Does the following scenario sound familiar? Your network complexity is getting out of hand with too many firewalls, routers, switches, secure web gateways and more, as well as the related security policies. New network security devices with more granular and different types of controls have recently been or are being deployed in the network. At the same time the business is putting more demands on you to manage “ASAP” with requirements changing regularly. You don’t have proper visibility of the security policies, compliance audits are a major burden, you can’t keep up with all of the changes and you can’t possibly know the impact of a security change or risk to a application that is critical to the business.
If any or all of the above sounds familiar, you’re not alone.
Many enterprise networks are too complex, with numerous security devices and thousands of policies that must be managed across multiple vendors, different stakeholders and geographical locations. As new security technologies from different vendors are introduced into production environments, organizations not only have a maturity level in terms of what devices and capabilities are deployed, but also with regards to how the security policy is managed. From our work with more than 1000 enterprises from around the globe, we have been able to gain valuable insights used to craft the security policy management maturity model. This maturity model can help organizations recognize their current environment and to provide a roadmap for simplifying security policy management and gaining the crucial business perspective that is often lacking.
I’m pleased to be joined on a webcast tomorrow with Eric Ogren of The Ogren Group, where we’ll examine the security policy management maturity model and:
I hope to see you on the webcast tomorrow and get your feedback on the maturity model.
Receive notifications of new posts by email.