Best Practices to Manage Security Across a Software Defined Network

Software defined networks (SDNs) offer an agile and scalable network option, yet the lack of visibility presents a huge challenge for the security and network operations teams who need to secure and manage it.

An overview of AlgoSec's vision, solution, customers, partners, corporate values and achievements.

Does the following scenario sound familiar? Your network complexity is getting out of hand with too many firewalls, routers, switches, secure web gateways and more, as well as the related security policies. New network security devices with more granular and different types of controls have recently been or are being deployed in the network. At the same time the business is putting more demands on you to manage "ASAP" with requirements changing regularly. You don't have proper visibility of the security policies, compliance audits are a major burden, you can't keep up with all of the changes and you can't possibly know the impact of a security change or risk to a application that is critical to the business. If any or all of the above sounds familiar, you're not alone. Many enterprise networks are too complex, with numerous security devices and thousands of policies that must be managed across multiple vendors, different stakeholders and geographical locations. As new security technologies from different vendors are introduced into production environments, organizations not only have a maturity level in terms of what devices and capabilities are deployed, but also with regards to how the security policy is managed. From our work with more than 1000 enterprises from around the globe, we have been able to gain valuable insights used to craft the security policy management maturity model. This maturity model can help organizations recognize their current environment and to provide a roadmap for simplifying security policy management and gaining the crucial business perspective that is often lacking. I'm pleased to be joined on a webcast tomorrow with Eric Ogren of The Ogren Group, where we'll examine the security policy management maturity model and: Explore the challenges involved with managing the security policy such as understanding network topology and traffic flows, application connectivity requirements, risks in the policy, the purpose of each rule in the estate, and much more; Drill down into the benefits that can be achieved at each level; Offer recommendations for moving to a more automated and application-centric approach that involves security administrators, network operations, compliance officers, application owners and senior management. I hope to see you on the webcast tomorrow and get your feedback on the maturity model.

Cloud computing provides improved security, agility, and flexibility. However, integrating this new service into legacy IT environments comes with some great concerns. In a recent survey conducted by the Cloud Security Alliance (CSA) and AlgoSec, security, data loss and compliance were identified as the top 3 concerns when moving to the cloud.