There’s no shortage of reports on the latest network security breaches. Each incident holds its own valuable security lesson but it’s beneficial to recognize the incremental successes paving the way to progress.
That’s exactly what Reuven Harrison of Fortinet’s solution partner Tufin did in a blog published last week.
Tufin is a security lifecycle management solution provider working with large organizations to enhance their security, ensure business continuity and increase operational efficiency. Tufin bolsters FortiGate multi-threat security appliances with management of complex multi-vendor environments and streamlining of security operations.
In his blog, Harrison discusses what Tufin calls the “network abstraction layer” and how it is an incremental win that addresses security challenges in meaningful ways without causing spikes. Here’s how he breaks out the main challenges facing enterprises:
- Complexity and Criticality: Networks have always been complex systems to manage, but these days networks are critical for delivering business solutions. Not only are these systems more complex, but companies are more reliant on them than ever.
- Limited Resources: As the number of projects increases, the workload on network and security teams grows with it. But, these teams are undergoing downsizing and outsourcing, making the two balance is a constant challenge.
- Constant Change: The reliance of business on IT, combined with the dynamic, competitive nature of modern business, accelerates the pace of change. Every day, we process dozens of change requests to enable new access, new services and new applications that need to occur ASAP.
These challenges, says Harrison, present a tradeoff. A closer look at a common denominator shows they’re all related to the computerization of business over the last decade. Thinking about IT architecture has shifted to keep up and remain competitive. While some aspects of IT – user management, server management and application release management – have become automated, network change automation is still lagging. It’s now time to implement network automation and bring this IT silo up to speed. But, he says, a little magic is required to automate a network.
As Harrison explains it: Unlike servers and users, which are mostly standalone items, networks are complex systems with interdependences. An effective network automation solution must take a holistic approach and be able to implement changes across multiple subnets and technologies from different vendors with minimal human intervention. It should also consider security factors and deliver continuous compliance.
Tufin calls this magic the network abstraction layer. Harrison describes it as a network model that includes routing, NAT, security policies, layer 2.5 configurations, virtualization and load balancing, all hidden from an end user who can make a simple request: “Allow these two systems to communicate with each other.”
A good network abstraction layer, says Harrison, enables a computer to design network changes accurately and securely – and this is the future of network automation.
- See more at: http://blog.fortinet.com/Tufin-Talks----Magic----in-Network-Security-Abstraction/#sthash.kAVdiWTJ.dpuf
No comments:
Post a Comment