I recently returned from the RSA Conference in San Francisco, where everyone who's anyone in the world of IT security gathers to talk about the threats we all face from computer hackers and other malicious attacks, and how these can be countered. What's clear from many of the customers I spoke to at the event, is that they're under increasing pressure to automate previously manual security processes – such as managing firewalls, network changes, network segmentation and application connectivity controls. This is a view backed up by the results of our recent survey where around 91% of security managers reported that the on-demand nature of virtualization and the cloud has increased pressure on them to deliver applications and services faster.
There are three key elements to security automation. Firstly audit automation -particularly automating the process and procedures of firewall audits.
Secondly, process automation of a network change. This allows you to define and enforce the desired workflow when a network change is requested and if certain requests need to go for further approval. As part of the change process, automation also highlights which devices are affected by the change request and then designs that change accurately. All this naturally leads to reduced errors and faster implementation.
The last part of automation refers to security policy automation. It means security is automatically integrated and validated into daily operations checking whether a change violates a security or compliance requirement before the change is made. This reduces the risk of network exposure and the risk of an outage.
A common fear I heard at RSA, was that automating means a loss of control. The reality is you're far more likely to open yourselves up to attack if you continue to follow a manual approach, since network complexity dominates in any medium to large enterprise.
Typically, organizations have to make dozens of changes every week due to new applications and services. One of our large telco customers says they're making 50 a day. Trying to handle that kind of volume and complexity manually is bound to result in errors. Indeed, around half of all network changes have to be redone. But while automating this mammoth task is clearly beneficial, you don't have to lose control if you maintain manual sign off.
By using a Security Policy Orchestration solution, you can effectively do that and ensure greater accuracy of network changes with security checks 'baked into' the change process. The solution will automatically enforce your security policies across the organization before any firewall or network change is made, with a full audit trail to ensure compliance. In fact, what we often hear from customers is automation increases the accuracy of their security controls, as well as reducing their costs and frees up IT staff to focus on strategic initiatives. A clear win-win.
But what's even nicer is you can decide on the level of automation that your organization needs. And at each stage of the process you can intervene to review, change or overrule something.
For instance you can automatically analyze the network path of a specific change, automatically simulate risk before the change is made on the network, automatically send a design 'recipe book' to the network ops teams of how the change should be implemented and then finally decide whether to provision that change manually or automatically.
So don't believe the notion that increasing your agility through automation means reducing your control over security. Automation doesn't have to be blind.
Take a look at an overview of our product suite and see for yourself.
You can also hear the webinar 'Why You Should Care About Security Policy Orchestration'