SlideShare a Scribd company logo

Best Practics for Automating Next Generation Firewall Change Processes

Download as PPTX, PDF
Adi Gazit Blecher
Adi Gazit Blecher

Hear how AlgoSec seamlessly integrates with Palo Alto Networks NGFWs to simply and intelligently automate App-ID and User-ID security policy change workflows, business application connectivity mapping and compliance reporting across on-premise and cloud environments.

Technology
1 of 45
BEST PRACTICES FOR AUTOMATING NEXT GENERATION FIREWALL CHANGE PROCESSES Edy Almer, VP Product, AlgoSec Moshe Itah, Product Line Manager, Palo Alto Networks
• Supporting business transformation initiatives such as cloud and SDN • Lack of visibility into business application connectivity requirements • Slow, manual and error-prone change management processes • Costly outages and exposure to risk due to misconfigurations • Time-consuming audits and reactive compliance verification 2 | Confidential DO YOU STRUGGLE WITH?
ELIMINATE THE TRADEOFF 3 | Confidential Security Business Agility Avoid misconfiguration and reduce attack surface Proactively mitigate risk Ensure continuous compliance Enforce Network Segmentation Provision network changes in minutes, not days Understand business requirements and avoid application outages Align teams to foster DevSecOps Free up time by automating processes
5 | Confidential THE ALGOSEC SECURITY POLICY MANAGEMENT SUITE
KEY CAPABILITIES Secure Business Application Connectivity Management Security Policy Change Management Continuous Compliance and Auditing Firewall Policy Optimization Security Policy Risk Mitigation NGFW and Datacenter Migration Hybrid Cloud Security
18 | Confidential ALGOSEC INTEGRATION WITH PALO ALTO NETWORKS
APP-ID AND USER-ID SUPPORT • Policy analysis • Automatically and seamlessly replace ports with applications at layer 7 • Zero-touch change management • Proactive risk analysis • Add/remove/modify traffic and intelligent rule design • Policy push directly to Palo Alto Networks devices (through Panorama) • Mixed NGFW and non user/application-aware infrastructure, and cloud (VMware NSX, AWS, Azure) 19 | Confidential
APP-ID AND USER ID CONNECTIVITY MANAGEMENT • Changes include application default, app_id and user data 20 |
PANORAMA SUPPORT • Automated policy push through Panorama to its devices, including user-awareness, application awareness • Support for large estates • Automatically populate firewalls in AlgoSec • Identify and incorporate candidate policies in the analysis (aggregated changes not yet committed to the devices) • Allow low risk change requests to be automatically resolved, while security operations must approve or reject only higher risk items 21 | Confidential
PANORAMA SUPPORT 22 | Confidential
PRAGMATIC AUTOMATION • Collate all changes related to a policy • Allow mixed device based work orders and policy based work orders on the same ticket  Make single change to Panorama instead of hundreds of individual device level changes – while still supporting device based changes for other vendors. 23 |
ACTIVECHANGE THROUGH PANORAMA 24 | Confidential
25 | • Support assignment of Panorama device groups to organizational groups in AD • Each group handles and approves changes to “its” devices • Align with organizational structure • Improve inter team synchronization • Reduce errors • Provide full results to requestors SUPPORT ORGANIZATION STRUCTURE & DEVICE GROUPS
ASSIGN RESPONSIBILITY TO DEVICE GROUP OWNERS 26 | Confidential
Management Features in Release 7.1 Moshe Itah
Palo Alto Networks and AlgoSec  Palo Alto Networks and AlgoSec are close partners  Palo Alto Networks and AlgoSec share  early alpha/beta releases for feedback and testing  product roadmaps  technical discussions  The relationship work are at multiple levels  Business Development  Product Management 29 | ©2016. Palo Alto Networks. Confidential and Proprietary.
Commit Enhancements 30 | ©2016, Palo Alto Networks. Confidential and Proprietary.
Commit Queue  Once a commit is running, no other commit (user or system triggered) is allowed, preventing …  Commit to multiple VSYS on same device mapped to different DGs in Panorama  Multiple admins from committing to device/Panorama simultaneously  Tenants from committing simultaneously to their VSYS  User commits when DAG updates, FQDN or EDL refreshes are ongoing  New commits are queued when a commit is in progress  All commits are queued in the order they were received  On commit failure the next commit is processed 31 | ©2016, Palo Alto Networks. Confidential and Proprietary.
Commit Queue  Full visibility into queue  Which commit is being processed?  Ability to clear the queue  Queue capacity is platform dependent  Queues not synched across HA peers  CLI and API support  Commits with following changes will fail if the commit queue is not empty  Master key  Mode (single to multi-VSYS)  URL DB  Reverts 32 | ©2016, Palo Alto Networks. Confidential and Proprietary.
How Commit Queue Works 33 | ©2016, Palo Alto Networks. Confidential and Proprietary. Commit Task Queue Commit Processing Commit 1 by jamie Commit 1 by jamie Commit 1 by jamie Commit 2 by saurabh Commit 2 by saurabh Commit 3 by moshe Commit 3 by moshe Commit 3 by moshe FQDN Refresh for Commit 1
Commit Description  Commit description can be up to 512 characters  Use cases  Describe what changes were pushed down with commit  Ticket Numbers, Change Request Numbers, Audit Info etc.  Compare versions based on commit description in config audit  Type in description text into config version selector to compare  Commit description searches available in system logs, task manager 34 | ©2016, Palo Alto Networks. Confidential and Proprietary. Start typing description
Increased Maximum Virtual Disk  Problem – Max size of supported virtual disk is 2TB which leads customers to NFS for more storage  NFS is less than ideal for throughput rates and predictability  Virtual Disk has better performance, but 2TB is not enough storage for many customers  Solution – Support up to 8 TB of virtual disk for VM Panorama  Must have ESXi 5.5+  Will require a new virtual disk (will be covered in LAB session) 35 | ©2016, Palo Alto Networks. Confidential and Proprietary.
New ACC Widgets 36 | ©2016, Palo Alto Networks. Confidential and Proprietary.
New ACC Widgets  Problem – Customers could not see more than top 10 URL categories or File Types / Data Patterns  Currently URL Filtering and Content activity is only shown in the User Activity or IP Activity widgets at top 10 items  Solution – Create two new widgets for URL filtering and Content Activity  Allows admins to view top URL domains and files/patterns in the table with the ability to maximize for an expanded list  The widgets must be added to a tab manually 37 | ©2016, Palo Alto Networks. Confidential and Proprietary.
New ACC Widgets 38 | ©2016, Palo Alto Networks. Confidential and Proprietary.
New ACC Widgets  Problem – Customers wanted visibility into top data transfers and URLs independent of IP or User  Currently URL and Content visibility was restricted to the User Activity or IP Activity widgets at max top 10 items  Solution – Create two new widgets for URL filtering and Content Filtering  Allows admins to view URL / Content at the top level and drill into details  The widgets must be added to a tab manually 39 | ©2016, Palo Alto Networks. Confidential and Proprietary.
Unified Log Viewer 40 | ©2016, Palo Alto Networks. Confidential and Proprietary.
Unified Log Viewer  Problem – Customers cannot see all events associated with a set of filters across databases  Admins can only view the related logs for any single event or re-run the same query on each log type  Solution – Add a unified log viewer  All traffic and threat log types are available  Any column that is common will return results from all of the relevant matching logs 41 | ©2016, Palo Alto Networks. Confidential and Proprietary.
Unified Log Viewer Example 42 | ©2016, Palo Alto Networks. Confidential and Proprietary.
Unified Log Viewer: Specific Query 43 | ©2016, Palo Alto Networks. Confidential and Proprietary.
Unified Log Viewer: Specific Query 44 | ©2016, Palo Alto Networks. Confidential and Proprietary.
Unified Log Viewer: DB Selection 45 | ©2016, Palo Alto Networks. Confidential and Proprietary.
THANK YOU For personal demo: www.algosec.com/Demo More information: marketing@algosec.com 46 | Confidential

Recommended

2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinarAlgoSec
 
Build and enforce defense in depth - an algo sec-cisco tetration webinar
Build and enforce defense in depth - an algo sec-cisco tetration webinarBuild and enforce defense in depth - an algo sec-cisco tetration webinar
Build and enforce defense in depth - an algo sec-cisco tetration webinarAlgoSec
 
best practices-managing_security_in_the hybrid cloud
best practices-managing_security_in_the hybrid cloud best practices-managing_security_in_the hybrid cloud
best practices-managing_security_in_the hybrid cloudAlgoSec
 
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...AlgoSec
 
Microsegmentation from strategy to execution
Microsegmentation from strategy to executionMicrosegmentation from strategy to execution
Microsegmentation from strategy to executionAlgoSec
 
2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation final2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation finalAlgoSec
 
2020 04-07 webinar slides -turning network security alerts into action change...
2020 04-07 webinar slides -turning network security alerts into action change...2020 04-07 webinar slides -turning network security alerts into action change...
2020 04-07 webinar slides -turning network security alerts into action change...AlgoSec
 
SDN's managing security across the virtual network final
SDN's managing security across the virtual network finalSDN's managing security across the virtual network final
SDN's managing security across the virtual network finalAlgoSec
 

Recommended

2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinarAlgoSec
 
Build and enforce defense in depth - an algo sec-cisco tetration webinar
Build and enforce defense in depth - an algo sec-cisco tetration webinarBuild and enforce defense in depth - an algo sec-cisco tetration webinar
Build and enforce defense in depth - an algo sec-cisco tetration webinarAlgoSec
 
best practices-managing_security_in_the hybrid cloud
best practices-managing_security_in_the hybrid cloud best practices-managing_security_in_the hybrid cloud
best practices-managing_security_in_the hybrid cloudAlgoSec
 
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...AlgoSec
 
Microsegmentation from strategy to execution
Microsegmentation from strategy to executionMicrosegmentation from strategy to execution
Microsegmentation from strategy to executionAlgoSec
 
2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation final2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation finalAlgoSec
 
2020 04-07 webinar slides -turning network security alerts into action change...
2020 04-07 webinar slides -turning network security alerts into action change...2020 04-07 webinar slides -turning network security alerts into action change...
2020 04-07 webinar slides -turning network security alerts into action change...AlgoSec
 
SDN's managing security across the virtual network final
SDN's managing security across the virtual network finalSDN's managing security across the virtual network final
SDN's managing security across the virtual network finalAlgoSec
 
Application visibility across the security estate the value and the vision ...
Application visibility across the security estate the value and the vision ...Application visibility across the security estate the value and the vision ...
Application visibility across the security estate the value and the vision ...AlgoSec
 
compliance made easy. pass your audits stress-free webinar
compliance made easy. pass your audits stress-free webinarcompliance made easy. pass your audits stress-free webinar
compliance made easy. pass your audits stress-free webinarAlgoSec
 
Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarCisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarAlgoSec
 
More Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management SuiteMore Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management SuiteAlgoSec
 
Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...
Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...
Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...AlgoSec
 
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy ManagementCisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy ManagementAlgoSec
 
Managing Application Connectivity in the World of Network Security
Managing Application Connectivity in the World of Network SecurityManaging Application Connectivity in the World of Network Security
Managing Application Connectivity in the World of Network Securityshira koper
 
2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solution2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solutionAlgoSec
 
The state of the cloud csa survey webinar
The state of the cloud csa survey webinarThe state of the cloud csa survey webinar
The state of the cloud csa survey webinarAlgoSec
 
Movin' On Up to the Cloud: How to Migrate your Application Connectivity
Movin' On Up to the Cloud: How to Migrate your Application ConnectivityMovin' On Up to the Cloud: How to Migrate your Application Connectivity
Movin' On Up to the Cloud: How to Migrate your Application Connectivityshira koper
 
2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...AlgoSec
 
Create and Manage a Micro-Segmented Data Center – Best Practices
Create and Manage a Micro-Segmented Data Center – Best PracticesCreate and Manage a Micro-Segmented Data Center – Best Practices
Create and Manage a Micro-Segmented Data Center – Best PracticesAlgoSec
 
Tying cyber attacks to business processes, for faster mitigation
Tying cyber attacks to business processes, for faster mitigation Tying cyber attacks to business processes, for faster mitigation
Tying cyber attacks to business processes, for faster mitigation Maytal Levi
 
DevSecOps: Putting the Sec into the DevOps
DevSecOps: Putting the Sec into the DevOpsDevSecOps: Putting the Sec into the DevOps
DevSecOps: Putting the Sec into the DevOpsshira koper
 
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar finalAlgoSec
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomwareAlgoSec
 
Migrating and Managing Security in an AWS Environment- Best Practices
Migrating and Managing Security in an AWS Environment- Best PracticesMigrating and Managing Security in an AWS Environment- Best Practices
Migrating and Managing Security in an AWS Environment- Best Practicesshira koper
 
Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar Maytal Levi
 
Examining the Impact of Security Management on the Business (Infographic)
Examining the Impact of Security Management on the Business (Infographic)Examining the Impact of Security Management on the Business (Infographic)
Examining the Impact of Security Management on the Business (Infographic)AlgoSec
 
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...AlgoSec
 
Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinarCisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinarMaytal Levi
 
How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...
How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...
How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...Adi Gazit Blecher
 

More Related Content

What's hot

Application visibility across the security estate the value and the vision ...
Application visibility across the security estate the value and the vision ...Application visibility across the security estate the value and the vision ...
Application visibility across the security estate the value and the vision ...AlgoSec
 
compliance made easy. pass your audits stress-free webinar
compliance made easy. pass your audits stress-free webinarcompliance made easy. pass your audits stress-free webinar
compliance made easy. pass your audits stress-free webinarAlgoSec
 
Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarCisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarAlgoSec
 
More Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management SuiteMore Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management SuiteAlgoSec
 
Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...
Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...
Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...AlgoSec
 
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy ManagementCisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy ManagementAlgoSec
 
Managing Application Connectivity in the World of Network Security
Managing Application Connectivity in the World of Network SecurityManaging Application Connectivity in the World of Network Security
Managing Application Connectivity in the World of Network Securityshira koper
 
2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solution2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solutionAlgoSec
 
The state of the cloud csa survey webinar
The state of the cloud csa survey webinarThe state of the cloud csa survey webinar
The state of the cloud csa survey webinarAlgoSec
 
Movin' On Up to the Cloud: How to Migrate your Application Connectivity
Movin' On Up to the Cloud: How to Migrate your Application ConnectivityMovin' On Up to the Cloud: How to Migrate your Application Connectivity
Movin' On Up to the Cloud: How to Migrate your Application Connectivityshira koper
 
2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...AlgoSec
 
Create and Manage a Micro-Segmented Data Center – Best Practices
Create and Manage a Micro-Segmented Data Center – Best PracticesCreate and Manage a Micro-Segmented Data Center – Best Practices
Create and Manage a Micro-Segmented Data Center – Best PracticesAlgoSec
 
Tying cyber attacks to business processes, for faster mitigation
Tying cyber attacks to business processes, for faster mitigation Tying cyber attacks to business processes, for faster mitigation
Tying cyber attacks to business processes, for faster mitigation Maytal Levi
 
DevSecOps: Putting the Sec into the DevOps
DevSecOps: Putting the Sec into the DevOpsDevSecOps: Putting the Sec into the DevOps
DevSecOps: Putting the Sec into the DevOpsshira koper
 
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar finalAlgoSec
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomwareAlgoSec
 
Migrating and Managing Security in an AWS Environment- Best Practices
Migrating and Managing Security in an AWS Environment- Best PracticesMigrating and Managing Security in an AWS Environment- Best Practices
Migrating and Managing Security in an AWS Environment- Best Practicesshira koper
 
Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar Maytal Levi
 
Examining the Impact of Security Management on the Business (Infographic)
Examining the Impact of Security Management on the Business (Infographic)Examining the Impact of Security Management on the Business (Infographic)
Examining the Impact of Security Management on the Business (Infographic)AlgoSec
 
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...AlgoSec
 

What's hot (20)

Application visibility across the security estate the value and the vision ...
Application visibility across the security estate the value and the vision ...Application visibility across the security estate the value and the vision ...
Application visibility across the security estate the value and the vision ...
 
compliance made easy. pass your audits stress-free webinar
compliance made easy. pass your audits stress-free webinarcompliance made easy. pass your audits stress-free webinar
compliance made easy. pass your audits stress-free webinar
 
Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarCisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
 
More Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management SuiteMore Things You Can Do with the AlgoSec Security Policy Management Suite
More Things You Can Do with the AlgoSec Security Policy Management Suite
 
Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...
Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...
Accelerate Application Deployment Across Cisco ACI Fabric, On-Premise Firewal...
 
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy ManagementCisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
Cisco ACI & Hybrid Networks - Breaking Down Silos with Central Policy Management
 
Managing Application Connectivity in the World of Network Security
Managing Application Connectivity in the World of Network SecurityManaging Application Connectivity in the World of Network Security
Managing Application Connectivity in the World of Network Security
 
2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solution2019 08-13 selecting the right security policy management solution
2019 08-13 selecting the right security policy management solution
 
The state of the cloud csa survey webinar
The state of the cloud csa survey webinarThe state of the cloud csa survey webinar
The state of the cloud csa survey webinar
 
Movin' On Up to the Cloud: How to Migrate your Application Connectivity
Movin' On Up to the Cloud: How to Migrate your Application ConnectivityMovin' On Up to the Cloud: How to Migrate your Application Connectivity
Movin' On Up to the Cloud: How to Migrate your Application Connectivity
 
2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...
 
Create and Manage a Micro-Segmented Data Center – Best Practices
Create and Manage a Micro-Segmented Data Center – Best PracticesCreate and Manage a Micro-Segmented Data Center – Best Practices
Create and Manage a Micro-Segmented Data Center – Best Practices
 
Tying cyber attacks to business processes, for faster mitigation
Tying cyber attacks to business processes, for faster mitigation Tying cyber attacks to business processes, for faster mitigation
Tying cyber attacks to business processes, for faster mitigation
 
DevSecOps: Putting the Sec into the DevOps
DevSecOps: Putting the Sec into the DevOpsDevSecOps: Putting the Sec into the DevOps
DevSecOps: Putting the Sec into the DevOps
 
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware
 
Migrating and Managing Security in an AWS Environment- Best Practices
Migrating and Managing Security in an AWS Environment- Best PracticesMigrating and Managing Security in an AWS Environment- Best Practices
Migrating and Managing Security in an AWS Environment- Best Practices
 
Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar
 
Examining the Impact of Security Management on the Business (Infographic)
Examining the Impact of Security Management on the Business (Infographic)Examining the Impact of Security Management on the Business (Infographic)
Examining the Impact of Security Management on the Business (Infographic)
 
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
 

Viewers also liked

Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinarCisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinarMaytal Levi
 
How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...
How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...
How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...Adi Gazit Blecher
 
Palo Alto Networks authentication
Palo Alto Networks authenticationPalo Alto Networks authentication
Palo Alto Networks authenticationAlberto Rivai
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Securityneoma329
 
Openstack Ops Meetup Palo Alto LT
Openstack Ops Meetup Palo Alto LTOpenstack Ops Meetup Palo Alto LT
Openstack Ops Meetup Palo Alto LTToshikazu Ichikawa
 
OPNFV Use Case: VPN in the Cloud
OPNFV Use Case: VPN in the CloudOPNFV Use Case: VPN in the Cloud
OPNFV Use Case: VPN in the CloudOPNFV
 
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud Ajeet Singh
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextAlgoSec
 
Learn how an app-centric approach will improve security & operational efficiency
Learn how an app-centric approach will improve security & operational efficiencyLearn how an app-centric approach will improve security & operational efficiency
Learn how an app-centric approach will improve security & operational efficiencyAdi Gazit Blecher
 
Avoid outages-from-misconfigured-devices-webinar-slides
Avoid outages-from-misconfigured-devices-webinar-slidesAvoid outages-from-misconfigured-devices-webinar-slides
Avoid outages-from-misconfigured-devices-webinar-slidesAlgoSec
 
Shift Happens: Eliminating the Risks of Network Security Policy Changes
Shift Happens: Eliminating the Risks of Network Security Policy ChangesShift Happens: Eliminating the Risks of Network Security Policy Changes
Shift Happens: Eliminating the Risks of Network Security Policy ChangesAlgoSec
 
Dos and Don’ts for Managing External Connectivity to/from Your Network
Dos and Don’ts for Managing External Connectivity to/from Your NetworkDos and Don’ts for Managing External Connectivity to/from Your Network
Dos and Don’ts for Managing External Connectivity to/from Your NetworkAlgoSec
 
AWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAlgoSec
 
A Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
A Pragmatic Approach to Network Security Across Your Hybrid Cloud EnvironmentA Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
A Pragmatic Approach to Network Security Across Your Hybrid Cloud EnvironmentAlgoSec
 
Lecture The Search for Innovation
Lecture The Search for InnovationLecture The Search for Innovation
Lecture The Search for InnovationEvent StoryBoard
 
Taking the fire drill out of making firewall changes
Taking the fire drill out of making firewall changesTaking the fire drill out of making firewall changes
Taking the fire drill out of making firewall changesAlgoSec
 
Segmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglySegmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglyAlgoSec
 
Zero Trust Networking with Palo Alto Networks Security
Zero Trust Networking with Palo Alto Networks SecurityZero Trust Networking with Palo Alto Networks Security
Zero Trust Networking with Palo Alto Networks SecurityDenis Batrankov, CISSP
 
Whats new in neutron for open stack havana
Whats new in neutron for open stack havanaWhats new in neutron for open stack havana
Whats new in neutron for open stack havanaKamesh Pemmaraju
 

Viewers also liked (20)

Cisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinarCisco aci and AlgoSec webinar
Cisco aci and AlgoSec webinar
 
How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...
How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...
How to-migrate-and-manage-security-policies-in-a-segmented-data-center---webi...
 
Palo Alto Networks authentication
Palo Alto Networks authenticationPalo Alto Networks authentication
Palo Alto Networks authentication
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Security
 
Openstack Ops Meetup Palo Alto LT
Openstack Ops Meetup Palo Alto LTOpenstack Ops Meetup Palo Alto LT
Openstack Ops Meetup Palo Alto LT
 
OPNFV Use Case: VPN in the Cloud
OPNFV Use Case: VPN in the CloudOPNFV Use Case: VPN in the Cloud
OPNFV Use Case: VPN in the Cloud
 
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business context
 
Learn how an app-centric approach will improve security & operational efficiency
Learn how an app-centric approach will improve security & operational efficiencyLearn how an app-centric approach will improve security & operational efficiency
Learn how an app-centric approach will improve security & operational efficiency
 
Avoid outages-from-misconfigured-devices-webinar-slides
Avoid outages-from-misconfigured-devices-webinar-slidesAvoid outages-from-misconfigured-devices-webinar-slides
Avoid outages-from-misconfigured-devices-webinar-slides
 
Shift Happens: Eliminating the Risks of Network Security Policy Changes
Shift Happens: Eliminating the Risks of Network Security Policy ChangesShift Happens: Eliminating the Risks of Network Security Policy Changes
Shift Happens: Eliminating the Risks of Network Security Policy Changes
 
Dos and Don’ts for Managing External Connectivity to/from Your Network
Dos and Don’ts for Managing External Connectivity to/from Your NetworkDos and Don’ts for Managing External Connectivity to/from Your Network
Dos and Don’ts for Managing External Connectivity to/from Your Network
 
AWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’ts
 
A Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
A Pragmatic Approach to Network Security Across Your Hybrid Cloud EnvironmentA Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
A Pragmatic Approach to Network Security Across Your Hybrid Cloud Environment
 
NGFW Brochure 08 08
NGFW Brochure 08 08NGFW Brochure 08 08
NGFW Brochure 08 08
 
Lecture The Search for Innovation
Lecture The Search for InnovationLecture The Search for Innovation
Lecture The Search for Innovation
 
Taking the fire drill out of making firewall changes
Taking the fire drill out of making firewall changesTaking the fire drill out of making firewall changes
Taking the fire drill out of making firewall changes
 
Segmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglySegmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the Ugly
 
Zero Trust Networking with Palo Alto Networks Security
Zero Trust Networking with Palo Alto Networks SecurityZero Trust Networking with Palo Alto Networks Security
Zero Trust Networking with Palo Alto Networks Security
 
Whats new in neutron for open stack havana
Whats new in neutron for open stack havanaWhats new in neutron for open stack havana
Whats new in neutron for open stack havana
 

Similar to Best Practics for Automating Next Generation Firewall Change Processes

Feasibility Study Template for Electronic Software Distribution
Feasibility Study Template for Electronic Software DistributionFeasibility Study Template for Electronic Software Distribution
Feasibility Study Template for Electronic Software DistributionFlevy.com Best Practices
 
Design and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesDesign and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesPLUMgrid
 
OSMC 2023 | What’s new with Grafana Labs’s Open Source Observability stack by...
OSMC 2023 | What’s new with Grafana Labs’s Open Source Observability stack by...OSMC 2023 | What’s new with Grafana Labs’s Open Source Observability stack by...
OSMC 2023 | What’s new with Grafana Labs’s Open Source Observability stack by...NETWAYS
 
Techcello at a glance
Techcello at a glanceTechcello at a glance
Techcello at a glancekanimozhin
 
Nagios Consulting Implementation and Maintenance
Nagios Consulting Implementation and MaintenanceNagios Consulting Implementation and Maintenance
Nagios Consulting Implementation and MaintenanceRazak Mohammed Ali
 
Best practices for application migration to public clouds interop presentation
Best practices for application migration to public clouds interop presentationBest practices for application migration to public clouds interop presentation
Best practices for application migration to public clouds interop presentationesebeus
 
IBM i Development: Increase Accuracy and Efficiency with SEQUEL's ABSTRACT a...
IBM i Development: Increase Accuracy and Efficiency with SEQUEL's ABSTRACT a... IBM i Development: Increase Accuracy and Efficiency with SEQUEL's ABSTRACT a...
IBM i Development: Increase Accuracy and Efficiency with SEQUEL's ABSTRACT a...HelpSystems
 
What’s new in Rational collaborative lifecycle management 2011?
What’s new in Rational collaborative lifecycle management 2011?What’s new in Rational collaborative lifecycle management 2011?
What’s new in Rational collaborative lifecycle management 2011?IBM Danmark
 
Understanding saa s
Understanding saa sUnderstanding saa s
Understanding saa sUmesh Kodmur
 
Partner Connect APAC - 2022 - April
Partner Connect APAC - 2022 - AprilPartner Connect APAC - 2022 - April
Partner Connect APAC - 2022 - Aprilconfluent
 
Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Apigee | Google Cloud
 
Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...
Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...
Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...Arraya Solutions
 
Forrester Research on Globally Distributed Development Using Subversion
Forrester Research on Globally Distributed Development Using SubversionForrester Research on Globally Distributed Development Using Subversion
Forrester Research on Globally Distributed Development Using SubversionWANdisco Plc
 
Forrester Research on Optimizing Globally Distributed Software Development Us...
Forrester Research on Optimizing Globally Distributed Software Development Us...Forrester Research on Optimizing Globally Distributed Software Development Us...
Forrester Research on Optimizing Globally Distributed Software Development Us...WANdisco Plc
 
The Top 5 Practices of a Highly Successful ChangeMan ZMF Administrator
The Top 5 Practices of a Highly Successful ChangeMan ZMF AdministratorThe Top 5 Practices of a Highly Successful ChangeMan ZMF Administrator
The Top 5 Practices of a Highly Successful ChangeMan ZMF AdministratorSerena Software
 
VMworld 2013: Architecting the Software-Defined Data Center
VMworld 2013: Architecting the Software-Defined Data Center VMworld 2013: Architecting the Software-Defined Data Center
VMworld 2013: Architecting the Software-Defined Data Center VMworld
 
Techcello at a glance
Techcello at a glanceTechcello at a glance
Techcello at a glanceTechcello
 

Similar to Best Practics for Automating Next Generation Firewall Change Processes (20)

Feasibility Study Template for Electronic Software Distribution
Feasibility Study Template for Electronic Software DistributionFeasibility Study Template for Electronic Software Distribution
Feasibility Study Template for Electronic Software Distribution
 
Kafka/SMM Crash Course
Kafka/SMM Crash CourseKafka/SMM Crash Course
Kafka/SMM Crash Course
 
Design and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesDesign and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use Cases
 
Yongsan presentation 3
Yongsan presentation 3Yongsan presentation 3
Yongsan presentation 3
 
OSMC 2023 | What’s new with Grafana Labs’s Open Source Observability stack by...
OSMC 2023 | What’s new with Grafana Labs’s Open Source Observability stack by...OSMC 2023 | What’s new with Grafana Labs’s Open Source Observability stack by...
OSMC 2023 | What’s new with Grafana Labs’s Open Source Observability stack by...
 
Techcello at a glance
Techcello at a glanceTechcello at a glance
Techcello at a glance
 
Nagios Consulting Implementation and Maintenance
Nagios Consulting Implementation and MaintenanceNagios Consulting Implementation and Maintenance
Nagios Consulting Implementation and Maintenance
 
Best practices for application migration to public clouds interop presentation
Best practices for application migration to public clouds interop presentationBest practices for application migration to public clouds interop presentation
Best practices for application migration to public clouds interop presentation
 
IBM i Development: Increase Accuracy and Efficiency with SEQUEL's ABSTRACT a...
IBM i Development: Increase Accuracy and Efficiency with SEQUEL's ABSTRACT a... IBM i Development: Increase Accuracy and Efficiency with SEQUEL's ABSTRACT a...
IBM i Development: Increase Accuracy and Efficiency with SEQUEL's ABSTRACT a...
 
What’s new in Rational collaborative lifecycle management 2011?
What’s new in Rational collaborative lifecycle management 2011?What’s new in Rational collaborative lifecycle management 2011?
What’s new in Rational collaborative lifecycle management 2011?
 
Understanding saa s
Understanding saa sUnderstanding saa s
Understanding saa s
 
Partner Connect APAC - 2022 - April
Partner Connect APAC - 2022 - AprilPartner Connect APAC - 2022 - April
Partner Connect APAC - 2022 - April
 
Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?
 
Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...
Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...
Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...
 
Forrester Research on Globally Distributed Development Using Subversion
Forrester Research on Globally Distributed Development Using SubversionForrester Research on Globally Distributed Development Using Subversion
Forrester Research on Globally Distributed Development Using Subversion
 
Forrester Research on Optimizing Globally Distributed Software Development Us...
Forrester Research on Optimizing Globally Distributed Software Development Us...Forrester Research on Optimizing Globally Distributed Software Development Us...
Forrester Research on Optimizing Globally Distributed Software Development Us...
 
Adopting the Cloud
Adopting the CloudAdopting the Cloud
Adopting the Cloud
 
The Top 5 Practices of a Highly Successful ChangeMan ZMF Administrator
The Top 5 Practices of a Highly Successful ChangeMan ZMF AdministratorThe Top 5 Practices of a Highly Successful ChangeMan ZMF Administrator
The Top 5 Practices of a Highly Successful ChangeMan ZMF Administrator
 
VMworld 2013: Architecting the Software-Defined Data Center
VMworld 2013: Architecting the Software-Defined Data Center VMworld 2013: Architecting the Software-Defined Data Center
VMworld 2013: Architecting the Software-Defined Data Center
 
Techcello at a glance
Techcello at a glanceTechcello at a glance
Techcello at a glance
 

Recently uploaded

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 

Recently uploaded (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

Best Practics for Automating Next Generation Firewall Change Processes

  • 1. BEST PRACTICES FOR AUTOMATING NEXT GENERATION FIREWALL CHANGE PROCESSES Edy Almer, VP Product, AlgoSec Moshe Itah, Product Line Manager, Palo Alto Networks
  • 2. • Supporting business transformation initiatives such as cloud and SDN • Lack of visibility into business application connectivity requirements • Slow, manual and error-prone change management processes • Costly outages and exposure to risk due to misconfigurations • Time-consuming audits and reactive compliance verification 2 | Confidential DO YOU STRUGGLE WITH?
  • 3. ELIMINATE THE TRADEOFF 3 | Confidential Security Business Agility Avoid misconfiguration and reduce attack surface Proactively mitigate risk Ensure continuous compliance Enforce Network Segmentation Provision network changes in minutes, not days Understand business requirements and avoid application outages Align teams to foster DevSecOps Free up time by automating processes
  • 4. 5 | Confidential THE ALGOSEC SECURITY POLICY MANAGEMENT SUITE
  • 5. KEY CAPABILITIES Secure Business Application Connectivity Management Security Policy Change Management Continuous Compliance and Auditing Firewall Policy Optimization Security Policy Risk Mitigation NGFW and Datacenter Migration Hybrid Cloud Security
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17. 18 | Confidential ALGOSEC INTEGRATION WITH PALO ALTO NETWORKS
  • 18. APP-ID AND USER-ID SUPPORT • Policy analysis • Automatically and seamlessly replace ports with applications at layer 7 • Zero-touch change management • Proactive risk analysis • Add/remove/modify traffic and intelligent rule design • Policy push directly to Palo Alto Networks devices (through Panorama) • Mixed NGFW and non user/application-aware infrastructure, and cloud (VMware NSX, AWS, Azure) 19 | Confidential
  • 19. APP-ID AND USER ID CONNECTIVITY MANAGEMENT • Changes include application default, app_id and user data 20 |
  • 20. PANORAMA SUPPORT • Automated policy push through Panorama to its devices, including user-awareness, application awareness • Support for large estates • Automatically populate firewalls in AlgoSec • Identify and incorporate candidate policies in the analysis (aggregated changes not yet committed to the devices) • Allow low risk change requests to be automatically resolved, while security operations must approve or reject only higher risk items 21 | Confidential
  • 21. PANORAMA SUPPORT 22 | Confidential
  • 22. PRAGMATIC AUTOMATION • Collate all changes related to a policy • Allow mixed device based work orders and policy based work orders on the same ticket  Make single change to Panorama instead of hundreds of individual device level changes – while still supporting device based changes for other vendors. 23 |
  • 24. 25 | • Support assignment of Panorama device groups to organizational groups in AD • Each group handles and approves changes to “its” devices • Align with organizational structure • Improve inter team synchronization • Reduce errors • Provide full results to requestors SUPPORT ORGANIZATION STRUCTURE & DEVICE GROUPS
  • 25. ASSIGN RESPONSIBILITY TO DEVICE GROUP OWNERS 26 | Confidential
  • 26.
  • 28. Palo Alto Networks and AlgoSec  Palo Alto Networks and AlgoSec are close partners  Palo Alto Networks and AlgoSec share  early alpha/beta releases for feedback and testing  product roadmaps  technical discussions  The relationship work are at multiple levels  Business Development  Product Management 29 | ©2016. Palo Alto Networks. Confidential and Proprietary.
  • 29. Commit Enhancements 30 | ©2016, Palo Alto Networks. Confidential and Proprietary.
  • 30. Commit Queue  Once a commit is running, no other commit (user or system triggered) is allowed, preventing …  Commit to multiple VSYS on same device mapped to different DGs in Panorama  Multiple admins from committing to device/Panorama simultaneously  Tenants from committing simultaneously to their VSYS  User commits when DAG updates, FQDN or EDL refreshes are ongoing  New commits are queued when a commit is in progress  All commits are queued in the order they were received  On commit failure the next commit is processed 31 | ©2016, Palo Alto Networks. Confidential and Proprietary.
  • 31. Commit Queue  Full visibility into queue  Which commit is being processed?  Ability to clear the queue  Queue capacity is platform dependent  Queues not synched across HA peers  CLI and API support  Commits with following changes will fail if the commit queue is not empty  Master key  Mode (single to multi-VSYS)  URL DB  Reverts 32 | ©2016, Palo Alto Networks. Confidential and Proprietary.
  • 32. How Commit Queue Works 33 | ©2016, Palo Alto Networks. Confidential and Proprietary. Commit Task Queue Commit Processing Commit 1 by jamie Commit 1 by jamie Commit 1 by jamie Commit 2 by saurabh Commit 2 by saurabh Commit 3 by moshe Commit 3 by moshe Commit 3 by moshe FQDN Refresh for Commit 1
  • 33. Commit Description  Commit description can be up to 512 characters  Use cases  Describe what changes were pushed down with commit  Ticket Numbers, Change Request Numbers, Audit Info etc.  Compare versions based on commit description in config audit  Type in description text into config version selector to compare  Commit description searches available in system logs, task manager 34 | ©2016, Palo Alto Networks. Confidential and Proprietary. Start typing description
  • 34. Increased Maximum Virtual Disk  Problem – Max size of supported virtual disk is 2TB which leads customers to NFS for more storage  NFS is less than ideal for throughput rates and predictability  Virtual Disk has better performance, but 2TB is not enough storage for many customers  Solution – Support up to 8 TB of virtual disk for VM Panorama  Must have ESXi 5.5+  Will require a new virtual disk (will be covered in LAB session) 35 | ©2016, Palo Alto Networks. Confidential and Proprietary.
  • 35. New ACC Widgets 36 | ©2016, Palo Alto Networks. Confidential and Proprietary.
  • 36. New ACC Widgets  Problem – Customers could not see more than top 10 URL categories or File Types / Data Patterns  Currently URL Filtering and Content activity is only shown in the User Activity or IP Activity widgets at top 10 items  Solution – Create two new widgets for URL filtering and Content Activity  Allows admins to view top URL domains and files/patterns in the table with the ability to maximize for an expanded list  The widgets must be added to a tab manually 37 | ©2016, Palo Alto Networks. Confidential and Proprietary.
  • 37. New ACC Widgets 38 | ©2016, Palo Alto Networks. Confidential and Proprietary.
  • 38. New ACC Widgets  Problem – Customers wanted visibility into top data transfers and URLs independent of IP or User  Currently URL and Content visibility was restricted to the User Activity or IP Activity widgets at max top 10 items  Solution – Create two new widgets for URL filtering and Content Filtering  Allows admins to view URL / Content at the top level and drill into details  The widgets must be added to a tab manually 39 | ©2016, Palo Alto Networks. Confidential and Proprietary.
  • 39. Unified Log Viewer 40 | ©2016, Palo Alto Networks. Confidential and Proprietary.
  • 40. Unified Log Viewer  Problem – Customers cannot see all events associated with a set of filters across databases  Admins can only view the related logs for any single event or re-run the same query on each log type  Solution – Add a unified log viewer  All traffic and threat log types are available  Any column that is common will return results from all of the relevant matching logs 41 | ©2016, Palo Alto Networks. Confidential and Proprietary.
  • 41. Unified Log Viewer Example 42 | ©2016, Palo Alto Networks. Confidential and Proprietary.
  • 42. Unified Log Viewer: Specific Query 43 | ©2016, Palo Alto Networks. Confidential and Proprietary.
  • 43. Unified Log Viewer: Specific Query 44 | ©2016, Palo Alto Networks. Confidential and Proprietary.
  • 44. Unified Log Viewer: DB Selection 45 | ©2016, Palo Alto Networks. Confidential and Proprietary.
  • 45. THANK YOU For personal demo: www.algosec.com/Demo More information: marketing@algosec.com 46 | Confidential

Editor's Notes

  1. Managing network security across complex heterogeneous networks
  2. - Mention minutes to provision servers and storage, but weeks to provision security.
  3. Hidden slide: Just mention that we are the leaders in Security Policy Management Have 1500 enterprise customers including 20 of the Fortune 50
  4. Save lots of time in defining a large firewall estate, correctly analyze global policy for change and for optimization