Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
Download as PPT, PDF1 like1,624 views
The document discusses the complexities and challenges of managing security policies in multi-cloud and hybrid cloud environments, highlighting that organizations face issues like visibility, governance, and compliance. It notes a significant investment in public cloud resources and the need for more security personnel to address cyber threats. The importance of unified control and visibility across networks is emphasized, alongside the role of various stakeholders in security management.
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
- 1. Managing Security Policy Across Multi-Cloud and Hybrid Cloud Networks Yitzy Tannenbaum Product Marketing Manager
- 2. poll 2 | Confidential How many public cloud vendors does your organization leverage? • We are not yet in the cloud yet • 1 vendor • 2 vendors • 3 or more vendors While we wait for our audience to join please vote using the “Votes” tab in your BrightTALK panel
- 3. Welcome Have a question? Submit it via the chat This webinar is being recorded! Slides and recording will be sent to you after the webinar 3 marketing@algosec.com
- 4. Everyone’s moving to the cloud 4 | Confidential 2015 2016 2017 2018 2019 2020 050100150200 67 82 99 117 138 162 The Rapid Growth of Cloud Computing, 2015-2020 Worldwide Spending on public Cloud Computing, 2015-2020 ($B) Average Compound Growth Rate, YE2015-YE2020, 19% IT Spending Average Compound Growth Rate, YE2015-YE2020, 3% * Source: IDC, 2016 83% Of Enterprise Workloads Will Be In The Cloud By2020 - Forbes
- 5. Nearly 80% of IT organizations are currently deploying, or are planning to implement, multi-cloud environments. -IDC 01 Nearly a third of organizations work with three to four cloud vendors. - Microsoft 02 5 | Confidential
- 6. Cost efficient Different unique features Avoid lock in Why multi cloud? 6 | Confidential
- 7. poll 7 | Confidential What are the biggest challenges for your organization engaging with public cloud today? • Security • Governance & compliance • Lack of visibility • Lack of experience Please vote using the “Votes” tab in your BrightTALK panel
- 8. Cybersecurity Insiders 2018 Cloud Security Report Everyone’s concerned about cloud security 8 Public Cloud Challenges What are the biggest challenges for organizations engaged with public cloud today? (Somewhat/Extremely large) UnplannedOutages 0% 10% 20% 30% 40% 50% 60% 70% 31% 37% 40% 47% 57% 58% 60% 66% * Source: Forbes
- 9. Network are complex and heterogeneous 9 | Confidential SDN Multi Public Clouds On-Prem
- 10. MANAGING SECURITY IN THE CLOUD IS COMPLEX MULTIPLE LAYERS OF SECURITY CONTROLS Cloud Infra Security Controls • Security groups • Network ACLS Security Products by ISVs • NG Firewalls (Checkpoint, Palo- Alto .. ) • WAF (Imperva, F5 .. ) 10 Security Products by Cloud Providers
- 11. In a multi and hybrid network there are many stakeholders 11 | Confidential Multiple Stake Holders Cloud Teams IT/ Network Security CISO Security Operations Application Developers / DevOps
- 12. Which team is responsible for managing security in the public cloud 12 | Confidential
- 13. IT leaders report needing to increase their security staff by 24% to adequately manage their organization’s security threats. –McAfee ‘Winning the Game’ 01 80% of organizations affected by cyber security skills gap -2018 Cyberthreat Defense Report 02 13 | Confidential
- 14. | Confidential Unified control of your entire network estate 14
- 15. The challenges managing a hybrid multi cloud environment Visibility Change Management Risk analysis ComplianceGovernanceApplication Connectivity 15
- 16. Visibility Full visibility into the entire network including deeply understanding the network topology and discovering the network flows between: • Multi-cloud environments • Vpcs and v-nets • Regions of same cloud providers • On-premise and cloud providers • The cloud environment and the internet • Traditional firewall in the cloud • Native cloud controls (Microsoft Azure NSGs) • On-premise devices
- 17. A single pane of glass into your entire network 17 | Confidential Native Cloud Security Models Virtual appliance in the cloud Traditional FW
- 19. Security Fundamentals Stay the Same Visibility Change Management Risk analysis ComplianceGovernanceApplication Connectivity 19
- 22. ? 22
- 23. ?
- 24. Security Fundamentals Stay the Same Visibility Change Management Risk analysis ComplianceGovernanceApplication Connectivity 24
- 25. application connectivity • Manage, provision and monitor application connectivity • Keeping an application- centric view across the different networks and security domains • Review vulnerabilities and risks • Enable devops automation through extensive APIs
- 26. Security Fundamentals Stay the Same Visibility Change Management Risk analysis ComplianceGovernanceApplication Connectivity 26
- 27. Risk analysis
- 28. Security Fundamentals Stay the Same Visibility Change Management Risk analysis ComplianceGovernanceApplication Connectivity 28
- 30. poll 30 | Confidential How much of your time is invested in audits? • Less than a week • 1-2 weeks • 2-4 weeks • 1-2 months • 2+ months !!! Please vote using the “Votes” tab in your BrightTALK panel
- 31. Manual Audits Slow Down Business and are Error-Prone 26% 29% 27% 12% 6% <1 week 1-2 weeks 2-4 weeks 1-2 months 2+ months Time devoted to firewall audits each year 31
- 32. ?
- 33. ?
- 34. summary • Networks are complex: • Multiple cloud vendors • On-prem, private and public cloud • Multiple stake-holders • Easy to achieve agility, harder to keep it secure • Visibility • Change management • Application connectivity • Risk analysis • Compliance • You can apply your security guidelines in the cloud if you choose the right tools 34
- 35. Q & A You are also welcome to request a demo and email questions marketing@algosec.com
- 37. upcoming webinars https://www.algosec.com/webinars NOVEMBER WEBINARS Breaking Out of the Perimeter without Breaking Security When: Nov 6th By: Yonatan Klein, Director of Product Management Have it All: Achieving Agility and Security with Automation When: Nov 19th By: Yoni Geva, Product Manager DECEMBER WEBINARS Focus on FinTech: Network Security Policy Management Best Practices When: Dec 12th By: Anner Kushnir, VP Technology Network Security Policy Management: Tips & Tricks When: Dec 17th By: Dania Peretz, Product Manager ---Sign up now ---
- 38. 38 Join our community Follow us for the latest on security policy management trends, tips & tricks, best practices, thought leadership, fun stuff, prizes and much more! Subscribe to our YouTube channel for a wide range of educational videos presented by Professor Wool youtube.com/user/AlgoSe c linkedin.com/company/AlgoSec facebook.com/AlgoSec twitter.com/AlgoSec www.AlgoSec.com/blog
- 39. THANK YOU! Questions can be emailed to marketing@algosec.com