DevOps is a very exciting practice/approach/movement/cult that advocates automation, agility, and basically empowering the application developers to have full control (and responsibility) for their applications.
However, one of the areas in which application developers are still in the dark, is network security and connectivity. Their application must connect to external resources and accept connections from remote clients, but the developers have little visibility and control over those connections (and the network security devices allowing or blocking them).
This is painful during the development cycles, when a new connectivity requirement is introduced, and the developer has no idea if this connectivity is currently allowed or not (he obviously doesn’t have access to the firewall policies, etc., and even if he did, probably doesn’t know where to look, how the relevant connections traverse through the network, etc.). So developers typically have to go through some long and tedious cycle of opening a change request with network security, only to find out at the end (in some cases) that no change was actually needed. This lack of visibility slows things down, which is exactly what DevOps is trying to avoid.
But it’s also a problem after the application is already in production, and suddenly stops working or has some problems. Is it the firewalls? Other network issues? Hardware issues? Something in the code? Hard to tell.
I recently described how to solve the network connectivity gap in this blog post, but I would also like to suggest another way to give application developers the visibility they need.
The answer is AlgoBot.
AlgoBot is a chat bot, that knows stuff about network security and connectivity. You can chat with AlgoBot, e.g. in Slack or Skype4Business, and ask things like ‘Is https allowed from 192.168.88.2 to www.google.com?’, and you will get your answer in seconds!
You can also ask AlgoBot ‘what is the connectivity status of the Payroll application?’, to address that malfunctioning application troubleshooting issue.
How does AlgoBot know all these things? It connects to AlgoSec on the backend via APIs, and performs traffic simulation queries, or application connectivity checks, just like you would do from the AlgoSec UI.
So we empowered the application developers, and they can use an intuitive, self-service and interactive interface to obtain the information they need (and only that). But we also freed the (busy) network security team from taking all these calls, checking security policies, and basically getting distracted when trying to do the real important stuff.
Oh, and one more thing – I mentioned AlgoBot is friendly and intuitive. Did I mention is speaks English, French, German and Portuguese… ?
Receive notifications of new posts by email.