tufin
play

Tufin: Maximizing Agility and Security Henry Pea Digital - PowerPoint PPT Presentation

Aug 15, 2022 •731 likes •1.21k views

Tufin: Maximizing Agility and Security Henry Pea Digital Transformation is all about Business Agility 2 The Tradeoff Balancing Security and Agility 3 The Problem: Manual Processes Speed Cost Risk Compliance 4 The Solution: Security

  1. Tufin: Maximizing Agility and Security Henry Pea

  2. Digital Transformation is all about Business Agility 2

  3. The Tradeoff Balancing Security and Agility 3

  4. The Problem: Manual Processes Speed Cost Risk Compliance 4

  5. The Solution: Security Automation and Orchestration efficient fast + error-free Secured! 5

  6. Network Security Policy Management Secure and Agile Secure but Slow Zero-Touch Automation Application Driven Automation Analysis & Design SECURITY Cleanup & Compliance Visibility Agile but Risky BUSINESS AGILITY 6

  7. SecureChange: Policy-Based Automation Agility Efficiency Security Compliance 7

  8. SecureChange: Policy-Based Automation Agility Efficiency Security Compliance 8

  9. • Automate the change process end-to-end to speed up SecureChange implementation Maximizes • Skip security approvals for low risk changes Agility with • Avoid errors and reduce rate of redos Zero-Touch • Out of the box integration with leading ticketing Automation systems and an open API to facilitate integration with custom portals 9

  10. Automate the Change Process End-to-End Build an automated workflow process: • Auto steps • Skip steps • Dynamic assignment 10

  11. Improve SLA and Eliminate Redos • Automated design and implementation • Automated verification 11

  12. OOTB Integration with Leading Ticketing Systems Open Ticket Update/close Ticket Available on ServiceNow Marketplace 12

  13. Maximizing Agility: Proof Points Slovak Telekom reduced the time to implement changes from 1 week to 1 day RWE reduced change implementation from 6-8 days to 6 hours Leading global A leading global hotel chain reduced the SLA for hotel chain implementing changes from 15 days to 2 days 13

  14. SecureChange: Policy-Based Automation Agility Efficiency Security Compliance 14

  15. • Manage changes consistently from a central console • Automate manual time-consuming tasks: SecureChange - Change analysis and design Increases - Change provisioning and scheduling Efficiency and - Firewall admin tasks Helps Reduce • Automatically identify and close changes that are Costs already implemented • Measure productivity gains with an executive dashboard 15

  16. Manage Changes From a Central Console Across Vendors Save time and resources by managing changes across the hybrid network 16

  17. Automated Target Selection Based on Accurate Topology Save time and resources invested in searching for the right target device 17

  18. Automated Design Aligned with Policy Optimization • Save time and resources invested in planning the change • Avoid adding shadowed rules 18

  19. Schedule Changes Based on Change Windows Automate the change from request to implementation and adhere to organizational standards 19

  20. Automate Firewall Administration Tasks Build an automated process for: • Rule decommissioning • Server decommissioning • Group modifications • Rule recertification • Server cloning (coming soon) 20

  21. Example: Automate Group Modification Save time and effort on making changes to firewall network object groups with automation 21

  22. Automatically Close Changes Already Implemented In some cases: 20% of all changes 22

  23. Measure productivity gains with an executive dashboard Easily demonstrate efficiency and service level improvements to management 23

  24. Increase Efficiency: Proof Points Time and effort of change submission and staging reduced by 50%-75% = eliminate the need to hire 3 more people “ ” Leading Telecom Change Request Processing has gone from 4 hours to Provider in the US 4 minutes • 75% of requests were already implemented Leading Insurance • Average time for changes was 10-14 days and was Company in the US cut to a few hours 24

  25. SecureChange: Policy-Based Automation Agility Efficiency Security Compliance 25

  26. • Automated firewall cleanup to tighten security posture Tighten • Automated, proactive risk analysis to control policy Network violations Security • Automated change design, implementation and Posture with verification to eliminate risky misconfigurations SecureChange • Granular control of the process automation level • Open APIs to achieve security automation 26

  27. Automate Firewall Cleanup to Tighten Security: Rules Automatically decommission redundant rules identified in SecureTrack 27

  28. Automate Firewall Cleanup to Tighten Security: Servers Automatically decommission servers to streamline migration and remove redundant access 28

  29. Automated and Proactive Risk Analysis Identify potential violations to the unified security policy 29

  30. Mitigate Risky Changes Before Implementation Escalate for approval, add an exception, or send back to the requester 30

  31. Automated Provisioning Reduces Misconfigurations Automatically provision changes across vendors and platforms to maximize accuracy and security 31

  32. Granular Control of the Process Automation Level Complete flexibility to accommodate the right level of control required 32

  33. Open APIs: Scan for Vulnerabilities Check hosts or vulnerabilities as part of SecureChange risk assessment Tufin sends destination(s) and source(s) to Vulnerability Scanner and triggers a scan Ticket is created in SecureChange or triggered by ticketing system Results are added to ticket risk analysis 33

  34. Open APIs: SIEM Integration Source, Destination, and Service sent to SIEM SecureChange SIEM queries correlated vulnerability data to determine risk SecureChange incorporates risk data into the ticket SecureChange 34

  35. SecureChange: Policy-Based Automation Agility Efficiency Security Compliance 35

  36. • Auditable change process to align with organizational Achieve guidelines (e.g. separation of duties) Continuous • Proactive risk analysis to avoid violations Compliance with • Full documentation of ticket history SecureChange • Baked-in Policy Rule justification and recertification to comply with internal and regulatory mandates 36

  37. Proactive Risk Analysis Identifies Compliance Violations The USP has templates and guidance to help comply with: • PCI • NERC • HIPAA • GDPR • Best Practices And more… 37

  38. Full Audit Trail and Complete History Complete documentation of all changes 38

  39. Rule Recertification Process to Enforce Compliance Automate and streamline recertification 39

  40. Automated Change Authorization in SecureTrack Compare change implemented to access requested 40

  41. Tufin Orchestration Suite Enterprise Applications SecureApp ™ Application Connectivity Automation IT Service Management RESTful APIs SecureChange ™ Network Change Automation Scripting & Automation SecureTrack ™ Security & Compliance Other 3 rd Party Infrastructure Abstraction Layer Solutions Firewalls Networks Private Cloud Public Cloud 41

  42. Security Policy Automation for Cloud and Containers • Gain app-centric visibility of security risks • Define and control cloud-native security policies • Identify compliance violations pre-deployment • Gain visibility into microservices environments • Enforce network policy across microservices and firewalls • Integrates with CI/CD to enable DevSecOps 42

  43. Managing Your Security Policy – Everywhere PUBLIC TRADITIONAL PRIVATE MICROSERVICES NETWORKS CLOUD CLOUD SECURITY POLICY A continuum from the macro to the micro 43

  44. Why Tufin? • Accurate end-to-end change design and automation • Open and customizable • Firewall cleanup automation • Enterprise readiness 44

  45. The Security Policy Company 45

  46. Thank You Tufin: Maximizing Agility and Security

Recommend

More recommend