enterprise IT must deliver more, faster. As cyber attacks increase in volume and sophistication, IT groups are finding themselves ill-equipped to secure their networks and maintain compliance while supporting business productivity. In this era of digital transformation, managing security across complex enterprise networks presents huge challenges. Automation will ease the pressure.

Yet harnessing the power of security automation – that is, via a network security policy management (NSPM) solution – requires a series of strategic decisions. Which solution is best for your needs, and what features are essential?

Intelligent automation: more than just defining policies

First, let’s consider what functionality your NSPM should incorporate. Security policy management is so much more than just looking at a device and adding some rules. It’s about enhancing and automating time-consuming security processes so that personnel can focus on more strategic tasks. For example, AlgoSec FireFlow helps organisations process security policy changes in minutes or hours, not days or weeks. Using intelligent, highly customisable workflows, it automates the entire security policy change process – from design and submission to proactive risk analysis, implementation, validation and auditing.

“A month ago, we had to review our incoming Internet access rules in two days – and did. Without AlgoSec, it would have taken us at least a month to accomplish this task. AlgoSec helps us maintain a problem-free environment. And we have been able to move members of our team who previously handled these maintenance jobs onto other tasks, so we can do more with less. I recommend AlgoSec to other companies – it will help them improve their firewall policy management processes,” said an information security manager at a finance company.

Intelligent automation of security policy must also proactively assess for risk. AlgoSec’s solution proactively assesses the impact of every proposed change to the security policy to minimise risk, prevent outages and ensure compliance. Our solution relies on the broadest risk knowledge base in the industry and, through its integration with the leading vulnerability scanners, maps vulnerabilities to their associated business applications to assess and prioritise risk to your business.

Finally, it’s critical that post-implementation peer review – which we at AlgoSec call smart validation – be completely automated too, rather than via a secondary human review, which many organisations rely on. This further reduces the manual intervention required for policy management and ensures the network analyst responsible for the change request can be confident that the request was implemented accurately. This prevents premature closing of tickets and avoiding defective policies being sent to the business, and it drives organisations towards a truly zero-touch approach to network security.

“We cleaned up our existing policy base and now utilise the “what if” analysis to prevent the introduction of clutter and risk into our environment. After several months of use, AlgoSec has made a quantifiable impact on our firewall operations and security risk management. We know exactly what changes are being made, by whom and the implications of those changes on our operations and security posture,” said an infrastructure services manager at an automobile company.

An application-centric approach: setting the stage for the future

The NSPM solution’s automation can also help organisations take an application-centric approach to security management, rather than a narrow network-based view. This ensures the right security management activities are performed in the right order, through an automated, repeatable process and dramatically improves business agility, without sacrificing security and compliance.

The right NSPM solution needs to be able to take all your business applications, arrange them in a table and identify which rules are required to make them work – dynamically and in real-time. AlgoSec drives digital transformation by accelerating application delivery while enhancing and extending security across the hybrid cloud: on-premises networks, SDN and private and public clouds.

Using the best of existing processes: combine with new automation techniques

Another area to bear in mind when choosing an NPSM solution is how it integrates with existing network change processes, which involve manual steps and decision-making. Injecting these practices into a modern NSPM solution can often slow deployment. Instead, organisations should take the opportunity for a fresh look and an optimisation of their processes, with automation ‘baked in’ from the outset.

For example, one common manual step at the beginning of the network change workflow is a triaging of different requests, so that more urgent or risky ones are dealt with first. This should be handled automatically by the risk analysis element of your solution. Ultimately, the goal should be to move towards zero-touch network change management.

Ultimately, your chosen NSPM solution needs to offer you a single pane of glass view across your entire hybrid environment – cloud, SDN and on-premises. That visibility is the foundation for a streamlined, automated and ultimately intelligent approach to network security policy management.

“AlgoSec met many of our key requirements, better than its competitors in our evaluation. We particularly liked AlgoSec’s superior security policy analysis and ability to make actionable recommendations with a high level of accuracy. AlgoSec will enable us to identify ways to consolidate and optimise rules, perform deep risk analysis, automate workflows and ensure compliance in ways that other products cannot match,” said a CSO at a finance institution.