2021 02-17 v mware-algo-sec securely accelerate your digital transformation webinar
0 likes543 views
The document discusses the integration of VMware NSX and AlgoSec in enhancing network security for digital transformation. It emphasizes the need for a modern approach to securing the data center using automated policies and intelligent automation to ensure compliance, visibility, and efficient change management. The partnership aims to reduce risk, strengthen cybersecurity posture, and streamline security operations across hybrid environments.
2021 02-17 v mware-algo-sec securely accelerate your digital transformation webinar
- 1. SECURELY ACCELERATE DIGITAL TRANSFORMATION Brian Heili — VMware Jeremiah Cornelius — AlgoSec
- 2. Brian Heili 2 | Confidential PRESENTERS Network Security Solution Engineer and Ambassador for the Office of the CTO Jeremiah Cornelius Technical Leader, Alliances and Partner
- 3. AGENDA VMware NSX and the Service-Defined Firewall 2 3 4 5 AlgoSec and Intelligent Automation for Security Visibility, Compliance and Change Management Joint Value - AlgoSec and VMware Questions … and Answers! 3 | Confidential
- 4. DIGITAL TRANSFORMATION: VMWARE NSX AND THE SERVICE-DEFINED FIREWALL
- 5. Traditional approach SECURING THE MODERN DATA CENTER REQUIRES A NEW APPROACH Realities Built for the User Perimeter, not the Data Center Complex to insert into the network Unable to dynamically scale Blind spots and Lack of Controls for East West traffic Inconsistent and Unmanageable Policy Expensive (HW, SW, Maintenance, Power, Cooling, Cabling, Rack Space) IDS/IPS FIREWALL 5 | Confidential
- 6. Solves Traditional Challenges NSX SERVICE-DEFINED FIREWALL Solution Hypervisor Based L4-7 FW with Advanced Threat Prevention Distributed architecture eliminates hair pinning of traffic Easy to Deploy: No Physical Network Changes Required Automatic Policy Provisioning and Deprovisioning Consistent policy across critical workloads More Cost Effective (Typically 50% Less) FIREWALL IDS/IPS 6 | Confidential
- 7. Web_tier Automated and Dynamic Policies MASSIVELY SIMPLIFY OPERATIONS DB_tier X New workloads inherit policies + App_tier X X Policy is retired with the workload Policy moves with workload, no dropped connections 7 | Confidential
- 8. SECURING THE MODERN DATA CENTER Create zones in software with no network changes Quickly deploy compliance & audit requirements Threat detection and response beyond the perimeter Automatically correlate, validate and defend against advanced threats Policy deployment and lifecycle management Security infrastructure as code Maintain consistent security across workloads in private data centers and the cloud Threat Prevention Security Policy Automation Consistent Security Segmentation 8 | Confidential
- 9. 9 | Confidential DIGITAL TRANSFORMATION: ALGOSEC INTELLIGENT AUTOMATION
- 10. Manage Integrate CRM Trading Systems ERP BUSINESS-DRIVEN SECURITY MANAGEMENT THE ALGOSEC ECOSYSTEM
- 11. Operational Framework Layer Security Layer Firewalls Routers Web Proxies Load Balancers Security Groups Physical Networks Private Cloud/SDN Public Cloud Implementation Integration AppChange ALGOSEC INTELLIGENT AUTOMATION FRAMEWORK Application Framework Layer Implementation Integration Ticketing Systems GRC Systems SIEM/SOAR Systems Orchestration AppViz Syslog & Traffic Data Authentication Authorization CMDB Data Vulnerability Scanners
- 12. Security Layer Firewalls Routers Web Proxies Load Balancers Security Groups Physical Networks Private Cloud/SDN Public Cloud ALGOSEC INTELLIGENT AUTOMATION FRAMEWORK Application Framework Layer Implementation Integration AppViz Operational Framework Layer Implementation Integration AppChange Analyze, Monitor & Visualize Automate, Integrate & Manage Discover & Understand Operational Efficiency and Accuracy Ticketing Systems GRC Systems SIEM/SOAR Systems Orchestration Syslog & Traffic Data Authentication Authorization CMDB Data Vulnerability Scanners
- 13. TRANSFORMATION OF NETWORK SECURITY MANAGEMENT Visibility into the Entire Network Agile and Secure Change Management Risk and Compliance Effective Collaboration between all stakeholders 13 | Confidential Digital Transformation – Intrinsic Security with Intelligent Automation
- 14. 14 | Confidential DIGITAL TRANSFORMATION: VISIBILITY INTO THE ENTIRE NETWORK
- 15. CHALLENGE: VISIBILITY INTO THE ENTIRE NETWORK 15 | Confidential Multiple Environments: On-prem, public clouds and private clouds Multiple security Vendors Difficult to understand the network structures and flow paths Lack of association between business applications and their related rules and connectivity flows Intrinsic Security and the Hybrid Legacy
- 16. FULL NETWORK AND APPLICATION VISIBILITY • Visibility and analysis of complex network security policies across technologies, vendors and operational systems • Automated discovery and mapping of business applications • Understand the impact of network flows and security controls on application-network connectivity • Correlate risks and vulnerabilities to firewall policies 16 | Confidential
- 17. 17 | Confidential DIGITAL TRANSFORMATION: RISK AND COMPLIANCE
- 18. CHALLENGE: RISK AND COMPLIANCE 18 | Confidential Keeping up with internal and changing regulatory standards Audit preparation is timely and effort-extensive Maintaining ongoing documentation and audit trail Identifying risk across the entire network Understanding the business impact of vulnerabilities
- 19. AUTOMATE & ENSURE A CONTINUOUS STATE OF COMPLIANCE Automatically Document Network Changes Analyze Existing Risks and Flag Any New Changes for New Risks Get Audit-ready Compliance Reports Tie Vulnerabilities to Business Applications and Firewall Rules Digital Transformation – Intrinsic Security with Intelligent Automation
- 20. 20 | Confidential DIGITAL TRANSFORMATION: AGILE AND SECURE CHANGE MANAGEMENT
- 21. CHALLENGE: AGILE AND SECURE CHANGE MANAGEMENT 21 | Confidential Handling multiple vendors and technologies via various platforms Lack of skilled personnel Enforcing security policy consistency Identifying and mitigating risks
- 22. CHANGE MANAGEMENT AND AUTOMATION 22 Automatic design • End-to-end: multi- vendor, multi-platform • Optimized changes, eliminate human error Zero-Touch policy push automation Full documentation and audit trail What-if security check DevOps friendly Consistency across the entire network, including multiple clouds and hybrid environments 22 | Confidential
- 23. JOINT VALUE - ALGOSEC AND VMWARE MITIGATE RISK Strengthen your cybersecurity posture by reducing your attack surface and prevent lateral movement ENSURE COMPLIANCE Eliminate visibility and security blind-spots you get from misaligned controls with traditional approaches SIMPLIFIED SECURITY ARCHITECTURE Radically simplified deployment and architecture eliminates the need for complex network changes ACCELERATE OPERATIONS Security policy that moves at the speed of development — align heterogenous controls with VMware’s service-defined firewall 23 | Confidential Transformation – Intrinsic Security with Intelligent Automation
- 25. ALGOSEC AND VMWARE — RESOURCES 25 | Confidential Transformation – Intrinsic Security with Intelligent Automation • VMware NSX Service-defined Firewall - •https://www.vmware.com/security/internal-firewall.html • VMware NSX Service-defined Firewall Data Sheet https://www.vmware.com/content/dam/digitalmarketing/vmware/e n/pdf/products/vmware-nsx-service-defined-firewall.pdf • Partner Solution Brief: AlgoSec & VMware NSX https://www.algosec.com/wp-content/uploads/2016/03/AlgoSec- and-VMware-WEB-1.pdf
- 26. THANK YOU